apsg cm4020 - event
TRANSCRIPT
conferences
Cyber attacks are growing everyday in strength across the globe – and unfortunately not every battle will be won.
Keeping ahead of regulatory changes whilst building a strong IT architecture is the only mechanism for safeguarding your future.
Jamie Dimon, CEO JP Morgan Chase
Hilton Singapore
9th – 11th March 2015
Featuring Half-Day Workshop:Cyber Intelligence: Collation and Analytics Tools and Techniques for Cyber Resilience Facilitated By:Dr Raymond Choo Research DirectorCloud Security Alliance, AustraliaDr Raymond has consulted top tier organisations around the Asia Pacific region and has 20 years of experience in consulting and forming cybersecurity frameworks and policies
Attend this Premier Forum and Gain Insights into:• Enhancing security frameworks based on future trends in
regulation• Mapping the nature of the unbounded cyber threat • Increasing your ROI on the IT architecture and resources deployed • Mastering the art of effective defence by leveraging big data and
behavioural analytics• Exploring cyber insurance as a risk transference framework• Developing cyber risk professionals by investing in human capital • Leveraging the cloud whilst keeping data security
In the Chair:Geoff Leeming Head of InfoSecurity Architecture & Engineering, InfoSecurity ChangeRBS, Singapore
Testimonials from Past Related Events:This is a useful event to share and gain knowledge in practices of other organisations.Standard Chartered Bank
Good, informative and an excellent networking conference in this region.Riyad Bank
The various speakers provided a practical insight into how security is practically implemented, a definite eye opener.Maybank
All aspects of security were covered from the cultural to the technological, from best of breed speakers.Westpac
Expert Speaker and Discussion Facilitator Panel: Parag Deodhar CISO AXA Bharti, India
Jayaraj Puthanveedu Director, APAC Regional Head of Business Continuity Management and Head of CSBC Deutsche Bank, Singapore
John O’Driscoll Senior Manager, IT RiskANZ, Australia
Leonard Ong Professional Advocacy CommitteeISACA, Singapore
Tim NeillHead, Situational Awareness & Rapid Response Unit Command and Control CentreStandard Chartered Bank, Malaysia
Murali Narasimhan Head Governance & Risk Analytics Group Information & OperationsCIMB, Malaysia
Ganesh Narayanan Head – Consulting Cybersecurity ServicesThales, Singapore
Andy ChowSenior Cyber Intelligence AnalystRBS, Singapore
Dr. Sarwono Sutikno Cybersecurity Nexus LiaisonISACA, Indonesia
Eddy Lee IT Risk & Security Manager QBE Insurance Asia Pacific, Hong Kong
Abhinav Singh Cybersecurity EngineerJP Morgan Chase, Singapore
Carrine Teoh Chooi Shi Head, Product Development and MarketingCybersecurity, Malaysia
Martin Leo Executive Director Risk ManagementMorgan Stanley Investment Management, Singapore
Sung-Ting Tsai(TT)Vulnerability Expert (Hacker) Team T5, Taiwan
Mike HarriesProgramme ManagerBank of America, Singapore
Jaisimha Diwakar AVP – Vulnerability ManagerBarclays Technology Centre, Singapore
Andrew ChongPrincipal IT ConsultantSingapore Government
Richard Wynn Executive Director AsiaHowden International, Singapore
Cyber Resilience in Financial InstitutionsMitigating cybersecurity risks through an analytical, governance and algorithmic framework
Half-Day Interactive Workshop on 26th November 2014:
Enabling IT risk management using COBIT 5 for Risk
Enjoy 400% Tax Deduction or 60% Cash Payout with Productivity and Innovation Credit (PIC). To find out whether your organisation is eligible for the PIC scheme, visit http://www.iras.gov.sg/irashome/PIcredit.aspx
Silver Sponsor:
P
Day One
Monday 9th March 2015
08:30 Registration and Coffee
09:00 Opening Remarks from the ChairGeoff Leeming Head of InfoSecurity Architecture & Engineering, InfoSecurity ChangeRBS, Singapore
09:10 Keynote Presentation:APAC is Under Attack! Preparing for the Next Frontier• Assessing the changing risk landscape • Understanding business disruption risks to the financial services sector• How well prepared are organizations in the region to respond to
