Jeremy Chua is a Software Security Architect with HPE Security Fortify.
Jeremy has more than 8 years of experience in software engineering and application security. He graduated with B.Eng Electronic Engineering and M.Sc Management of Technology. He got several security certifications; CISSP, CSSLP, CEH and ECSA. He has successfully helped organizations build, enhance and expanded their application security program.
By 2020 IT will need to release applications 120x per year. Between managing the need for agility in innovations and quality assurance, you cannot afford security to be a barrier in speed within your new SDLC. Join us as we share 3 practices to realise your goal towards agile and secure application development, delivery and operations.
Vikas came to IBM with a distinguished track record, having held senior positions earlier with Citibank, RSA Security, Sun Microsystems and Netscape Communications. In his previous role at Citibank he worked as a Senior VP for Application Security. Prior to that at RSA he worked very closely with some of the largest Banks in Asia-Pacific to design their Cybersecurity initiatives. Vikas has lived and worked in Singapore, India, United States and France.
As cybercrime continues to scale, staying ahead of every threat can seem nearly impossible. Learn how Watson is using AI to augment human intelligence, arming your security team with the insights to defend your business from hackers.
Evan is a 16+ year veteran of startups & large enterprises where he has been involved in helping to launch & scale business through sales, business development, and services. At Check Point, Evan is part of a multi-cultural team using cutting edge technology to help Customers & Partners secure their business and enable growth through the prevention of Threats in the network, on endpoints, mobile devices and in the cloud.
Evan is responsible for Check Point's Emerging Technologies including Threat Prevention, Mobility, and Virtualization strategic products across APAC, Middle East & Africa as well as developing relationships in key accounts to Identify and solve customer problems. Evan is focused on ensuring customer satisfaction by collaborating with customers, partners, and internal resources. Throughout our region Evan advocates threat prevention, Mobile, and Virtualization best practice to the market looking to ensure visibility and transparency of our solutions.
With the current trends facing organisations and the events that have led to this situation, we’ll delve into a number of matters relevant in today’s security climate:
Tarun Gupta is Regional Solutions Architect at Trend Micro. With close to 15 years of experience in helping clients to improve and establish their secure posture spanning endpoints, networks, servers, cloud and the Internet of Things. A technical expert in endpoint and network security for industry verticals like Manufacturing, Health Care, Banking Financial, Telecommunication, Insurance etc.
In a threat landscape that continues to evolve, your organization has to be better prepared to stave off threats. Attacks can go unseen for weeks because threats are increasingly difficult to detect, and there is a lack of visibility and threat intelligence to provide insight for quick remediation.
But attacks that go unnoticed are just the beginning. Your pain point could be the siloed security products you’re using that don’t work together. Risky user behavior. Or anything that endangers your data or dulls your competitive edge. In this session, Mr Tarun Gupta will share how can you partner with Trend Micro to fight against the evolving threats.
Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-¬founder and CTO at Mu Dynamics, which pioneered a new way to analyze networked products for security vulnerabilities. Prior to Mu, he was a distinguished engineer at Juniper Networks. Kowsik joined Juniper via the NetScreen/OneSecure acquisition where he designed and implemented the industry's first IPS. He has more than 15+ years of experience in diverse technologies like security, cloud, data visualization, and computer graphics. Kowsik has 18 issued patents and holds an MSCS from University of Louisiana.
Phishing in Singapore and ASEAN seems to be a never-ending issue. According to reports, phishing initiates more malware, ransomware, and credential theft than any other delivery mechanism. Singapore is reportedly the fifth largest global target for phishing. Earlier this year, Interpol Asia uncovered hundreds of compromised websites across Asia ready to serve as phishing websites, in addition to thousands of command-and-control servers. Then there’s the human factor: With phishing emails becoming more sophisticated and harder to catch, users are more prone than ever to click on a web link in an email or to download an attachment. It takes one user to click on a suspicious email link or download an email attachment, and an organization’s data is breached or held for ransom. But, a technology is available that ensures phishing attacks are disabled before they can begin: Isolation. Isolation makes it safe to click.
