IDGA

Become a Government IQ Member and receive our weekly newsletter!

Quick Links

Download the Agenda

Sponsorship Opportunity

Day 1 - Wednesday, 27th April 2016

Day 1

Expand All Sessions [+] Collapse All Sessions [-]

9:10 AM The Cyber Security Landscape in Singapore: Perspectives Today

Anthony Lim , Director, Cloud Security Alliance

Singapore’s Smart Nation vision will bring all of us to the forefront of 21st century living – but with enhanced connectivity that we enjoy through technology, security is once again at the forefront. Discover why an incident is not just about a cyber-breach or network issue anymore – it transcends into and involves company policy and non-technical spaces. So how does an organisation decisively ensure quick protection and recovery action in line with business continuity, while ensuring some learning, and facilitating investigation, remediation and improvement?

Continued proliferation of cloud services – what to look for or ask in service-level agreements? 
Application security – recoding and automation, reducing hacker-exploitable artifacts
Viewing business operations through the lens of data security 
Cyber-resilience: moving beyond awareness  towards implementation  continually refining Incidence reporting    

Anthony Lim
Director
Cloud Security Alliance

9:40 AM GOVERNMENT PANEL: Government Strategies in Securing Key Critical Information Infrastructure against Emerging Threats and Ensuring Sustainable Cyber-Resilience

Pei Wen Liu , CEO, National Center for Cyber Security Technology, Taiwan

Naeem Musa , Chief Information Security Officer, Commodity Futures Trading Commission, US

Amirudin Bin Abdul Wahab , Chief Executive Officer, CyberSecurity Malaysia

Kim Andreasson , Managing Director, DAKA Advisory

Chalee Vorakulpipat , Head of Cybersecurity Laboratory, Information and Communication Technology Office , , National Electronics and Computer Technology Center (NECTEC), Thailand

Understanding and applying lessons learnt from recent cyber attacks on global critical infrastructure
Exploring the current emerging threats targets: Hacktivism, state-sponsored threats, cyber terrorism, Advanced Persistent Threats (APTs)
Regional Confidence Building Measures (CBMs): overcoming lack of clear definition and diversity of actors
Identifying which sectors are most at risk, impact assessment, and examining the most likely attack sources
Should the government allot security resources equally? Which ones should have priority?

Pei Wen Liu
CEO
National Center for Cyber Security Technology, Taiwan
Naeem Musa
Chief Information Security Officer
Commodity Futures Trading Commission, US
Amirudin Bin Abdul Wahab
Chief Executive Officer
CyberSecurity Malaysia
Kim Andreasson
Managing Director
DAKA Advisory
Chalee Vorakulpipat
Head of Cybersecurity Laboratory, Information and Communication Technology Office
, National Electronics and Computer Technology Center (NECTEC), Thailand
How Operational Technology (OT) differs from Information Technology (IT) and why asset manufacturers are better equipped to protect OT
Threat landscape in OT: from inadvertent breaches to cyber terrorism.
GE’s framework for OT CyberSecurity: Inspect > Enforce > Protect

Sponsored by: GE Digital

GE Digital

11:30 AM Continuous Diagnostics and Mitigation: How to Identify and Mitigate at Network Speed

Naeem Musa , Chief Information Security Officer, Commodity Futures Trading Commission, US

Cyber attacks on federal government networks are growing more sophisticated, frequent, and dynamic. It is paramount that the government protects networks, systems, and information from unauthorized access or disruption while continually providing essential services to the public and protecting privacy, civil rights, and civil liberties. Find out about: 
 
Providing federal departments with capabilities and tools to identify cyber security risks on an ongoing basis
Enabling cyber-security personnel to prioritize and mitigate problems based on impact 
Shift towards a more risk-based,  cost-effective continuous monitoring to better allocate cyber security resources 
enabling defenders to identify and mitigate flaws at network speed – in minutes, as  opposed to quarterly or annually 
Increasing visibility of security posture and situational awareness – agency  and national level
Eliminating the expensive requirement for recertifying government systems every three years

Naeem Musa
Chief Information Security Officer
Commodity Futures Trading Commission, US
 • Re-imagining cyber resiliency as a key enabler that is aligned to business goals
Combating the growing threat of online brand abuse – counterfeiting, brand impersonation and stolen web traffic
The strategies, processes, technologies to reduce the reputational impact of incidence
Exploring the increasing demand for cyber insurance policies within critical infrastructure sectors 
Parag Deodhar
Chief Operational Risk Officer and CISO
AXA Group

12:30 PM Critical Infrastructure Protection: Are We Even Seeing The Whole Picture Yet?

Ken Soh , Chief Information Officer, Director E-Strategies, BH Global Corporation Ltd


As we know cyber attack today is unlike the past. It is stealthful, silent, hard to detect and yet fatal. Worse, as enterprise networks (IT) and critical infra-structures (OT) like energy, water and even nuclear plants increasingly intersect, the overlap provides diverse opportunities for hackers.  What has brought us to this stage of affairs? Are we approaching the challenges adequately? Are there baseline frameworks, perspectives and platforms that could at least help us to mitigate the risks?
Ken Soh
Chief Information Officer, Director E-Strategies
BH Global Corporation Ltd

1:00 PM Lunch


The challenge for companies is to maintain critical functions in the face of these inevitable breaches. Resilience to cyber attacks requires technical, procedural, and policy changes to the infrastructure, architecture, and enterprise operation. Find out how to prevent single points of failure through a comprehensive strategy.  Key areas to be addressed include:

