ISACA 14 CPE

IIA 16 CPD

CYBERSECURITY, IT ASSURANCE & GOVERNANCE CONFERENCE 2018Date: 7 to 10 May 2018 Venue: Sheraton Hotel, Petaling Jaya, Malaysia

CONNECT TO SHARE AND SECURE

SUPPORTING ORGANISATIONS

FREE 8"' Branded Tablet For Each Delegate

Cybersecurity has played and would continuous to play a very prominent role in every organisation. This is attributed to the rapid technological and connectivity advancements which also the same platform used by threat agents to disrupt and exploit organisations’ important assets. As such, every organisations may struggle to put in place the right level of governance, management and assurance practices to protect themselves from intentional attacks, breaches and incidents.

This CIAG Conference will feature many point of views presented by esteemed subject matter experts in various plenaries, panel and mini workshop/masterclass which include cybersecurity, governance, IT risk management and assurance topics. Back by popular demand, this year we will continue to bring you the Pre and Post Conference workshops, which are happening on 7th and 10th May respectively.

The main conference on 8th May will feature the keynote address, plenary, firechat and panel discussion session, while 9th May conference day will be split into business / management and technical classes covering the latest development on cybersecurity, IT governance, continuity management and assurance. These classes are designed to provide ‘live’ practical experiences and will cover the latest ISACA research and literature such as the CyberSecurity Nexus program and COBIT5 framework. This Conference will be fully electronic i.e. conference delegates can leverage on the conference mobile app to stay in tune with the plenary speakers, conference schedules, provide feedback as well as accessing the presentation and sponsors materials.

Pre-Conference Workshop: 7 May 2018

09:00 – 17:00 Pre-Conference Workshop: The Role of IT Audit in Driving Business Innovation Tichaona Zororo CISA, CISM, CGEIT, CRISC, CIA, CRMA, Certified COBIT 5 Assessor ISACA International Director As organisations continue to invest heavily in the development of IT systems to drive better efficiencies, consumer service and competiveness, it is essential that there is a clear communicated and coordinated approach between business operations and the DevOps teams to effectively achieve this aim. In this fast paced DevOps environment, IT auditors are in a unique position to add business value and improve organisational operations through agile IT audits. This session will explore the changing focus of IT auditing and highlight the critical areas where IT auditors can add real value:

• The changing focus of IT Auditing – Keeping up with emerging technologies and changing business models and risk landscape - Consumerisation, Cyberwar, Cloud, Big Data

• Overview of DevOps and Agile development methodologies • Understand why a comprehensive understanding of the business environment is imperative to value-adding IT audits

and what that means for the Profession • How to use tools such as IPPF Auditing Principles and COBIT 5 Goals to in building new age IT audit plans • Communicating IT issues in business terms that matter to key decision makers - board, senior executives and the audit

committee • Cementing IT audit’s place in Digital Transformation and Business Innovation

Post-Conference Workshop: 10 May 2018

09:00 – 17:00 Post-Conference Workshop: Big Data Analytics Mario Bojilov CISA, MEngSc (Res), GradDiplApplFin&Inv Chief Data Strategist Big Data is an upcoming trend due to digitization that most organisations are currently embracing. Data analytics has become increasingly important for an organisation as it enhance its ability to know its customer better in order to serve them and create a better value. Through this one-day workshop, participants would be able to learn what Big Data is all about, how it is applied in real world applications as well as the technologies behind enabling the platform. Besides that, participants will also be able to gain understanding on how to deploy machine learning as the next step of data analytics in an organisation. Key takeaways: • Gain understanding on definition of Big Data, and its characteristics through case study • Appreciate the Big Data goals, collections and various sources • Learn what are the main characteristics of major Big Data technologies • Gain understanding of what is Machine Learning, the various types and tools through practical demonstration • Planning for Big Data Analytics in an organisation