disruptions caused by new wave of threats?• “Extended Enterprise” – service provider risk• Forecasting challenges and the path forward for the APAC regionJayaraj Puthanveedu Director, APAC Regional Head of Business Continuity Management and Head of CSBC Deutsche Bank, Singapore
09:50 Expert Insight:Minimising Cyber Risk Arising from BYOD• Understanding and internalising the common challenges arising out of
BYOD usage• Minimising the cyber risk associated with the mobile workspace• Harnessing CSOC to develop proactive deterrent measuresGanesh NarayananHead-Consulting Cybersecurity ServicesThales, Singapore
10:30 Coffee and Networking Break
11:00 Expert Insight:Moving Forward from Traditional IT Security: Looking Towards Cybersecurity Measures• Is traditional IT security still relevant?• The trends toward replacing traditional IT Security with forward
looking cybersecurity measures• Effectively evaluating between traditional security measures and
forward looking cybersecurity measures and implementing the most effective decisions
Murali Narasimhan Head Governance & Risk Analytics Group Information & OperationsCIMB, Malaysia
11:40 Expert Insight: Keeping Your Data Safe whilst Taking Advantage of the Cloud• Developing a single management interface to increase compatibility
across internal / external platforms• Mitigating risk associated with using a myriad of third party vendors for
outsourcing• Private, public or hybrid? Which makes the most sense?• Monitoring the cloud effectively to meet data security and data
sovereignty goalsParag Deodhar CISO AXA Bharti, India
12:20 Networking Luncheon
13:20 Expert Insight & Demonstration:Getting Ready for the Unknown – The Future of Cybersecurity Attacks• Exploring Malware, APT, Botnets, Social engineering, Phishing and
their role in compromising security• Assessing the risk levels associated with each threat• Finding out developments in major cybersecurity categories • How to level the playing field against decreasing odds? Cyber
intelligence and analyticsSung-Ting Tsai(TT) Vulnerability Expert (Hacker) Team T5, Taiwan
14:00 Expert Insight:Building Effective Cyber Defense with Intelligence• Using intelligence to provide predictive analysis and comprehensive
understanding of cyber threats• Understanding the adversaries and motivations behind attacks to stay
prepared• Best practices in establishing the cyber intelligence function within an
organisation.• Building a trusted eco-system and partnership for cyber intelligence
sharing networkAndy ChowSenior Cyber Intelligence AnalystRBS, Singapore
14:40 Coffee and Networking Break
PANEL DISCUSSION
15:10 Regulatory Changes in the Region and Organisational Reactions to Them• Analysing the current state of regulation in the region• Discussions on future regulatory roadmaps: Do they all lead to the
same place?• Assessing the potential impact on organisational transformation and
investments • What lies ahead? The major concerns facing institutions at this timeModerator:Jayaraj Puthanveedu Director, APAC Regional Head of Business Continuity Management and Head of CSBC Deutsche Bank, SingaporePanellists: Leonard Ong Professional Advocacy CommitteeISACA, Singapore Parag Deodhar CISO AXA Bharti, IndiaCarrine Teoh Chooi ShiHead, Product Development and MarketingCybersecurity, Malaysia
15:50 Expert Insight:Preventing Data Leakage by Tightening Privacy Laws; Mending the Weakest Links• Assessing the impact of data leakages on both financial and regulatory
aspects of financial organisations• Reviewing and improving data leakage prevention strategies across
the board• Predicting and analysing future focused methodologies meant to
mitigate data leakage associate riskCarrine Teoh Chooi ShiHead, Product Development and MarketingCybersecurity, Malaysia
16:30 Case Study:Aligning Top Management towards Cybersecurity in Low Maturity Environments• How / Where to start?
