Mr Goh Eng Choon is the Senior Vice President and General Manager of ST Electronics (Info-Security) Pte Ltd. A technology-driven company that focuses on advanced info assurance security products and cyber security capabilities.
He has since lead the company to deliver a full spectrum of cyber security solution which includes the ability to design, build and operate Cyber Security Operations Centre and also to conduct cyber security training at ST Electronics Cyber Security Centre. His previous appointments were a full-time career military officer with the Singapore Armed Forces and a Managing Director of a SME specializing in security, command and control.
Mr Goh Eng Choon was awarded a training award by the SAF to attain a Bachelor’s degree in Electrical & Electronic Engineering from National University Singapore. He was also awarded a SAF Postgraduate Scholarship in 2001 to attain a Master of Science in Information Studies from Nanyang Technological University. He has also completed the Stanford Executive Programme in Stanford University this 2016.
Digital transformation and the spike in security breaches over the past few years have shown that we can expect cyber-attacks to increase dramatically and become more complex. As our increased digital activities and connectivity will expose us to larger and wider cyber-attacks for hackers, understanding cyber threats and building key strategies to protect and defend critical digital data are now top priorities for enterprises. Is “Isolation Strategy”, an extreme security approach adopted by government agencies in the protection against cyber-attacks, an effective and preferred tactic for enterprises to protect organisations’ data and assets? What are the key considerations for enterprises to attain high security assurance while balancing process efficiency and productivity?
Mike Gordon currently serves as Director, Intelligence & Operations and Deputy Chief Information Security Officer within Lockheed Martin’s Corporate Information Security organization.
Mike has over fourteen years of experience in the information security field. Mike oversees Lockheed Martin’s Intelligence Driven Defense® operations, including both the Computer Incident Response Team (CIRT) and a global network of Security Intelligence Centers.
Mike represents Lockheed Martin to the Network Security Information Exchange (NSIE), and serves as the Vice-Chairman of the Board for the Defense Security Information Exchange (DSIE). He actively participates in the DoD/DIB Cyber Task Force Working Groups and is responsible for managing the corporation’s relationship with the DC3 DoD/DIB Collaborative Information Sharing Environment (DCISE).
Mike holds an undergraduate degree in Engineering Physics and Masters in Technical Management from Embry-Riddle Aeronautical University as well an MBA and Masters of Information Assurance degrees from the University of Dallas.
An evolution in the goals and sophistication of computer network intrusions has rendered classic tools and techniques for defending sensitive data ineffective. The new class of threats, appropriately dubbed the "Advanced Persistent Threat" (APT), represents well-resourced and trained adversaries that conduct multi-year campaigns targeting highly sensitive economic, proprietary, or national security information. These adversaries accomplish their goals through the repeated use of advanced tools and techniques designed to defeat most classic computer network defence mechanisms, launching multiple intrusion attempts throughout the course of the campaign.
Proper network defence techniques which leverage knowledge about these adversaries can create an intelligence feedback loop, decreasing the likelihood of success with each subsequent intrusion attempt. In particular, modelling how intrusions are executed (known as the adversary's "kill chain"), understanding key indicators that define campaigns, mapping those indicators to available courses of action, and understanding the iterative nature of intelligence gathering form the basis of this intelligence-driven model for computer network defence. Institutionalization of this approach reduces the likelihood of success of adversaries and informs network defence investment and prioritization, mitigating the element of risk posed by these APT threat actors.
Will Gragido is a seasoned security professional with over 20 years’ experience in networking and information security. Will’s extensive background is the result of his service as a United States Marine, a consultant with the world renowned International Network Services, Internet Security Systems (now IBM ISS), McAfee, Damballa, Cassandra Security, RSA Netwitness, Carbon Black, Digital Shadows and now Digital Guardian where he leads the organization’s Advanced Threat Protection Product Line as its Director.
With all the unknown threats trying to penetrate corporate environments, it’s imperative to take proactive measures to identify and stop them before they turn into serious security incidents. In this session Will Gragido, Director of Advanced Threat Protection at Digital Guardian, will outline his experiences leading threat research teams at multiple companies, where he was defending against sophisticated attacks. Will Graigido will dive into threat hunting as it relates to the overall incident response framework and provide actionable advice on how to improve your success rate.
Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-founder and CTO at Mu Dynamics, which pioneered a new way to analyse networked products for security vulnerabilities. Prior to Mu, he was a distinguished engineer at Juniper Networks. Kowsik joined Juniper via the NetScreen/OneSecure acquisition where he designed and implemented the industry's first IPS. He has more than 15+ years of experience in diverse technologies like security, cloud, data visualization, and computer graphics. Kowsik has 18 issued patents and holds an MSCS from University of Louisiana.
Security in today’s world is imperative. Without security, breaches, attack, and exploits would be more rampant and virulent than they already are. Many organizations feel their cybersecurity defences are “good enough”; that is, their defences can identify, assess, and categorize good web access, email, traffic, or anything else, versus bad 99% of the time. However, if that organisation is being hit by even only 1,000 attacks per day, that still means 10 attacks are likely to get through their cybersecurity defence daily. All it takes is one person to click on a web link in a phishing email delivering malware, ransomware, trying to steal credentials, or worse, and a company is hacked, their data breached, open to monetary fines and damages, and a reputation years being built is in tatters. With this perspective, is security that is “good enough” still good enough?