(Use Google Chrome or Mozilla Firefox to secure your place)

Staying Ahead of the Pace of Change in Cyber Security

By design, the CISO role evolves rapidly in accordance to the exponential increase of technology—and its threats. The global pandemic has further necessitating strong cyber security operations during this unprecedented time where habits are changing and new doors to digital vulnerabilities are opening. Even the federal government released an alert regarding cyber security concerns of telecommuting corporations. In parallel, forward-thinking cyber criminals are creating sophisticated ways to breach security, such as leveraging AI and digital assistants. CISOs are tasked with protecting company assets, but it takes the cooperation and adherence of the entire enterprise to keep the frontlines safe. Globally, enterprise cyber security investments are forecasted to hit $133.7 billion by 2022, as reported by Gartner, but that was before the onset of the global pandemic. In order to get the most out of such a large investment, the CISO is tasked with creating, managing, and disseminating a solid cyber security strategy across the enterprise.

Thus, the importance of the CISO role has never been more apparent. Cyber Security Digital Summit: APAC 2020 (ONLINE) examines strategic approaches, new ways of operating, and the hard and soft skills necessary to ensure enterprise adherence.


Developing strong cyber security standards and frameworks

How to keep the enterprise secure with an onslaught of remote workers

How ever-changing regulations affect compliance

Examining the role the global pandemic plays in enterprise cyber security

Security Awareness: Why ransomware, malware, phishing and whaling schemes work and how to prevent them

Exploring the scope of the CISO role as both a technical leader and business leader

Preparing for the future of cyber security, including new AI threats and regulation & compliance changes


Access to cutting edge content and world class speakers from the comfort of your desk

Podcasts: Downloadable mp3 recordings of all presentations

Downloadable slides you can review again and again

Opportunity to meet cutting edge technology providers

Day One: 14 July 2020
Chairman´s Opening Remarks

Always Be Testing, Always Be Assessing, Always Be Prepared
Parag Deodhar, Director - Information Security, Asia Pacific, VF Corporation

No matter the level of detail for a corporate enterprise BCP- a global pandemic affecting the entire globe was not included. That said, we are now all working with the assumption that this current pandemic will not be the last- and that we should expect further- even more regular- complete and total global disruption moving forward. Cyber Security executives are of course acting accordingly. To that end and per the session title- VF’s Parag Deodhar explains his philosophy moving forward.

Parag outlines three concepts to his new mantra:
  • Know the who, what, where, when and why of your assets to get a better understanding of the attack surface to define your strategy accordingly
  • Continuously review your assumptions which were true and valid to ensure they remain true and valid
  • Truly understand your indicators of and controls for current and future security risks
Those concepts of the mantra find themselves in three key pieces to managing the unknown:
  • Testing:
    • Realizing that even if you’re ‘best in class,’ you are never doing enough testing
    • Staying ahead of emerging new threats
  • Assessment:
    • Continuously doing risk assessments with new partners, new tech, new processes and new controls
  • Preparation:
    • Zeroing in on resources, management and technology as opportunities
    • Updating/scaling current or sourcing new tech
    • Understanding your people paradigm and plotting a path forward for your talent
    • Unpacking your processes and optimizing for a secure enterprise
10:00 – 10:45am SGT
Adopting a Zero Trust Security Model
Sami Laine, Director of Technology Strategy, Okta 

When companies moved their workforces to home offices in response to COVID-19, the IT security environment changed overnight. No longer could organisations maintain a network perimeter-centric view of security. At the same time, savvy hackers saw the change as an opportunity to target employees with phishing attacks.

Learn how you can enable employees and other users to access sensitive data and networks regardless of their location, device or network while still maintaining the highest levels of security.

This session discusses:
  • How a Zero Trust approach ensures the right people have the right level of access, to the right resources, in the right context, and that access is assessed continuously — all without adding friction for the user
  • Steps you can take to begin implementing a Zero Trust architecture today
11:00 – 11:45am SGT
The Evolving Role Of The CISO And Rise Of Digital Risk
Nick Savvides, Strategic Business Director, APAC, Forcepoint

The role of the CISO has changed considerably over time, from the old days of being the niche executive, fulfilling a key but often maligned part of the business, to more recently as a critical business leader.

The last few years have elevated the CISO to be part of the business and a business enabler but that is no longer enough in a Digitally Transformed enterprise. Every aspect of our businesses have been touched by Digital Transformation including cyber-security. It has giving rise to all new cyber-security problems, but also to new business risks. Digital Risk as an adjacency to traditional enterprise risk has developed as practice.