- Assessing the current environment against known cyber attacks- Creating awareness to the executives on the current risks- Enabling C-Suite buy in by integrating IT risk with tangible metrics
• If you can’t measure it, you can’t manage it - Creating metrics that effectively manage the cybersecurity goals
• What else?- Increasing communication and integrating that within a holistic
organisation wide security framework Eddy Lee IT Risk & Security Manager QBE Insurance Asia Pacific, Hong Kong
17:15 Closing Remarks from the Chair and End of Day One
P
Day Two
Tuesday 10th March 2015
08:30 Registration and Coffee
09:00 Opening Remarks from the ChairGeoff Leeming Head of InfoSecurity Architecture & Engineering, InfoSecurity ChangeRBS, Singapore
09:10 Case Study:Transforming Cybersecurity, Risk and Control for Evolving Threats• Analysing cybersecurity vulnerabilities, threats and risks and their
associated risk based control categorisation• Integrating cybersecurity governance with overall Information Security
Governance, Risk and Assurance in line with life cycle approach of preparing, investigating, response and transforming cybersecurity (PIRT)
• Developing the cybersecurity paradigm by developing communication with the top management and all relevant stakeholders
• Transforming cybersecurity using COBIT 5 and real case study demonstrations
Dr. Sarwono Sutikno Cybersecurity Nexus LiaisonISACA, Indonesia
09:50 Expert Insight:Increasing Agility in Incident Response: Being More than Sub Optimal• What’s the cost of delayed incident response times? What’s the impact
on reputational and operational risks?• Re-designing Incident Response (IR) plan and policy to streamline the
response process • Ensuring your IR plan is integrated across business unitsTim NeillHead, Situational Awareness & Rapid Response Unit Command and Control CentreStandard Chartered Bank, Malaysia
10:30 Coffee and Networking Break
11:00 Expert Insight:Comprehending Cyber Insurance as a Feasible Risk Transference Mechanism• What is cyber insurance and how it can help?• What types of cyber coverage are present?• Reviewing the current state of cyber insurance implementation in the
region• Knowing when to use cyber insurance within the existing IT risk
frameworkRichard Wynn Executive Director AsiaHowden International, Singapore
11:40 Expert Insight: Building a Big Data Mindset to Safeguard Your Organisation from Sophisticated Attacks• What differentiates big data from small data?• Is log analysis enough to prevent the next attack?• Building sense from billions of small data points• Automating big data learning systems to protect against evolving threats• Dealing with data privacy issues within big data analyticsAbhinav Singh Cybersecurity EngineerJP Morgan Chase, Singapore
12:20 Expert Insight: Turning IT Personnel into Cybersecurity Risk Professionals • Understanding the dynamics of cybersecurity talent supply and
demand in the region• Identifying the key Knowledge, Skills and Abilities (KSAs) for the new
area cybersecurity risk professionals • Formulating retraining programmes to bring IT personnel up through
the ranks Martin LeoExecutive Director Risk ManagementMorgan Stanley Investment Management, Singapore
13:00 Networking Luncheon
14:00 Expert Insight:Building a Future Focused IT Architecture for Maximised ROI • Staying in the curve of evolving cyber threats• Evaluating the security level of your current IT system deployment and
support• Smartly investing in your cyber risk management by understanding
which threats can be mitigated through which technologies• Ensuring the best ROI for security and functionalityJaisimha Diwakar AVP – Vulnerability ManagerBarclays Technology Centre, Singapore
14:40 Case Study: Content Delivery Network and Web Application Firewall: A Double Whammy for Hackers?• How does CDN and WAF help prevent cyber attack for institutions?• Discussing the defacement of Malaysian Airlines Website even though
both CDN and WAF were in place• Techniques to close the gap and building strengths for the futureAndrew ChongPrincipal IT ConsultantSingapore Government
15:20 Coffee and Networking Break
15:50 Expert Insight: Effectively Increasing User Awareness and Aligning it with Cybersecurity Goals• Using Network Behaviour Analytics for threat detection and advance
reporting• Building training programmes that leverage on best practices and
incorporate metrics• Transforming training programmes into immersive learning
experiences for Non-IT professionals• Getting buy-in from top management for cybersecurity goals to
nurture a culture of data stewardship and data careJohn O’Driscoll Senior Manager IT RiskANZ, Australia PANEL DISCUSSION
16:30 Building Cyber Resilience for Years to Come• Taking current methodologies to the next level • Combining the best of risk frameworks and technology• Building and using big data to change from a reactive to proactive
frameworkModerator:Murali Narasimhan Head Governance & Risk Analytics Group Information & OperationsCIMB, MalaysiaPanellists: Mike HarriesProgramme ManagerBank of America, SingaporeJohn O’Driscoll Senior Manager, IT RiskANZ, AustraliaTim NeillHead, Situational Awareness & Rapid Response Unit Command and Control CentreStandard Chartered Bank, Malaysia
17:15 Closing Remarks from the Chair
17:30 End of Conference
marcus evans would like to thank everyone who has helped with the research and organisation of this event, particularly the speakers and their staff for their support and commitment.