Conference Day 1: 8 May 2018

08:00 – 08:40 Registration & Networking Session

08:40 – 08:50 Opening Remarks – Organising Committee Chairperson

08:50 – 09:30 Keynote: The Role of the Board of Directors and Senior Executives in Cybersecurity – A Reflection of 2017 Cyberattacks Tichaona Zororo CISA, CISM, CGEIT, CRISC, CIA, CRMA, Certified COBIT 5 Assessor ISACA International Director Cybersecurity needs to be constantly an agenda in the Board discussion; the board is ultimately responsible for Cybersecurity. Whilst numerous boards are aware of the devastating business effects of Cybersecurity, the WannaCry, Petya and NotPetya attacks in 2017 points to inaction on those charged with the implementation of cybersecurity framework and the lack of adequate board oversight. In this opening remarks delegates will learn the following:

• The role of the board of directors and other oversight committees in cybersecurity • Cybersecurity questions the board should ask • The most devastating 2017 attacks and the role the board should have played • The changing landscape of cybersecurity and how the board should ensure that their organisations stay ahead

09:30 – 10:10 Platinum Sponsor Address: Why are we still being breached? Rodney Lee ISO27001 LA Chief Executive Officer, DNeX There is no doubt that new technologies and solutions have emerged with new approaches, new insights and of course, at times, it comes with higher costs. However, many of the organisation’s security are still being breached; and in the words of a hacker, “I am not really concerned about what protection you have, all I need is TIME”. The questions we should ask ourselves are:

“Are we moving in the right direction?” “Are we doing the right things?” “Are we making the right investments?”

This session looks at the fundamentals of Cybersecurity and addressing “first things first”.

10:10 – 10:50 Platinum Sponsor Address: Identity is Security - Your Organisation's Security Isn't Complete Without Identity and Data Governance Speaker to be confirmed SailPoint The landscapes are changing: data breaches are more frequent and damaging, and the regulations (like GDPR and PDPA) deterring the threat are requiring organisation to be more responsible to avoid penalties. Your organisation’s security just isn’t complete without identity and data governance. There are increasing numbers of security breaches that have change focus: from concentrating on network and endpoints, now they are moving towards the enterprise users. It’s more important than ever for IT leaders to recognise that identity is security.

10:50 – 11:20 Break & Networking Session

11:20 – 12:00 Firechat: Blockchain and Cryptocurrency: What are the implications for payments & fraud? Will it work? Chair: Nickson Choo CISA, CRISC, CFE, CA Director, Deloitte Malaysia

Panellist: Ho Siew Kei CISA, CPA, CISSP Director, Deloitte Malaysia

Other panellist to be confirmed Cryptocurrency such as Bitcoin has been the talk of town as the world went into a frenzy towards speculation of its value since end of 2017. Most people would know by now that the technology behind the cryptocurrencies is blockchain and the benefits of going towards cryptocurrency includes eliminating the need for middlemen such as financial institutions. However, would such technology means there is no longer a need for the middlemen layer as the transactions are taken care of by the blockchain technology? Should the blockchain technology be vulnerable, would that mean it is even easier for fraudsters to perform attacks and fraudulent transactions without much security controls in place?

12:00 – 13:20 Lunch & Networking Session

13:20 – 14:00 Plenary 1: Enabling digital trust amidst disruptive technologies Tan Cheng Yeong CISA, CGEIT Senior Executive Director, Risk Assurance Services, PwC Malaysia

77% of Global CEOs ranked technological advancement as the most disruptive mega trends. Whilst emerging technologies such as Cloud, Big Data, Robotics and AIs brings many benefits, the risks that comes with it is accelerated faster, and its impact magnified exponentially. Amidst the digital transformation turbulence, Digital Trust is a key counterweight that underpins its stability. The trust dynamics that the digital age unleashes is huge - embrace it or miss the digital growth opportunities. Key takeaway: What are the current thoughts on the changing role trends of the future of IT Audit?

14:00 – 14:40 Plenary 2: It’s a war! We must know our enemy – the cybercriminal! Brian Hay APM Cyber Security Executive Director

Cybercrime is growing unabated and out of control, we are the front line of defence. How do we gather our strengths to support each other against this capable enemy? Let’s take a journey into the world of the Dark Markets and learn the motivations, methodologies and strategies employed by the cybercriminal. Let’s study and understand the “Lifecycle of Cybercrime” to turn our current reactive technology led defences into a proactive intelligence led business model. Key takeaways:

• Greater insight into the “real” threat and why it will get worse • How to migrate from reactive to proactive security • How to utilise the security expenditure as a business investment

14:40 – 15:20 Plenary 3: Putting a plug on Data Leakages Vicknaeswaran Sundararaju Head of IT Security, Petronas Most of data lost occur internally and often unintentionally. The transfer of unauthorized business sensitive data will not only damage competitive edge but also lead to possible litigation from authorities. Managing data access based on appropriate data classification and risk, helps to reduce the data volume to a manageable level in plugging the data leakages. Key takeaway: Being “out in front” of and prepared for data leakages is more effective than a late response.