Alfred has a strong track record in network security with over 15+ years of experience creating network security firewalls. As Vice President of Product Management at Palo Alto Networks, he is responsible for directing the product features and roadmap for threat intelligence, threat prevention, and the hardware product line. Alfred is particularly passionate and experienced in intrusion prevention systems, threat management, and firewall solutions, which helps him maintain a clear perspective on what is needed to help organizations achieve a secure network environment. Prior to Palo Alto Networks, he held various product management positions at Trend Micro and Fortinet.
What are the economics of ransomware attacks from a risk and reward perspective? Let's analyze the data of the likelihood of a ransomware attacker getting caught and what would the potential penalty be? Then weigh that against the potential profit a ransomware attacker could generate. The results may tell a story of how we may be incentivizing more ransomware attacks. Much like the business model of any successful company, the ransomware business model is based on trust. How ransomware attackers are similar to entrepreneurs running an online business. And with increasingly more connected devices like smart home IoT devices and connected cars, will ransomware attacks target higher value assets?
Nishant Ranjan, has over 16 years of experience in Information Security & Technology domain working across different APAC countries of APAC such as Australia, India & Singapore. As a Regional Solutions Architect with McAfee APAC, he has worked closely with different vertical customers such as Governments, Banks, Financial Institutions, Telcos, & MSSP Service Providers and has communicated McAfee strategy on effective handling of emerging security threats using McAfee Security Connected platform. He is certified Enterprise Security Architect from SABSA UK and have also participated as speaker in mulitple ISC2 events.
In digital combat, Organizations of all sizes are at risk from nation-states, hacktivists, organized crime, malicious and accidental insider threats. While sophisticated attacks such as Ransomware creates huge challenge for protection of critical assets, information & business reputation; the knowledge and capabilities gap between attackers and defenders is mandating fundamental approach to Enterprise Security.
In this session you will learn how Adversaries are becoming smarter in evading sandbox detection methods with examples of different advance attacks and how it has driven industry vendors including McAfee to innovate and use advance detection techniques on the Endpoint to counter it.
Valerian Rossigneux has over 11 years of functional experience with providing a wide range of Enterprise Security and Technology consulting services to clients in multiple geographies. Valerian has a deep understanding of technology and services fundamentals, which enables him to recognize the challenges with information security management. As a seasoned risk practitioner, Valerian knows the information security threat vectors and understands how they operate. This has enabled Valerian to design and deploy effective information security strategies and controls, as well as provide guidance to investigate and respond to incidents where controls may have been breached and sensitive information compromised. Prior to joining FireEye, Valerian was Security Architect at Airbus Defence and Space CyberSecurity, the European specialist in Cybersecurity acting as a trusted advisor to help organizations assess and mature their Cybersecurity capabilities and build their next generation SOC/CIRT around Usecases, Incident Response, Endpoint & Network Forensics and Logs Analytics.
Today’s endpoint security products struggle to deliver on their solution promises leaving gaps in the attack lifecycle that expose organizations to risk of significant business impact. Some vendors tout “next-generation endpoint security,” but what does that mean? Hear why threat intelligence is important to cut the hyperbole by understanding the current threat landscape. Learn from FireEye what the future of endpoint security needs to look like to truly tackle the challenges of the threat landscape.
A single endpoint agent that includes (1) multiple engines to prevent a wide range of known and unknown attacks; (2) integrated tools that enable intelligent detection, investigation, and remediation workflows; and (3) scalable, multiple form factors and breadth of OS support.
Nick Savvides is responsible for Symantec’s Cyber Security Strategy across Asia Pacific and Japan. In this role, Savvides’ charter is to provide local market insights that influence global strategic planning and product development. Savvides works also with organisations and governments to develop their cyber security strategies and solve complex business problems. He has worked on some of the largest business information security projects in Australia, affecting the way many Australian’s interact with their employers, banks and governments.