W Half- Day WorkshopWednesday 11th March 2015
CYBER INTELLIGENCE: COLLATION AND ANALYTICS TOOLS AND TECHNIQUES FOR CYBER RESILIENCE
• The emerging cyber threat landscape: Not a matter of if, but of when!• Proactive cyber intelligence collection and sharing• Incident handling: Bringing together incident management, digital
forensic, Capability Maturity Model for Service, etc• Securing the weakest link … Humans! An Engaging Stakeholders,
Acceptable Behaviour, Simple Teaching method, Yardstick (EASY) training model
Dr Raymond ChooResearch DirectorCloud Security Alliance, Australia
About Your Workshop Facilitator:Dr Raymond ChooResearch DirectorCloud Security Alliance, AustraliaDr Raymond is Research Director at The Cloud Security Alliance (CSA) Australia Chapter. He’s also a Fulbright Scholar and Senior Lecturer of University of South Australia. Dr Raymond has (co)authored a number of publications in the areas of anti-money laundering, cyber and information security, and digital forensics including a book published in Springer’s “Advances in Information Security” book series, and a book published by Syngress/Elsevier (Forewords written by Australia’s Chief Defence Scientist and Chair of the Electronic Evidence Specialist Advisory Group, Senior Managers of Australian and New Zealand Forensic Laboratories). His research has been widely cited, including in key government reports such as the 2010 Australian Government House of Representatives Standing Committee on Communications Report on the Inquiry into Cyber Crime, 2011 Australian Government Joint Select Committee’s Report on Cyber-Safety.
Some achievements in Dr Raymond’s career: • 2014 Academic Impact and Uptake Award which recognises
researchers who have made important contributions to knowledge and have demonstrated excellence in research achievement in an area of strategic importance to the University of South Australia
• One of 100 Emerging Leaders (Innovation) in Weekend Australian Magazine / Microsoft’s Next 100 Series in 2009
• Recipient of 2010 ACT Pearcey Award• 2010 Consensus IT Professional Award• 2009 Fulbright Scholarship• 2008 Australia Day Achievement Medallion • 2008 British Computer Society’s Wilkes Award Computer Journal
2007’s Best Paper
Workshop Schedule:08:30 Registration and coffee 09:00 Morning session commences 10:30 Morning refreshments and networking break 11:00 Morning session re-commences 12:30 Workshop concludes
Why You Cannot Miss This Event:The Asia Pacific region is two times more likely to be targeted by advanced cyber attacks than the rest of the world according to Fireeye Research. On top of the list of attacks are financial institutions for the importance of data they possess. With organised cyber crime now controlling a multi-billion dollar black market, customers of financial institutions are becoming more concerned about the safety of their data, making regulators clamp down on issues related to cybersecurity. Clearly, cybersecurity has become a matter of survival for banks in the region.
Cyber attacks are here to stay. The only thing that can define success or failure in terms of an attack depends on how the organisation chooses to respond to it. This marcus evans event Cyber Resilience in Financial Institutions will bring together accomplished speakers to analyse the pressing issues affecting CIO’s, CISO’s and information security professionals in the region. Burning issues such as tackling the fluid nature of regulation in the region, transforming cybersecurity professionals into risk managers, raising user awareness within institutions as well as leveraging big data and behavioural analytics to better protect against growing threats, this forum will provide answers and insights into topics that hold relevance for years to come.