15:20 – 15:50 Break & Networking Session

15:50 – 16:30 Plenary 4: To be determined Jacob Abraham Chief Risk Officer, Group Global Banking, Maybank

Details will be made available on conference website soon.

16:30 – 17:30 Panel Discussion: Need for Collaboration through Actionable Threat Intel Exchange Platform across Organisations Chair: Retnendran Sivasupramaniam CISA

Head of IT Audit, Ambank Group Panellist: Dato’ Dr. Haji Amirudin Abdul Wahab Chief Executive Officer of CyberSecurity Malaysia

Murari Kalyanaramani Head of Information Security, Standard Chartered Bank

Jason Yuen Partner, Ernst & Young

Muhammad Dawud Fadlullah Wilmot Head of Information Systems & Security, Maxis

An increasing number of security breaches which lead to data leakages and privacy invasion has called organisations for more collaboration in addressing the threat. In the Malaysia context, there is a constant perception by the public that there is a lack of collaboration and willingness among industry peers to share knowledge and to join force in combating the threat. There is a need to break away from those misperceptions and foster further collaborations across organisations in order to stay vigilant and being able to respond promptly to any attacks with the intention to reduce its overall impact throughout the industry. The panellists, coming from different industries, would discuss and share from their respective viewpoint on the following: • Actionable threat intel exchange platform would be beneficial to provide that collaboration platform but what

organisation should do in supporting such initiative? • Should there be someone to dictate type of information to be shared and not to be shared? • How to share information effectively using the threat intel from such platform as an actionable intelligence for an

organisation?

Conference Day 2: 9 May 2018

08:40 – 09:20 Plenary 5: Continuous Auditing: implementing CA in your audit organisation Dato’ Merina Abu Tahir Head of Internal Audit, Malaysia Airlines Berhad There are many incidents in the recent years that have sparked the interest of many organisation to think out of the box in enhancing the IT security and increasing the protection of the critical information asset of the organisation. The urgency of such has been heightened with the advancement of IT and the propagation of mobility and seamless connectivity. Organisation cannot afford to lose sight of such critical asset and continuous monitoring and auditing is one of the key main ingredients in ensuring the benefits derived from the valuable information assets would be continuously maintained and protected. During this experience-sharing session, participants would be able to understand what it takes to start the CA journey, the advantages and the “don’t” that should be avoided, on top of bringing away the key lessons learned on the CA implementation.

09:20 – 10:00 Plenary 6: Major Trends on Cyber Threats Against Financial Services Ricardo Gonçalves Head of APAC Intelligence, Barclays As part of the adoption of an intelligence driven defence, we are constantly assessing the threats against financial services and identifying trends. In this presentation, Ricardo will touch on the top four cyber threat trends witnessed targeting financial services throughout the last 18 months.

10:00 – 10:40 Plenary 7: Data Governance: He Who Rules The Data, Rules The World Sharala Axryd Chief Executive Officer, ASEAN Data Analytics Exchange (ADAX) As the value and the importance of big data continues to grow, data governance must adapt to keep pace to ensure the data are in-tact and relevant. 85% of the data an average organisation stores is redundant, obsolete, or trivial while the rest can be considered business critical. Managing data appropriately creates good data to rise to the top of the data lakes, accelerating the time to deliver data-driven insights that are essential to a company’s competitive advantage. Key takeaway: Big data is here to stay. Master and govern it with intent.

10:40 – 11:10 Break & Networking Session

BUSINESS TRACK [BT] TECHNICAL TRACK [TT]

11:10 – 12:10 [BT1]

Supply Chain Security

[TT1]

Online Payment Risk Management & Compliance : What’s Next

12:10 – 13:30 Lunch & Networking Session

13:30 – 14:30 [BT2]

IS Auditing – What's in Store for Us Between 2018 and 2048?

