Loading…
Total Security Conference Singapore
Attending this event?

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Thursday, November 25
 

8:30am GMT+08

Registration & Morning Networking
Thursday November 25, 2021 8:30am - 9:00am GMT+08

9:00am GMT+08

Welcome Remarks
Thursday November 25, 2021 9:00am - 9:10am GMT+08

9:10am GMT+08

How to Establish the Defence-in-Depth Strategy to Prevent Cyber Attacks and Ensure Cyber Resiliency
With increasingly sophisticated cyber threats, CISOs look to adopt comprehensive approaches that combine multiple technologies to prevent incidents and to detect and repel attacks that breaches the layer of defence. 
  • Crafting the enterprise-wide defence-in-depth strategy 
  • Mitigating cyber security risks and protecting against hidden malicious threats through defence-in-depth strategies 
  • Building stronger defence with different security measures 

Speakers
avatar for Yum Shoen Yih

Yum Shoen Yih

Director (Cybersecurity Programme Centre), Cyber Security Agency of Singapore
Yum Shoen Yih is a Director Cyber Security Programme Centre (CSPC) at the Cyber  Security  Agency  (CSA)  of  Singapore.  He  is  responsible  for  securing classified   government   networks   and   systems   and   to   implement   security programmes to enable... Read More →


Thursday November 25, 2021 9:10am - 9:30am GMT+08

9:30am GMT+08

Achieving Holistic View of Cyber Threats with Extended Detection and Response (XDR)
XDR, billed as a natural extension to the capabilities of Endpoint Detection and Response (EDR), provides visibility across endpoints, network, cloud and more. Explore how the broader capability of XDR can help detecting and responding to attacks through analyzing threat information from multiple sources and responding automatically.

Thursday November 25, 2021 9:30am - 9:50am GMT+08

9:50am GMT+08

Beyond Perimeters: Embracing the Zero-Trust Paradigm for Improved Access Control and Breach Containment
As enterprises digitize for remote capability and cloud-enabled agility, data, assets, applications and services now reside, and are accessed from, outside the traditional security perimeter. To ensure security, CISOs must adopt a “never trust, always verify” mentality.  
Providing least privileged access and implementing granular segmentations also help mitigate risks and limit attackers’ lateral movements when breaches occur 
  • What constitutes zero trust: concepts, architecture and infrastructure explained 
  • Revamping the architecture and infrastructure to facilitate zero trust 
  • IAM, authentication, endpoint security, detection, monitoring, and orchestration: what are the tools needed to enable zero trust? 
  • How to integrate existing tech and security solutions into a zero-trust paradigm? 
  • How to implement zero trust concept in the technology supply chain? 

Speakers
avatar for Lim Shih Hsien

Lim Shih Hsien

Chief Security Officer, Singapore Power Group
avatar for Mathieu Lahierre

Mathieu Lahierre

Principal Application & Data Security, BHP
Mathieu joined BHP in February 2017 in the newly created role of Principal – Data Protection and is responsible for enforcing protective controls as Subject Matter Expert.He worked in financial institutions for 8 years where he was stakeholder on large-scale Data classification... Read More →
avatar for Leonard Ong

Leonard Ong

Senior Director | Regional Information Security Officer, APAC, GE Healthcare
A board-certified security management professional with over 20 years of experience gained in investment banking, telecommunication, enterprise, pharmaceutical and healthcare sectors.Leonard has been serving in several International and Singapore-based security associations.    His... Read More →


Thursday November 25, 2021 9:50am - 10:30am GMT+08

10:30am GMT+08

Enhancing Zero Trust Postures with Autonomous Self-Learning AI
Insider threats, supply chain attacks, and compromised credentials appear again and again in today’s high-profile cyber-attacks. Meanwhile, organizations are opening up new doors to attackers as they adopt cloud, multi-cloud, and hybrid infrastructures. The ‘zero trust’ model of security has become an increasingly popular framework for organizations seeking to protect themselves amid digital transformation efforts and new ways of working.
In this session, discover:
  • How today’s threat landscape is continually expanding, with evolving attack methods such as double-extortion ransomware
  • How AI can complement zero trust and integrate with its architecture
  • How self-learning AI detected and analysed a 2FA compromise via a hijacked Microsoft 365 account