There will also be a workshop on developing and solidifying cyber intelligence and analytics to help professionals implement changes to their current organisational processes without having to spend heavily on augmenting their IT infrastructure and architecture. The main aim of the workshop is to help professionals develop data collection grids, automate analytical frameworks and frame feedback loops into organisational policies to create a more proactive approach to cybersecurity.
Who Should Attend:C-Level Executives, Presidents, Vice Presidents, Managing Director, Directors, General Managers, Head of Departments, Senior Managers, Regional Managers, Managers, Supervisors, Executives of Financial Institutions:• IT Audit• IT Risk• IT Compliance• Operational Risk• IT Infrastructure• IT Security Analysis• IS Compliance & Audit• IT Assurance• Systems
• Database• ICT• Risk• Governance• Disaster recovery• Security System Architecture• Network Security• Enterprise Security Architects
Business Development Opportunities:Does your company have services, solutions or technologies that the conference delegates would benefit from knowing about?If so, you can find out more about the exhibiting, networking and branding opportunities available by contacting:Peter Morgan on +61 2 9238 7200 or email [email protected]
Speakers Profile
John O’DriscollJohn O’Driscoll is Senior Manager, Information & Technology Risk, with the ANZ Banking Group located in Melbourne, Australia. Prior to ANZ, John was the Head of IT Risk and Security at AMP in Sydney, Australia. He had responsibility for IT Risk, IT Security and Disaster Recovery for the AMP group who are a leading fund manager, superannuation and insurance company in Australia and New Zealand.John has over 25 years IT governance and risk management experience which he has acquired in a number of IT Audit and operational risk management positions in the financial services and public sectors. He was an early adopter of computer assisted audit techniques and has trained many financial and IT auditors in the use of Audit Command Language (ACL).
Andy ChowAndy is a certified cyber security professional with more than 12 years of experience in various critical infrastructure industries such as banking, military, telecommunication, manufacturing and transportation. In his current role under corporate security services, he specializes in cybercrime intelligence for a global bank. His areas of responsibilities include monitoring and identifying cyber threats through open and closed source intelligence, delivery of strategic and tactical intelligence products for information security, cyber security and information technology stakeholders to make informed security decisions. Andy acts as an ambassador for the bank to build and maintain relationships with law enforcement, intelligence community, cyber security organizations, and peers from banking & financial services industry. Andy has broad skill sets with cybercrime intelligence and cybersecurity which includes cyber intelligence strategy development, intelligence collection and analysis, malware analysis, security analytics, cyber incident response and investigations, and delivery of security infrastructure technology solutions. He holds the following certifications: GCED, CISSP, CISM, CRISC, CISA.
Parag DeodharParag is the Chief Risk Officer & Senior Vice President at Bharti AXA General Insurance Co. Ltd. Parag is a Chartered Accountant, Certified Information Systems Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US. He is also the President of Bangalore Chapter of ACFE. He has over 17 years’ experience in Enterprise Risk Management, Information Security and Forensics, Audit, Consulting and Programme Management. Parag has written several articles in online and print media and is a regular speaker at industry forum and seminars. Parag has worked with multinationals like AXA Group, Deutsche Bank, KPMG and Mahindra British Telecom.
Abhinav SinghAbhinav singh is a young information security specialist with a keen interest in the field of Information security and has adopted it as his full time profession. His core work areas include Malware analysis, Network security, System and Enterprise security. He is also the author or “Metasploit Penetration testing Cookbook” and “Instant Wireshark” published by Packt Publishing, UK. Abhinav’s work has been quoted in several Infosec magazines and portals. He shares his day to day security encounters on www.securitycalculus.com.