[TT2]

The Supreme Importance in the Art of Cybersecurity is Knowing the Enemy’s Modus Operandi

14:30 – 15:30 [BT3]

Auditing Cybersecurity

[TT3]

Automating and Auditing Cloud Security and Compliance

15:30 – 16:00 Break & Networking Session

16:00 – 17:00 [BT4]

Cyber Risk and Security: The Human Element

[TT4]

NIST Cybersecurity Framework

17:00 – 17:30 Lucky Draw & Closing Remark

Conference Day 2: 9 May 2018 Detailed Outline

BUSINESS TRACK

BT1 Supply Chain Security

Facilitators: Saurabh Sarawat CISSP Wilson Lim GPEN Across Verticals Sdn Bhd

While every organisation focuses on building defensible cybersecurity infrastructure, supply chain (vendor and business partner) security remains a weaknesses within the cyber security program of every major organisation. Cyber attackers have been targeting the vulnerabilities within the supply chain and this is driving organisations to take a holistic approach to security, going beyond reviewing their own security practices to evaluate and monitor their vendors' security practices as well. In this training you will learn:

• Supply Chain Security Concepts • Alignment to Business • Supply Chain Security Governance • Roles and Responsibility (Who does it) • Periodicity of the Program (When to do it , how many times) • Sustainability (Cost/value, Collaboration)

BT2 Auditing Cybersecurity

Facilitator: Tichaona Zororo CISA, CISM, CGEIT, CRISC, CIA, CRMA, Certified COBIT 5 Assessor ISACA International Director

Cybersecurity is probably the most discussed IT topic among executives, internal auditors, audit committees, and the board of directors. Internal auditors can play an integral role in the organisation to ensure that cybersecurity risks are addressed appropriately. This sessions address the following questions:

• What are the emerging trends in cybersecurity? • Why is cyber security the number one issue for Boards and management? • How do you know if your organisation will be a target? • What should be in your audit plan to assist your organisation to mitigate cyber threats? • What is the critical role of internal audit and who is ultimately responsible for cybersecurity? • How can cybersecurity preparedness most effectively be reported across the organisation? • Test procedures for Testing Auditing Cybersecurity • What does a good cybersecurity mitigation plan look like?

BT3 IS Auditing – What's in Store for Us Between 2018 and 2048?

Facilitator: Mario Bojilov CISA, MEngSc (Res), GradDiplApplFin&Inv Chief Data Strategist

Digital technology is making quick inroads in a number of areas in our lives, both personal and professional. And, digital disruption is something most of us will need to deal with and adapt to. In this session Mario Bojilov will examine several of the future trends and technologies in auditing and discuss their potential impact to the organisations and, more specifically, on audit teams and individual professionals. The first part of this presentation will look into the future technology trends in the periods 2018-2030 and 2030-2040. Each of these periods will feature a plethora of new technologies, the impact of which will be covered in the session, such as 3D house printing, wearables overtaking smartphone, interplanetary internet, growth of interconnected devices - 19 devices per person and several others. In the second part of the presentation Mario Bojilov will look into the future shape of IS Audit profession, what challenges and opportunities lie ahead and what skills IS Auditors will need.

BT4 Cyber Risk and Security: The Human Element

Facilitator: Sanjay Sidhu CISA Executive Director, BDO

The focus on cyber risk and related security measures is, necessarily, a technological matter or problem… or is it? The pace of advancement to technology and connectedness in recent years has been quite fantastic. The accompanying security threat landscape is evolving at an alarming rate, and organisations of all sizes have been, and will continue to be, affected. Cybersecurity is almost always seen, discussed and planned for in the context of threats that come from the outside and enter our systems through technology. This session will explore the non-technological avenues for and impacts of cyber threats. Sanjay will consider the spread of the human element in cyber threat and protection, as well as the human impact and ramifications of cyber threat and protection.

TECHNICAL TRACK

TT1 Online Payment Risk Management & Compliance : What’s Next

Facilitator: Fong Choong Fook CISA, CISM, CRISC, CISSP, GCFE - SANS, CFE, CCLA, CCPA, CPTS Founder, LGMS

Any organisations that handles online card payments either directly or indirectly, shall be governed by Payment Card Industry Data Security Standard (PCI DSS) compliance requirements. By attending this masterclass, participants would understand the common misconception about PCI DSS, the fundamental in card payment security, different types of PCI Compliance levels, card risk management and the requirements needs to be satisfied in order to be PCI DSS compliant. Audience also can learn about what to anticipate from future compliance requirements in card payment security.