An information security expert, with more than 20 years’ experience, Savvides has spent the last 11 years at Symantec in various product and sales engineering roles. He has presented at more than 60 conferences, contributed to many high profile panel discussions and regularly appears in the media on cyber security related topics.
Prior to joining Symantec, Savvides worked for The University of Melbourne in various IT related roles. Most notably, Savvides managed the computing technologies at the Centre of Excellence for Quantum Computing and was responsible for developing nuclear microprobe analysis and diagnostic tools.
Savvides is an active member of the IT Security community and a member of a number of industry bodies. He is a Science graduate of The University of Melbourne majoring in Physics and Computer Science.
Traditional approaches to data protection have started to hit their limits in a cloud first world, while regulators are expecting to organisations to protect their data even outside of their borders. To address this, Symantec has worked to take a new approach to data protection, where data is protected and instrumented even when it is outside your environment, existing on unmanaged systems, accessed over uncontrolled networks and used by external users. This is achieved by combining leading Symantec’s world leading DLP technology with CloudSOC CASB, VIP Authentication and PGP Encryption to deliver a unique and unrivalled data loss protection and prevention capability that is transparent to users.
Shi Chao joined Synopsys 2 years ago as sales engineer. He possesses 12 years’ experience in software development. He has expertise on 2D/3D graphic, PC BIOS, equipment driver, desktop applications, and web development. He worked in different roles including software engineer, system architect, scrum master, code reviewer, etc. Before joining Synopsys, Shi worked with IHPC, AMD, LTX-credence, and Xilinx. With Synopsys SIG group, he helps customer in the region to understand and manage software quality and security issues using Synopsys solutions, including SAST, DAST, SCA, fuzzing, etc. Shi Chao holds a Master of engineering and Bachelor in Electrical & Electronics Engineering both from Nanyang Technological University, Singapore.
"Why software is eating the world?" was a statement made by Marc Andreesen six years ago in his Wall Street Journal article. His article talked about why every company needs to become a software company and, today, that statement is considered a cliché. No matter which industry you are in, you are expected to evolve, because no one wants to be the victim of getting completely off-guarded like local taxi companies by companies such as Uber.
The challenges that organizations face when evolving to this new era, such as IOT, can be great and learned best practices from software industry may not be in their DNA today. This presentation focuses on giving a snapshot how the software industry has been learning from the mistakes, like improving their SDLC practices for Continuous Integration, and what are the common norms today to consider when moving your organization to higher security maturity level.
Freddy Tan is a Certified Information Systems Security Professional (CISSP) with a MSc in Information Systems Security awarded from the London School of Economics & Political Science (LSE), University of London.
Freddy Tan also participated as a working committee member on various infocomm security masterplan projects with the Singapore Infocomm Development Authority of Singapore (iDA). He was also a member of the Singapore National Infocomm Competency Framework (NICF) Technical Committee since 2002.
He was awarded the (ISC)² President's Award in 2003 by (ISC)² and serves as a board member of the (ISC)² Board since 2008 and chaired the board in 2012 and 2013. In 2013, he served on the Executive Council of SiTF Security and Governance Chapter, and was chair of the chapter for 2014 and 2015. He was appointed as the APAC Strategy Advisor for Cloud Security Alliance from 2013-2016.
Cyber-attacks on the digital infrastructure could disrupt these services of governments, businesses and society. Unfortunately, cyber criminals are also taking advantage of this ecosystem for financial gain through online fraud, distribution of undesirable materials e.g pornography and cyber-stalking.
Some telecommunications carriers are transforming the way they operate to develop and promote effective network and data defense capabilities. Telecommunications carriers are playing a more active role in cyber security, engaging government and industry stakeholders in a broad variety of cyber infrastructure resilience initiatives. This takes the form of engaging partners on R&D and innovation efforts to promote greater collaboration, cyber awareness and outreach among key stakeholders.