Leonard OngLeonard has over 15 years of experience in Information and Corporate Security gained in telecommunication, enterprise and banking industries. He has been in a number of different roles within security profession such as Information security, corporate security, project management, consulting and business development. He leads Enterprise Governance practice for a regional consulting firm. Prior to that, he was with Barclays Capital as Head of Information Security Risk & Operation, Asia pacific. During his tenure with Nokia Siemens Networks, he provided professional consulting services for regional telecommunication carriers to secure their networks. Public recommendations were received for the projects. Leonard spent 7 years in Nokia Corporate Security. He was responsible in securing Nokia businesses across the region, which includes 7 countries. Leonard has been volunteering in a number of security associations since early 2000. His longest service is with ISACA Singapore Chapter where he has been elected as Chapter President twice. He is currently serving as Honorary Chairman for ASIS International Singapore Chapter since 2011 among other appointments. Leading information security associations, such as (ISC) and ASIS International, have recognized his efforts. He was awarded Information Security Leadership Achievement (ISLA) - Senior Information Security Professional category in 2011 and Professional Certification Board Regional Award in 2014. Previously, National Infocomm Competency Centre (NICC) has awarded Leonard with ‘IT Specialist of the Year’ in 2005. He received K. Wayne Snipes 2013 award for ISACA Singapore Chapter being the best very large chapter in Asia. Leonard regularly delivers presentations and trainings in the region.
Sung-Ting TsaiSung-ting (TT) is the leader of Team T5 Research. They monitor, analyze, and track cyber threats throughout the Asia Pacific region. His major areas of interest include document exploit, malware detection, sandbox technologies, system vulnerability and protection, web security, cloud, and virtualization technology. He especially is interested in new vulnerabilities in new technologies, and frequently presents the team’s research at security conferences, such as Black Hat, HITCON, and Syscan. He and Ming-chieh are members of CHROOT security group in Taiwan. Sung-ting (TT) is also the organizer of HITCON -the largest technical security conference in Taiwan.
Mike HarriesMike Harries has a broad range of experience including the management of people, budgets, vendors, projects, risk, compliance and varied hands on technical skills spanning a career of over thirty years. The industries that I have mainly worked in are the telecommunications industry, banking, energy, beverages, insurance and manufacturers. He was as Head of Networking at Coca-Cola for five years and was responsible for building from scratch, a global network carrying voice, data and videoconferencing traffic.He has spent the last twelve years at Standard Chartered Bank primarily in the roles of Programme manager, Network Design, Network Security Architecture and Network Governance. He also has, over the past few years, been more involved with infrastructure risk, audits and compliance. Recently, he has been working as a technology consultant, looking at recommendations for the application landscape of a leading Singaporean bank. The recommendation pack that his team has produced will shortly be presented at board level. Currently he is at Bank of America, as a Programme manager, rolling out voice related infrastructure throughout APAC.
Eddy LeeEddy Lee leverages his 15 years of security leadership experience to advise organisation on reducing their risk posture by solving complex security problems and by building resiliency into their organization. Eddy delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation with his deep expertise in network security, identity management, policy design, risk assessment and penetration testing. Before joining the QBE team Eddy was a Regional Head of Information Security Risk for HSBC Private Bank and a Lead Information Risk Manager for CSC, where he gained valuable experience building security programs for enterprise class clients.
Jayaraj PuthanveeduJayaraj Puthanveedu is the Asia Pacific Head of Business Continuity Management and Corporate Security and Business Continuity Head for Deutsche Bank Singapore. Prior to his current role, he was in heading a portfolio of functions such as Operational Risk, Business Continuity, Corporate Security and Anti Fraud for Deutsche Bank in India and Sri Lanka. In the past, he has held several leadership and technical roles across the region at Northern Trust, Goldman Sachs and Cable & Wireless in the areas of Operational Risk, Information Security, Technology Risk and Business Continuity
Geoff LeemingGeoff Leeming is the Head of Information Security Architecture and Engineering for RBS Corporate and Institutional Banking. He has worked and consulted in Information Security for over 20 years, working across numerous industries but specialising in Investment Banking. He holds a master’s degree in Information Security from Royal Holloway, University of London.