Speakers
avatar for Melissa Lim

Melissa Lim

Director, ASEAN, Darktrace
Melissa is the ASEAN Director for Darktrace, with 5 years of successful experience helping organisations in the region leverage new technologies to solve complex business problems. A champion for self-learning AI in Cyber Security, Melissa leads the Darktrace team in its expansion... Read More →


Thursday November 25, 2021 10:30am - 10:50am GMT+08

10:50am GMT+08

Coffee Break
Thursday November 25, 2021 10:50am - 11:20am GMT+08

11:20am GMT+08

Controlling Least Privileged Access by Combining IAM and PAM Effectively
To ensure that only the right people have the right level of access to the right systems and assets in the right context, a combination of IAM and PAM is needed. Find out how these approaches can best be combined and what tools are needed to support least privileged access.

Thursday November 25, 2021 11:20am - 11:40am GMT+08

11:40am GMT+08

Smart Security: The Role of AI/ML in Detection and Response
With supply chain compromises and user account takeovers headlining some of the latest major incidents, cybersecurity professionals are moving away from signature-based detection to more behavioural-based ones. This necessitates the use of AI/ML in the multi-layers of defences, including UEBA, NGFW, and SOAR. 
 
  • Abnormality detection and automated response: How are AI/ML effective? 
  • Which area in the defence strategy is AI/ML most prime to reinforce? 
  • How to weave together signature-based and behavioural-based defences for comprehensive protection? 
  • Understanding the limitations of AI/ML in cybersecurity applications 
  • How can white hats be equipped to counter potential AI hacks from malicious actors?  

Speakers
avatar for Dr. Estelle Wang

Dr. Estelle Wang

Team Lead for Singapore Security & Privacy Competence Center, Continental Automotive


Thursday November 25, 2021 11:40am - 12:20pm GMT+08

12:20pm GMT+08

Secure Networking: Preparing for Imminent Secure Access Service Edge (SASE) Adoption to Enable Seamless Protection
As digitized enterprises increasingly host their data and applications on cloud and edge for latency-free, uninterrupted services for users across the globe, CISOs need to rethink their network security approaches to adapt accordingly. A cloud-based model is required to ensure consistent security policies, facilitate seamless and secured access, and reduce complexity in security management. The emerging SASE model could be the answer. 
 
  • How to enable better security on the cloud and edge? 
  • What is SASE: concept, capabilities and limitations 
  • How CISOs can prepare their organizations for near-term implementation of SASE? 

Thursday November 25, 2021 12:20pm - 12:40pm GMT+08

12:40pm GMT+08

Networking Lunch
Thursday November 25, 2021 12:40pm - 1:40pm GMT+08

1:40pm GMT+08

Integrating Security and Functional API Testing in Automated Platform
Explore how an automated API testing platform can efficiently pinpoint security vulnerabilities during development phrase.

Thursday November 25, 2021 1:40pm - 2:00pm GMT+08

2:00pm GMT+08

Securing Cloud: Overcoming Hybrid Challenges and Supply Chain Risk
In a dynamic hybrid cloud environment where application and workloads are shifting day-to-day between public cloud, private cloud, and on-prem servers, securing them can be a challenge. Being reliant on cloud service providers (CSPs) for cybersecurity could also be less than ideal. 
 
  • Best practices in protecting applications, services, and loads that move between hybrid cloud 
  • Public cloud ecosystem: Are security tools offered in marketplaces sufficient? What does it take for CSPs to allow companies to implement other solutions in their arsenals? 
  • How to gain visibility on security readiness from CSPs, in additional to the once-a-year due diligence? 
  • Data centre hubs in Southeast Asia: How are CSPs securing these targets from bad actors? 

