Bill Taylor, Senior Vice President of LogRhythm Asia Pacific and Japan, is responsible for working with the APJ Security community on LogRhythm’s award-winning Security Intelligence Platform, allowing them to detect and respond to breaches and the most sophisticated cyber threats faster and with greater accuracy than ever before. Prior to LogRhythm, Bill headed up regional businesses for Acronis and Symantec. At Symantec, Bill led both the security and storage divisions, and spoke regularly on security risks and vulnerabilities. Bill also sits on a regional Cyber Security Council, which provides advisory to both government and commercial entities, addressing current and future cyber-security challenges. Bill has provided insights into cyber security topics across media titles such as Bloomberg, Channel NewsAsia, The Straits Times and Business Times.
The security threat landscape is constantly changing; attacks are becoming more frequent and increasing in severity. Technologies such as cloud computing, social networks and powerful mobile devices are making networks more porous, creating more opportunities for attackers to infiltrate organizations. As many breaches go for months before they are detected, organisations are starting to take a more proactive approach to cyber-security. As leaders, the desire to implement best practices in cyber defence is far greater than what the budget often allows. Coupled with the irony of clever attackers’ ability to exploit gaps in those defenses regardless of their comprehensiveness, you are faced with the cybersecurity conundrum. In a resource-constrained environment, you must consider how to build a balanced security framework that is wholly effective for the business, despite the conundrum. This requires a new mindset in harnessing security intelligence, and time and accuracy matter most.
Mr Doron Tenne is a senior manager and leader with more than 25 years of military, intelligence Counter Terrorism and Cyber Security experience.
Mr Tenne excels at making decisions in a changing and complex environment and creates successful strategies and operative responses.
His leadership style is built around vision design, inspiration, professionalism, analytical ability and personal communication skills, which allows Mr Tenne to direct large operational units and manage strategic and operational missions with great efficiency, and to great effect.
The presentation will define the challenges that the enterprise face, both Digital and physical, the main threat landscape and our threat intelligence program. Our main challenges (internal + external) in a very changeable and competitive markets, our basic working assumption, our strategy, the Security model and the approach within more than 15 Security programs, Monitoring Methodologies especially in order to detect Cyber threats (based on my Counter Terrorism & counter Cyber experience). Our Global complicated concept, cover Corporate, Operations and solution layers, I will demonstrate the United Cyber and Physical Security Model that we have developed. It presents all components needed to be address (portfolio) and must be well manage. It will also highlight the upcoming Security new trends across the world (physical and Cyber). It will be include protecting the business, the assets, information and of course the employees. It is not a Theoretical presentation, it reflects our reality.
Ginnwann Teo is the Head of pre-sales engineering for Cyberbit APAC, responsible for managing the team across South Asia.
As a recognised industry security veteran with more than 16 years’ experience in various security consulting roles across Asia. Ginnwann is widely regarded as a respected authority on information security.
Before Cyberbit, Ginnwann was SE manager for Check Point in South Asia, where he worked closely with all partners and customers through his team of engineers to advise and support the sales consultants during the pre-sales cycle. He was also the leadership point of contact between partners, strategic customers and channels, and technical marketing and product management groups.
Teo earned his Bachelor of Science, Computer Science degree from the National University of Singapore in 1997, and has worked in the I.T. industry since then.
In June 2017, a new malware was discovered, targeting national electric power grids and critical infrastructure. The malware, nicknamed Industroyer, is believed to be behind the massive Black Energy attack on Ukraine in 2016, which caused a blackout for several hours.
One of the unique aspects of Industroyer is that it started in the IT network and moved slowly to the OT – operational network to attack the electric grid.
This is a characteristic of all recent attacks on critical infrastructure, which started in the IT network. However, governments and critical infrastructure providers often fail to put a full-stack, OT/IT security plan in place.
This session will provide a detailed analysis of Industroyer, and other IT/OT attacks, and will present a new, centralised security approach adopted by government organizations to address this new reality.
Srini has twenty-two years of experience in Information security governance and management. At Rapid7 Singapore, Srini holds the role of Senior Cyber Security Advisor to clients in Asia Pacific region. In his role, he is responsible for Cyber Security consulting, Risk advisory and Professional services delivery to clients in Singapore and Asia Pacific countries.
In his past career, he had played roles of TISO and Security Manager, where he was responsible to shaping and driving cyber risk management and cyber security technical solutions to various global corporations.
With cyber threats becoming more stealthy and persistent, enterprises' executive leadership needs increased visibility into their Cyber security posture and their adaptive resilience on a continual ongoing basis.
This paper outlines the role of adaptive resilience framework building in Cyber operations and response, using technologies such as security analytics and dynamic threat intelligence. The adaptive resilience framework leverages the strengths of people behavioural analytics (both enterprises' business users and perpetrators) and machine learning data, and help to step up the cyber security posture of enterprises adaptively.
Phil has worked in the network security industry for 15 years holding senior level engineering roles at successful US based startups including BreakingPoint Systems. He was a guest lecturer at the RSA Conference as well as Blackhat, ToorCon and many other prestigious security events. Phil is currently in charge of Ixia’s security business for the APAC region.
In order to properly implement security landscape, it is crucial to leverage Threat Intelligence into the solutions to ensure that your security posture is operating on the most current information and capable of identifying current attacks and giving the most precise visibility into the events in your network. This lecture will delve into the combination of security and threat intelligence citing examples of best practices and current trends being implemented. The content will be suitable for all audiences ranging from those interested in cyber threat landscape as well as experienced operators interested in more intelligence details
Dr Jim Treinen is the VP of Threat at Carbon Black. In this role he is responsible for original threat research and operationalizing threat intelligence. He is an expert in machine learning, behavioral analysis, and malware analysis. He has built advanced detection and prevention systems for both network and endpoint security products. Dr Treinen holds multiple patents, and has authored numerous publications. Prior to joining Carbon Black, he led security research at ProtectWise, where he built and managed the threat research and data science teams. As the Chief Technology Officer at Laconic Security, he designed and built a platform for truly private data exchange. Previously, Jim led the security analytics mission for IBM Security Intelligence. He holds a Ph.D. and a Master's in computer science from the University of Denver, specializing in machine learning and graph algorithms, and received a bachelor's in computer science and mathematics from Regis University.
This talk is not a vendor or product talk. Rather, it is a survey of current attack trends. I will discuss, in detail, current evolutions in attack strategies. Techniques that were once the domain of APTs are rapidly commoditizing. Greater than 50% of the most common attacks are now malwareless, dropping no binaries on the target. Attackers are increasingly living off the land, using tooling such as Powershell to compromise their targets, or hiding in the registry, all as a means of bypassing security controls, gaining a foothold, and then moving laterally or stealing valuable data. Attacks that do use malware are increasingly target aware. Additionally, what was old is new again, Macros are back, but in a way that has borrowed from the world of APTs. Worms are increasingly rare, I will close with a discussion of EternalBlue, and potential pending attacks due to the CIA & NSA leaks.