Richard WynnWith over 24 years experience of handling Financial and Professional Risks, Richard began his career in 1991 in London with C E Heath Plc arranging Professional Indemnity, Directors & Officers Liability and Crime insurances before moving to Howden in 1997. He has since been based in Dubai establishing Howden’s broking office in the Middle East in 2008 and moved to Singapore in 2012 to head up Howden’s Financial Lines practice for Asia. Richard specialises in arranging insurances for Financial Institutions, including Cyber Insurance and Mergers & Acquisitions Insurance as well as Crime, Professional Risks and Management Liability.
Dr. Sarwono SutiknoDr. Sarwono Sutikno is an Associate Professor at School of Electrical Engineering and Informatics, Institut Teknologi Bandung and also Senior Lecturer at Asymmetric Warfare Study Program, Indonesia Defense University. He has also been appointed as ISACA Academic Advocate for ITB, since 2007; as Cybersecurity Nexus Liaison, ISACA Indonesia Chapter, since September 2014. He is also member of Technical Committee 35-01 Information Technology, Head of Working Group on Service and IT Governance, and Member of Working Group on Information Security, National Program on Standardization – National Body for Standard & Ministry of Information and Communication
Speakers Profile
Andrew ChongAndrew Chong has over 20 years of experience in the IT domain and over 10 years in IT Security and risk management.In the early years, he was a software engineer who has flew to Silicon Valley CA to work in a technology start-up.After returning back to Singapore, he achieved the CISSP security certification in early 2001. Andrew has a broad skill sets which includes Application Security, Penetration Testing, Cyber Security and have a keen sense of looking out for security vulnerabilities. He has also modified the Zeus Trojan source code to demonstrate how the Trojan can bypass 2FA on different Internet banking banks. In 2014, Andrew was awarded the e-Bay Bug Bounty award for discovering a OWASP Top 10 high risk vulnerability in eBay website. He also recently discovered a 0-day full jobs applications resume document download vulnerability on a major job search site. He currently work as a Principal IT Consultant in a Singapore government agency.
Tim NeillTim Neill is Head, Situational Awareness and Rapid Response Unit, having joined Standard Chartered Bank in October 2014. He is based at the Bank’s command centre in Kuala Lumpur, Malaysia and is responsible for incident and crisis management. Tim is an experienced risk leader with a career that spans more than 15 years in the banking, oil and gas and private equity sectors. Prior to joining Standard Chartered, Tim was Global Head of Incident Management and Head of Command Centre at Deutsche Bank. In this role, he was responsible for all technical outage response and monitoring. During his time there, he was instrumental in reducing Deutsche Bank’s incident rate to the lowest on record. Internationally experienced, Tim has lived and worked in London, Dubai and Kuala Lumpur having held senior risk leadership positions with global banks as well as spending a period in private equity where he specialised in the commercialisation of new technology in the fields of defence and information security. Apart from his day-to-day responsibilities, Tim actively supports the Bank’s sustainability programmes, such as ‘Seeing is Believing’. This programme is a global initiative dedicated to tackling avoidable blindness and a collaboration between Standard Chartered and the International Agency for Prevention of Blindness. In addition to his passion for new technology, Tim’s interests include veteran’s level rugby union and restoring vintage motorcycles.
Murali NarasimhanMurali is the Managing Director, Governance and Risk for Technology and Operations of CIMB Group. Murali has over 25 years of International experience in Technology, Operations and Risk Management and has held leadership roles in Technology and Risk Management at organizational and industry level. He has extensive experience in the field of resilience and has fostered national and global partnerships in the field.
Ganesh NarayananGanesh is the Head of Consulting, Cyber Security Services for Thales Solutions Asia. Ganesh comes with more than 21 years of experience in information technology, Cyber Security industry, working with major banks, government agencies, regulators, industrial control/ SCADA based systems, major telecom and enterprise segments in Asia.Ganesh has expertise in Cyber Security consulting, Business Leadership, Market knowledge, Resiliency Management, Performance, Cyber Strategy & Policy development and Cyber Security training, with extensive exposure in business footprints in South East Asia.Ganesh also was an entrepreneur with business development acumen in M2M, e-Reader based e-Learning solutions and was the founder Director of Vestal Corporation Singapore from 2006-2011.Ganesh has a Bachelor Degree in Telecommunications Engineering and an MBA from California State University, East Bay, California.A native of India, he lives in Singapore for the last 15 years, has passion for English literature and also a freelance writer.