Tomorrow’s CISO’s must understand not just enterprise risk, but digital risk, blending both cyber-security and business priorities, all while effectively integrating into the leadership and operations of the digital business. It is no longer enough to be a business enabler, but a business partner and accelerator of change.

This session examines this change, the future outlook and how to prepare for it.

12:00-12:45pm SGT
Defending Holman Webb with Cyber AI
Eugene Low, Regional Director for Southeast Asia and South Asia, Darktrace
Steve Ferhad, CTO, Holman Webb Lawyers

Business leaders face the urgent challenge of protecting their distributed workforce and cloud tools from the increased risk of cyber-attack.
Traditional security defenses define threats based on predefined rules and signatures. Darktrace Cyber AI instead understands your entire digital environment across cloud and SaaS, email, IoT and industrial networks, for every user and device. With Darktrace Cyber AI, emerging cyber-threats are autonomously detected, neutralized, and investigated – before damage is caused. 

In this session, hear how Steve Ferhad of Holman Webb Lawyers, who discuss how they embrace Cyber AI to counter the challenge of protecting them and their dynamic workforce.

1:00 - 1:45pm SGT
Putting the ‘Sec’ into DevOps
Matt Rose, Global Director of Strategy, Checkmarx
Harald F. Battran, Director - Cloud Trust, PwC Singapore

Automation and DevOps have changed the way organizations deliver products. The shift towards DevOps made it pretty clear that companies are adopting this organizational model in order to facilitate a practice of automated software deployment. While the traditional idea of a “software release” dissolves away into a continuous cycle of service and delivery improvements, organizations find that their traditional application security solutions are having a hard time to adapt to the new process and security becomes an inhibitor to the complete process.

In this session, you’ll learn how different organizations adopted security into their DevOps processes. What obstacles need to be addressed when introducing AppSec to DevOps and when should Sec be added to DevOps?

Join us to:
  • Discover which obstacles should be expected and how to overcome them
  • Understand what functionality is key to enable real automation of your AppSec program
  • Explore the benefits of having security as part of your DevOps automation (what’s in it for me)?

2:00 - 2:45pm SGT
Your New Reality Of Remote Work is Not Secure
Dovid Clarke, CISO, Head of Cyber Security & Risk, MMG Limited

Dovid Clarke's time in the military taught him to trust but verify. He's verified the situation, your new reality of remote work for your enterprise is not secure. The threat landscape has simply become too vast for cyber security executives to think otherwise. We discuss the answers to five key questions to ensure that your new reality of remote work is more secure by the end of the day, week, month and year respectively:

  • Do you know your risk appetite?
  • Are you aligned with your enterprise risk process?
  • What’s your mix of protect (identify) and detect(respond and recover)?
  • How have you changed your communication patterns?
  • Is your team the innovation team?

Day Two: 15 July 2020
Chairman´s Opening Remarks

8:15-8:40am SGT
Cloud Security In The New Normal
Tony Low, EXCO, The Association of Information Security Professionals (AISP)

  • Overview of cloud usage in Asia before COVID-19 pandemic, by organisations
  • Rise in the cloud usage in Asia during COVID-19 pandemic, and possibly, post-COVID crisis.
  • Potential gaps in organisation’s cloud security
  • Considerations on strengthening cloud security
  • How cross-border collaboration involving associations can raise competencies and capabilities in cloud security

09:00 – 09:45am SGT
Discovering A Brief History Of Cyber Security & Our Latest Inflection Point
Jay Spreitzer, Long-Time Cyber Security Expert & Practioner

Jay Spreitzer has been in the cyber security industry since it's infancy. He understands how not only the industry, but- like him- most initial talent came from the military. The Target breach changed everything as did DDoS attacks in the Financial Services industry. He provides his thoughts on these initial tent-pole events as well as the steady and systematic rise of malware and automated attacks. Finally Jay shares how our collective move to remote work has provided an inflection point from which we'll still be learning from into the future.
  • An industry and initial group of executives born in the Military
  • The Target breach which changed everything
  • DDoS attacks in Financial Services
  • The steady and systemic rise of Malware
  • A realization of the shortage of personnel vs. increase in automated attacks
  • The iterative remote worker evolution and eventual remote worker revolution
10:00 – 10:45am SGT
Comparing CASB Technologies for Cloud Security: What’s the Difference?
Jonathan Andresen, Senior Director Marketing, Bitglass

Enterprises are embracing cloud computing but few have fully considered the risks associated with device-to-cloud transformation from security breaches to data loss issues. Cloud access security brokers (CASBs) are often described as the firewall for the cloud and are the go-to solution to secure cloud services for many organizations. CASBs provide a breadth and depth of functionality that is indispensable for securing your data across applications, devices and networks. Yet not all CASBs are created equal, and it can be a challenge to identify which solution to deploy. From capabilities to the security of underlying architectures, there is much to consider.