Cyber-attacks are here to stay and can only grow more dangerous and sophisticated as the Internet ecosystem evolves. The efforts by telecommunications carriers to deploy effective measures will contribute to enhancing on our national security posture.
Lennie Tan is the Vice President & General Manager for One Identity Asia Pacific & Japan. He has more than 20 years in the software industry across various technologies. Before taking on the role to manage the One Identity business in APJ, Lennie was the Technical Sales Director for Dell Software APJ, looking after more than a hundred technical presales resources, as well as the professional services organization.
Prior to this, Lennie Tan has assumed various technical management positions, in Dimension Data Singapore, Sun Microsystems, and IBM Singapore. His background spans across multiple technologies as systems integrator, with the later years focusing on the Identity & Access Management space.
Privileged access management solutions have been around for a long time, but lately we have seen an increase in the number of projects failing. This is due to complex architectures and the time-consuming process of securing the solution. Attend this session with One Identity (a pioneer in the PAM space for the last 16 years) to learn some of the reasons PAM projects fail as well as steps you can take to ensure yours doesn’t.
Mr Vincent Tang Swee Pang is the Deputy Technical Director of Programme Group in ST Electronics (Info-Security) – a technology-driven company that focuses on advanced info-assurance security products and cyber security capabilities.
He is leading a team of FPGA engineers that develop indigenous and robust hardware solution for the government and Ministry of Defence. Since 1999, his career took off as a software engineer with us and has vast knowledge and deep expertise in the different field of engineering such as hardware, firmware, FPGA and software engineering.
Mr Vincent Tang Swee Pang attains a Bachelor’s degree in Electronics from University of Birmingham, UK. He was also awarded a NUS scholarship in 2002 to attain a joint Master in Technology Design (Embedded) from National University of Singapore and Eindhoven University of Technology, Eindhoven.
As our increased digital activities and connectivity will expose us to larger and wider cyber-attacks for hackers, understanding cyber threats to protect digital data are now top priorities for enterprises. The speaker shall share about the key considerations for enterprises to attain high security assurance while balancing operational efficiency. To illustrate how Black Computer achieve Security at Your Convenience by having dual workspace architecture with dual operating systems and network in a single computer. It also demonstrates how its system safely performs isolation in guarding against any exploitation like Ransomware through its hardware-defined segregation technology. The speaker will share valuable insights on ST Electronics deep engineering expertise, how it is translated to offer layered defences, ensuring security and convenience at the highest level.
Brett is an Information Security Professional and is widely recognized for his extensive and in-depth knowledge of the IT security landscape. He has had experience working across industry sectors including finance, government, health and education, he is responsible for helping customers better manage their cyber risk and information security across their enterprises.
Brett has over 25 years’ experience working in IT infrastructure and Security with a focus on incident response, advanced threat detection, security operations and digital forensics.
Currently, Brett is Director of Sales Engineering for Asia Pacific and Japan at Carbon Black. Where he works with customers to build solutions to detect, respond and prevent advanced cyber-attacks on end points from desktops, servers, ATMs and industry control systems.
Advanced attackers are difficult to stop using basic prevention and detection solutions. They innovate rapidly, manoeuvre around these defences to accomplish their objectives. To keep up, security managers know they must incorporate human-driven threat hunting into their security programs as a supplement to their prevention and automated detection. Combining skilled defenders together with automated detection and response tools, is the only way to keep up with skilled attackers. Threat hunting is the evolution of detection. It turns the tables on adversaries by combining human knowledge and intuition with technology to proactively disrupt hidden threats. Hunting requires continuous recording and a centralized repository of endpoint activity that only Carbon Black can provide, so defenders can actively search for potential compromise, instead of waiting for detection alerts. This session will provide guidance around what is threat hunting, building the capability and real-world examples of attacks discovered by proactive threat hunting.