Martin LeoMr. Leo has over 20 years of experience in diverse and challenging roles in the Financial Services industry. Prior to joining Morgan Stanley Investment Management, Mr. Leo served in a number of General Management and Risk Management roles. His last assignment with ING Group was as the Chief Administrative Officer at ING Investment Management India and before that was the Apac Head of Non Financial Risk Management for the Investment Management business. In these roles, he has combined senior strategic oversight roles with some very hands on roles involving people, processes and systems. His specialization has been operational risk management, IT risk management, business continuity management, fraud risk management and physical & personal security.
Carrine TeohCarrine Teoh Chooi Shi is the Head of Product Development & Marketing Department, CyberSecurity Malaysia, an agency under the Ministry of Science, Technology and Innovation, Malaysia (MOSTI). Carrine Teoh was from the Integrated Circuit (IC) Design field where she was involved heavily in R&D and IC consultancy. She holds Master of Business Administration from University of South Australia, Australia and Bachelor of Engineering (Electrical & Electronics) from Nanyang Technological University, Singapore. She also had experience in business management and business development for IT industry before joining CyberSecurity Malaysia. Her current post at CyberSecurity Malaysia deals with strategic positioning and collaboration that includes the development of new products and services, initiatives and exploration of new co-operations that could grow into strategic partnerships with key players in cyber security, locally and internationally. She currently involves in engagement with multiple stakeholders, to enhance information security especially amongst Critical National Information Infrastructure (CNII), cyber safety acculturation and economic development in cyber security industry. One of the initiatives she champions is Malaysia Trustmark. She is a Certified Information Systems Security Professional (CISSP). She is also a Certified Business Continuity Professional (CBCP) specializing in business continuity and disaster recovery.
Silver Sponsor:
Thales is a global technology leader in the Aerospace, Transportation and Defence & Security markets. In 2013, the company generated revenues of €14.2 billion with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners.In the field of Cyber Security, Thales is a world leader in cyber and cryptographic security products, assessment services, audit services, consulting solutions and specialised Cyber Security operation centres.
Media Partners:
Innovizio [ http://www.innovizio.com/ ] as to become a World Leader in Business Innovation & Smart Solutions. Knowing the unknown, connecting the dots, defining the new standards for Digital transformation, Digital marketing, leading to future Innovative Business solutions. Mission “A magical mirror of the new digitized world” Delivering Solutions about Business Innovation | Digital Transformation | Big Data | IoT @Innovizio is the parent organisation behind the BigdataQ.com | BigDataFreelance.com | BigDataUniversity.eu | TelecomExecutives.nl platforms.
BigDataQ.com, a Global leading BigData Media - News - Events - Strategy- Resources - Solutions platform. BigDataQ.com partners with many International BigData and Cloud events from Silicon Valley to Singapore, provides Big Data Strategists / Data Scientists delivers Executive Business Technology Strategy and Enterprise Data, Innovation and Digital Transformation solutions, is advisory to large Companies in Benelux / EMEA regions. BigdataQ, BigDataFreelance.com and BigdataUnviersity.eu platforms are part of the InnoVizio group (http://www.innovizio.com/)
Global Banking & Finance Review is one of the world’s leading online Portal covering Global News, Videos, Analysis, Opinion, Reviews and Interviews from the world of Banking, Finance , Wealth Management, Trading, Business, Technology and much more. Read in over 200 different countries and ranked below 15,000 globally by Alexa across billions of websites. To find out more, visit us at http://www.globalbankingandfinance.com
Online Media Partner:
The Singapore Business Review provides daily news about the Singaporean business landscape, supplies opinions on happenings in the business world and allows audiences to have an insight on the views of industry experts.
Our Business Partners