TT2 Automating and Auditing Cloud Security and Compliance

Facilitator: Jonathan Rault Security Practice Lead, AWS

An increasing number of organisations are now embarking on a journey to migrate their traditional IT environment hosted by themselves to a cloud service provider such as Amazon Web Service (AWS). The cloud services can be leveraged by organisations and even individuals that want to host and manage their own websites. This session focuses on providing an overview on what services that can be used to enhance the security posture for organisations migrating to and currently managing a cloud environment. Especially for auditors, this session will review the key checks to go through as well as some key recommendations on improvements, especially on security automation.

TT3 The Supreme Importance In the Art of Cybersecurity is Knowing the Enemy’s Modus Operandi

Facilitator: Ruben Martin Mondejar Security Practice Lead

Cyber-attacks are increasing drastically for the past years and there are no signs of slowing down especially the threat actors. Younger age are becoming the threat actors and comparatively, they have access into information easier than before. In this talk, we will discuss the various modus operandi of threat actors and how they propagate or initiate their attacks, afterwards investigate the artefacts left on the machines victimized and provide attribution based on information collected.

TT4 NIST Cybersecurity Framework

Facilitator: Lee Chin Hon, CISA, CISM, CSXF Director, ISACA Malaysia

Changes in the security landscape demands immediate response in interpreting an appropriate type of control. To be effective, there is a need to have a good preventive control. Have a good framework and keeping up-to-date, is one of the good preventive control. National Institute of Standards and Technology (NIST) has come out with a CyberSecurity framework, which covers the five main functions, in managing the cybersecurity risk in an organisation: Identify, Protect, Detect, Respond and Recover. In the local front, based on statistics published by MyCert (information retrieved as at 16 Jan 18), it was reported, 76.6% incidents reported were due to fraud (includes phishing, unauthorised transactions, fraud site), intrusion and intrusion attempts. This is an alarming number as a lot of us are transacting via online. A recent trend on Big Data and IOT has added the increasing urgent needs to secure the environment, which once never been thought of. This lead to the questions: What is needed to join the bandwagon? What is it really about? Why does it matter to me? The answer is: Join and be in this masterclass, to understand the items cover in the framework and how it could you be part of the game. •

About ISACA Malaysia ISACA Malaysia is the local chapter affiliate of an international body of information governance professionals known as ISACA (previously known as Information Systems Audit and Control Association, ISACA goes by its acronym only to reflect the broad range of IT governance professionals it serves) and has over 800 local members in Malaysia. The local chapter’s objective is to promote research, standards, competencies and practices for effective governance, controls and assurance of information, systems and technology. As a not-for-profit organisation, the organising committee of this Conference are volunteers. Proceeds from this conference are for the benefit of the chapter's activities. For more information, go to: www.isaca.org/malaysia

Who to attend If you are from, or who wants to enhance your knowledge, in the cybersecurity, assurance, risk and governance disciplines, you would be delighted to find that the Conference has been structured with both business / operational and technical professionals in mind. If you are one of the below, this is the conference that you should not miss: • Executive Officers in charge of technology, security,

governance, risk and assurance • Assurance, compliance and risk management professionals • IT Security / Cybersecurity professionals

• IT Governance professionals • IT consultants and practitioners • Business / operational process managers

Speakers & Facilitators

Dato’ Merina Abu Tahir Merina Abu Tahir is the Head Internal Audit of Malaysia Airlines. She has over 27 years of working experience, locally & internationally. Merina is a Fellow of ACCA, member of MIA and Professional member of IIAM.

Dato’ Dr Haji Amirudin Bin Abdul Wahab Dato’ Dr. Amir is currently the Chief Executive Officer of CyberSecurity Malaysia that monitors sovereignty of the country. He has around 25 years of ICT working experience in the telecom and IT sector in the Government as well as in the semi-government and private sectors.