Speakers
avatar for Leonard Ong

Leonard Ong

Senior Director | Regional Information Security Officer, APAC, GE Healthcare
A board-certified security management professional with over 20 years of experience gained in investment banking, telecommunication, enterprise, pharmaceutical and healthcare sectors.Leonard has been serving in several International and Singapore-based security associations.    His... Read More →
avatar for Rubaiyyaat Aakbar

Rubaiyyaat Aakbar

Head of IT and Cybersecurity, DocDoc Pte Ltd
Rubaiyyaat Aakbar is a seasoned IT professional with 17 years of diversified experience in information security governance, application security development lifecycle, information risk management, cloud security, IT project management and privacy compliance. He holds multiple professional... Read More →


Thursday November 25, 2021 2:00pm - 2:40pm GMT+08

2:40pm GMT+08

Detecting Security Issues in Application Development Lifecycles
Speedy identification and remediation of security vulnerabilities in seamless CI/CD environments is key to fast-paced application development and deployment. To achieve this, you need a healthy relationship between security professionals and software developers, an established devsecops process and culture, and the right tech tools. The speaker will share his perspective.

Thursday November 25, 2021 2:40pm - 3:00pm GMT+08

3:00pm GMT+08

Coffee Break
Thursday November 25, 2021 3:00pm - 3:30pm GMT+08

3:30pm GMT+08

Securely Innovate: Remaining Secured While Leveraging New Tech Developments
Enterprises are seeing rapid technology developments and deployments in their quests to be agile and innovative. Security professionals must infuse adequate security into such digital initiatives and digitized processes without blocking innovations. 
 
  • How security can be integrated into the initial phase of application and software development, regardless of it being on cloud or on-prem, and using waterfall or agile methodologies? 
  • CI/CD in the cloud: What are the learnings and pitfalls? 
  • DevSecOps: How to onboard the development team to the integrated model  
  • Susceptibility of APIs: How to reinforce the robustness of API connections and prevent malicious payload? 

Speakers
avatar for Rubaiyyaat Aakbar

Rubaiyyaat Aakbar

Head of IT and Cybersecurity, DocDoc Pte Ltd
Rubaiyyaat Aakbar is a seasoned IT professional with 17 years of diversified experience in information security governance, application security development lifecycle, information risk management, cloud security, IT project management and privacy compliance. He holds multiple professional... Read More →
avatar for Boris Hajduk

Boris Hajduk

CISO, Tokopedia


Thursday November 25, 2021 3:30pm - 4:05pm GMT+08

4:05pm GMT+08

Incident Response and Recovery: Boosting Visibility and Resiliency for the Inevitable
Cyber incidents are on the rise in Singapore, with increasingly sophisticated ransomware continuing to pervade. Given the consensus that breaches are inevitable, the focus is on timely detection, notifications, response, and recovery. This is to delay and contain breaches to reduce the potentially devastating outcomes in forms of operational downtime, data loss, and intellectual property theft. 
 
  • How to overcome the threats of ransomware, including "leak and shame" and "double extortion" tactics? 
  • How to establish timely visibility for incidents to better mitigate the fall out? 
  • Tackling incidents and resuming services: how fast is fast enough and how to achieve it? 

Speakers
avatar for Daryl Chew

Daryl Chew

Regional Information Security Officer (APAC), Anglo American


Thursday November 25, 2021 4:05pm - 4:40pm GMT+08

4:40pm GMT+08

The Immediate Road Ahead: CISOs in the Wake of Pandemic-Induced Virtualization
CISOs are dealing with the repercussions of the hastened digitization and virtualization efforts induced by COVID-19. In the immediate wake of prioritizing business continuity over security, what should CISOs focus on in the near term? How can CISOs navigate the dynamic security landscape characterized by unknown emerging threats and face-paced innovations?

Thursday November 25, 2021 4:40pm - 5:00pm GMT+08

5:00pm GMT+08

Closing Remarks
Thursday November 25, 2021 5:00pm - 5:15pm GMT+08