Design and construction: ensuring no introduction of new or unforeseen risks while managing supply chain, monitoring design integrity, physical security and implementing systems security
Collaborating with the public sector for smart grids to undertake proactive resilience to emerging threats   
Pro-active management to prevent loss of resilience arising from changes in operational functions
Change management: vigilance in addressing any modified risks and its impact on cyber security 

2:00 PM CRITICAL INFRASTRUCTURE PANEL: Establishing a Multi-layer Defense to Prevent Single Points of Failure: Innovative Approaches to Integrate Security Into Existing IT Infrastructure Systems

Raymond Hong , Assistant Vice President, ISCS and Systems Engineering (Rail), SBS Transit Pte Ltd

Naeem Musa , Chief Information Security Officer, Commodity Futures Trading Commission, US

Ken Soh , Chief Information Officer, Director E-Strategies, BH Global Corporation Ltd

Satya Gupta , Chief Information Officer, TATA Power Delhi Distribution Limited


The challenge for companies is to maintain critical functions in the face of these inevitable breaches. Resilience to cyber attacks requires technical, procedural, and policy changes to the infrastructure, architecture, and enterprise operation. Find out how to prevent single points of failure through a comprehensive strategy.  Key areas to be addressed include:

Design and construction: ensuring no introduction of new or unforeseen risks while managing supply chain, monitoring design integrity, physical security and implementing systems security
Collaborating with the public sector for smart grids to undertake proactive resilience to emerging threats   
Pro-active management to prevent loss of resilience arising from changes in operational functions
Change management: vigilance in addressing any modified risks and its impact on cyber security 

Raymond Hong
Assistant Vice President, ISCS and Systems Engineering (Rail)
SBS Transit Pte Ltd
Naeem Musa
Chief Information Security Officer
Commodity Futures Trading Commission, US
Ken Soh
Chief Information Officer, Director E-Strategies
BH Global Corporation Ltd
Satya Gupta
Chief Information Officer
TATA Power Delhi Distribution Limited

Sponsored by: GE Digital

GE Digital

2:40 PM Towards a Risk-Based Security Framework: Understanding the Maturity Model for Organizational Cyber Resilience

Pei Wen Liu , CEO, National Center for Cyber Security Technology, Taiwan

With cyber breaches becoming increasingly routine, with recent studies showing 44% of organizations suffering breaches once a year, whilst another 28% unsure if they have been breached. It’s time to leverage on proper frameworks and standards to re-evaluate current cyber-resilience strategies. Key areas to be addressed include:
Beyond ISO27001 towards adoption of ISO27005 – more focus on business-risk assessment
Communicating to Executive-levels: valuable tools to help define strategies and gauge their effectiveness
Hyper-connection readiness-curve: internal review of capabilities, weakness, strengths
From fragmented and top-down approach towards holistic and pervasive cyber-awareness as a competitive advantage

Pei Wen Liu
CEO
National Center for Cyber Security Technology, Taiwan

3:40 PM The Shift to Cloud: How Can you Leverage it to Enhance Both Security and Efficiency?

Varun Sood , Chief Information Officer, Fortis Healthcare

What and how can the cloud offer to enhance security while reducing costs up to 75%?  
Why shifting 100% to the  public cloud should just be a 15-minute conversation about business, not technology
How do you mitigate the risks associated with the cloud? 
Views from a regulatory standpoint 
Varun Sood
Chief Information Officer
Fortis Healthcare

4:10 PM Considering Alternative Paradigms for Security in Today’s Climate of Cyber-Insecurity

Leong Mun Kew , Deputy Director, National University of Singapore

If there is one thing we have learnt about cybersecurity in the last few years, it’s that we’re fighting a losing battle. Our current paradigm is to hide behind every higher and stronger walls (perimeter defense), build walls within walls (defense in depth), hire guards –the bigger the better (security as a service), never share anything (encryption), and don’t talk to your neighbours because they might be carrying germs (self-quarantine). Would you really live like that in the physical world? Totally reactive and not in your control? Life would be miserable. And expensive. And more to the point – would it really prevent crime? Do we have a choice? In this talk, Dr Leong hopes to encourage some discussion and some debate on thinking different – suggesting alternative approaches to managing our data and our business that lets us avoids attacks rather than defend. 
Leong Mun Kew
Deputy Director
National University of Singapore

4:40 PM CRITICAL INFRASTRUCTURE PANEL: From Cyber Defense to Offence: How do you Ensure Data Availability?

Sridhara Sidhu , Head - Enterprise Information Security Services Group, Wells Fargo

Syed Asghar , Head of Governance, Information Security, Vodafone

Varun Sood , Chief Information Officer, Fortis Healthcare

Anthony Lim , Director, Cloud Security Alliance

Kim Andreasson , Managing Director, DAKA Advisory

The nature of cyber-security has shifted such that even if no data is stolen, but if all ATMs are down on a Friday night – chaos will ensue. Beyond ensuring confidentiality of data, the availability of data is crucial in the age of Distributed Denial of Service (DDoS) and ransomware, especially with the onset of innovative technologies including cloud. Discuss best practice in disaster recovery and next generation controls in empowerment rather than limitations. 

Sridhara Sidhu
Head - Enterprise Information Security Services Group
Wells Fargo
Syed Asghar
Head of Governance, Information Security
Vodafone
Varun Sood
Chief Information Officer
Fortis Healthcare
Anthony Lim
Director
Cloud Security Alliance
Kim Andreasson
Managing Director
DAKA Advisory