Tichaona Zororo Tichaona is a member of ISACA Board of Directors, and President of ISACA South Africa Chapter as well as an IT advisory executive with EGIT | Enterprise Governance of IT (Pty) Ltd, an IT Advisory firm based in South Africa.

Brian Hay Brian Hay APM has a rare blend of cyber security skills and business attributes. Long considered a Thought Leader in the world of Cyber Security he learned his craft not from the technical demands of the industry but rather by focusing on the activities of organised crime and cyber criminals.

Mario Bojilov Mario Bojilov is currently Chief Data Strategist at Meta Business Systems, a boutique consultancy firm he founded in 2004. He is a CISA and holds a Master of Engineering Science Degree

Ricardo Goncalves Ricardo joined Barclays in 2017 to head their APAC security intelligence efforts. Before that, Ricardo worked for the last 3.5 years with Commonwealth Bank of Australia shaping the internal cyber intelligence function and working next to the IR and CyberCrime teams.

Murari Kalyanaramani Murari is an accomplished IT and Information Risk Management professional with over 15 years’ experience in Information Security, Outsourcing & Supplier Management, Business Continuity, Information Systems Auditing and IT Risk Management.

Vicknaeswaran Sundararaju Vicknaes is the Head Group Information Security of Petronas and he has 12 years of industrial experience in the IT securities and compliance field, across various business domains. He is also a CISA, CISM, CISSP, and ISO27001 Lead Auditor and holds ITILv3.

Jason Yuen Jason has over 18 years of experience in Information Security, Governance and Controls. He has extensive experience in leading engagements and serving clients in the area of IT Risk, Security and Privacy. He was previously the Industry Advisor in the National CyberSecurity Agency under MOSTI.

Nickson Choo Nickson has over 24 years of corporate and professional experience including being responsible for leading and managing risk advisory services for various professional services firm. His diverse experiences include GST project implementation, technology audits and risk / governance reviews.

Tan Cheng Yeong Cheng Yeong is currently leading the Technology Risk Assurance practice in PwC Malaysia with over 20 years of experience with a specialist team of over 100 helping clients on a wide spectrum of technology risks.

Ho Siew Kei Siew Kei is a Director in Deloitte Malaysia with more than 12 years of experience in risk and controls encompassing IT audit and advisory, cybersecurity assessments, risk assessments and data analytics services for clients in various industries.

Contact Us For more information and registration, contact us at: +6017-219 6225 / officeadmin@isaca.org.my (attention: Mr. Jayaseelan). Full speakers / facilitators profile and the registration form is also available at: www.isaca.org.my

Speakers & Facilitators

Jacob Abraham Jacob is responsible to develop, recommend and implement the overall risk strategy for Group Global Banking for Maybank. The role requires his expertise in areas of market risk, credit risk, operational risk as well as country risk. He has over 20 years of experience in risk management.

Sharala Axryd With a passion for data science and over 15 years of experience in the telecommunications field under her belt, Sharala Axryd is leading the data-driven business transformation and driving the benchmark for data science education in the ASEAN region.

Fong Choong Fook Fong is the Founder of LGMS and a board member of CREST Malaysia chapter. He is a 20-year veteran in the specialized and highly-demanding arena of information security. When it comes to the topics about Cyber Security, Fong is sought-after international speaker.

Retnendran Sivasupramaniam Retnendran is currently a Portfolio Audit Head – Information Technology (IT) within Group Internal Audit Department of AmBank Group. He has more than 20 years of IT Audit experience in the financial industry.

Rodney Lee Rodney is the Chief Executive Officer of DNeX and has been involved in the Information Technology since the early 1990's. Rodney brings with him over 25 years of IT experience with more than 15 years of those, in IT Security

Jonathan Rault Jonathan is the Security Practice Lead for AWS Professional Services in APJC. He specializes in cloud security, risk and compliance. He has worked in various regulated environments in where he is responsible for driving organization-wide information security transformative programs.

Ruben Martin Mondejar Jr Ruben is a seasoned Cyber Security professional who has worked as an information security professional across Asia Pacific and Japan for over 15 years and has a passion for SOC/CSIRT Program Development, Threat Intelligence and Incident Response. He currently leads a Security Practice firm in the Philippines.

Sanjay Sidhu Sanjay is currently an Executive Director of Advisory practise in BDO Malaysia. With 25 years of assurance, he manages a portfolio of internal audit outsourcing, forensic, and risk and governance engagements with clients across a range of industries.