In this exclusive session we will cover:

  • The major differences between CASB architectures
  • CASB deployment modes and how they provide different data protection
  • Key items you need to consider to secure any app or device
  • Practical use cloud security use cases that can apply to your organization

11:00 – 11:45am SGT
Mobile-centric Zero Trust Security Framework
Alex Mosher, Global VP Solutions, MobileIron

How should organizations reinvent themselves to drive digital transformation in the post-COVID-19 world? Infrastructure and operations leaders should implement an Everywhere Enterprise Zero Trust strategy focused on enabling dispersed workers and distributed infrastructure to serve customers everywhere.

Passwords are no longer sufficient protection against breaches because users are accessing information from a variety of untrusted devices, apps, networks, locations and services. So, in the reality of today's security world how does an organization protect itself? One answer is with a Zero Trust approach and framework to security. But with numerous theories about Zero Trust, how do you ensure that you've taken the right approach? in this session, discover how to:
  • Drive business innovation with mobile productivity by giving employees the ability to use mobile, cloud and endpoints
  • Enforce corporate security without impacting the user experience
  • Redefine enterprise security strategies to address a perimeter-less environment

12:00-12:45pm SGT
A New World Order needs a New GRC Approach!
Blair Hasforth, Account Executive, OneTrust

The world is different and will be different after this global pandemic. We are all more digital. Whether intentional or not we are collecting more data, both organisational and personal. The speed of change has found two extra gears, maybe three. Our network perimeter is wider, more diverse, more susceptible to attack. Our applications are more diverse, increasingly cloud based. We can now imagine many more types of crisis than before.
To meet these challenges our GRC needs to be Agile, so that we can be AntiFragile, in order to face this rapidly changing world. OneTrust’s dynamic platform is built to be part of the process, to manage; risk, compliance, security, privacy, vendors to prepare us for whatever our futures bring. It’s time for a new GRC Approach.

1:00 -1:45pm
Visibility: A Foundation To Effective Security
Vladamir Yordanov, Sr. Dir. Solution Engineering, APAC, Gigamon

In this session we will cover how to build an effective and resilient cyber security solution with holistic visibility and information collection from all points of the IT infrastructure - physical, cloud and hybrid. We'll speak to how organizations can eliminate blind spots across the network, detect encrypted and hidden command-and-control channels, malware activities, unauthorized data exfiltration and more, quicker, while leveraging existing security investments. We'll discover how to eliminate blind cyber-defence spots and ensure maximum efficiency of the detection and protection security systems by providing the right information to the right tools. And we'll discuss how to build flexible and adaptable cyber defence architecture while maintaining or lowering cost of ownership.

2:00 - 2:45pm 
Engaging In A Paradigm Shift On The Definition Of Secure
Jeff Campbell, CISO, Horizon Power

Jeff isn't satisfied with the fact that the migration to our current reality went smoothly. As that reality evolves, his focus remains steadfast on what matters most- a secure enterprise. Lessons have been learned in dynamic shifting of resources. As we move from cloud migration to cloud evolution, Jeff has everyone in the organization focused on a constantly forward thinking cyber security mindset.

  • Enabling a zero trust model
    • A must with a decentralized workforce
  • Engaging in step-change thinking for BYOD/CYOD mentality
  • Moving on from cloud migration to cloud evolution
  • Truly honing in on critical assets and rich data sources
  • Divining your next cyber security mindset- test, iterate, find a fit
End of Online Summit



          Heads and Directors of Cyber Security

          Heads and Directors of Information Security

          Heads and Directors of IT

          Providers of cyber security solutions, services and software

          • Cyber Security executives who want to hear from and engage with their peers on similar pain points/challenges faced within the APAC region
          • Attendees of IQPC Cyber Security events that missed sessions or want to re-listen
          • CS professionals based outside the APAC region who want to learn from APAC market case studies