Saurabh Sarawat Saurabh is a Managing Partner with Across Verticals in Malaysia. He has over 20 years of IT experience working with Big-4 Consulting firms and various multinational companies. He was also one of the ISC2 ISLA 2009 Award honouree for leadership in Information Security.

Muhammad Dawud Fadlullah Wilmot Dawud is currently the Head of Systems and Information Security for Maxis. He has been involved in the information security field for more than 14 years and has held various roles related to information security in different organisations.

Wilson Lim Wei Zheng Wilson Lim is a Senior Cyber Security Consultant with SANS GIAC Penetration Tester (GPEN) certification. He has more than 6 years of experience in IT security with experience in BIG-4 and other cyber security.

Lee Chin Hon Chin Hon is serving as the treasurer on the ISACA Malaysia chapter while he is also a Vice President in one of the financial institutions in Malaysia. Chin Hon was previously a Senior Manager for the Centre of Excellence of one of the airlines in Malaysia.

Contact Us For more information and registration, contact us at: +6017-219 6225 / officeadmin@isaca.org.my (attention: Mr. Jayaseelan). Full speakers / facilitators profile and the registration form is also available at: www.isaca.org.my

CYBERSECURITY, IT ASSURANCE & GOVERNANCE CONFERENCE

2018 “CONNECT TO SHARE & SECURE”

Organised by:

Contact Person Details

REGISTRATION FORM Note: This is an editable PDF.

Organisation Name Address

Name Designation Email Tel.

Delegate Details No. Delegate Name Designation Membership # Supporting Org. Business Track Technical Track

1.

BT1 TT1 BT2 TT2 BT3 TT3 BT4 TT4

2.

BT1 TT1 BT2 TT2 BT3 TT3 BT4 TT4

Please choose the concurrent business or technical tracks for the Day 2 program for our logistic / materials preparation.

Fee (For Each Delegate) Conference Only (2 days)

RM2,380 – Normal Delegate RM2,180 – Delegates from Supporting Organisations RM1,980 – ISACA Members

Conference with Pre OR Post Workshop Package (3 days)

RM2,880 – Normal Delegate RM2,680 – Delegates from Supporting Organisations RM2,480 – ISACA Members

Conference with Pre AND Post Workshop Package (4 days)

RM3,180 – Normal Delegate RM2,980 – Delegates from Supporting Organisations RM2,780 – ISACA Members

For special packages of 5 or more delegates from the same organisation, contact us at officeadmin@isaca.org.my or +6017 2196 225 (Mr. Jayaseelan)

Payment Details Please email the payment details / remittance advice for our records before places are confirmed.

Enclosed is a cheque / bank draft payable to INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION Cheque / Bank Draft No. Bank Amount (RM) Direct Bank-In made (Ringgit Only) Bank Information: Malayan Banking Berhad | Account No.: 512231822725 Bank in slip / confirmation MUST be emailed to officeadmin@isaca.org.my or faxed to +603 7726 1257 with cover note stating organisation name / delegate details.

Important Information As good practice, ISACA Malaysia Chapter is informing you that your personal data will be processed, retained and used by ISACA Malaysia Chapter in relation to this training event. Your personal data may also be retained and used by ISACA Malaysia Chapter to market and promote training events conducted by ISACA Malaysia Chapter. ISACA Malaysia Chapter reserves the right to make changes / amendments to the program should unavoidable circumstances arise.

Conference Venue (Click on logo to find out more)

Sheraton Hotel, Jalan Utara C, 46200 Petaling Jaya, Selangor. Tel: +603 7622 8888

Registration will only be confirmed upon receipt of registration form, followed by payment. Payment has to be made before the Conference to guarantee the delegate’s place. Walk-in delegates with payment will be accepted based on availability basis only. A refund minus a service charge of 10% will be levied for cancellations received in WRITING by 16 April 2018. No refund will be made for request after this date. Substitutions are allowed for a registered delegate.

Note: Delegates are responsible for their own accommodation arrangements in Malaysia. ISACA Malaysia Chapter cannot guarantee availability of accommodation or specific rates. Refer to http://www.isaca.org.my for list of nearby accommodation.