|
Click on the below topics for session details. For printable agenda, please |
| |
08:15 - 08:50 |
|
Registration & Welcome Refreshment |
|
|
08:50 - 08:55 |
|
Opening Remarks by Officiating Guest of Honor
Allen Yeung
Government Chief Information Officer, The Government of HKSAR
| |
|
08:55 - 09:25 |
|
Opening Keynote: Cybersecurity in a Digital World - Deploying Active Defense
Harrison Lung
Associate Partner, McKinsey & Company
Cyber incidents continue to increase dramatically with wide ranging business risks across industries. McKinsey research for the World Economic Forum identified risks up to USD 3 trillion to the world economy. The majority of businesses are unprepared for these threats. Understanding and deploying an active defense is critical. The speaker will discuss the latest emerging threats and an approach to setting up an active defense.
| |
|
09:25 - 09:55 |
|
Keynote 1: Security Everywhere: Protect Against Ransomware and Advanced Threats
Garrick Ng
Head of Systems Engineering, Cisco Hong Kong & Macau
There is growing volume and sophistication of threat actors. Attackers are using innovative tactics such as ransomware, malvertising, exploits kits and other advanced malware in order to evade detection. The traditional way of setting up security perimeter with firewalls and sandboxes for protection is no longer sufficient. Protecting the enterprise today requires addressing the entire attack continuum - before, during and after an attack. Very often we have standalone security solutions that don’t work together and what’s needed is the integration of disparate security systems with network infrastructure to automatically detects and contains threats. In this session, the speaker will present a multi-layer approach to look beyond, and also within the security perimeter to quickly detect, analyse and contain modern day threats.
| |
|
09:55 - 10:25 |
|
Keynote 2: Hunting the Known Unknowns Using Big Data
Paul Pang
Chief Security Strategist, APAC, Splunk Inc.
Every network uses DNS, web and email, but are you looking under the hood to see the dangers that is hidden below?
IT machine data is a data source that is easy to collect and incredibly valuable to an organization’s cyber security defenses. This session discusses how big data can help to hunt the unknown collected IT machine data in your networks, along with showing you how to find common threats like Data Exfiltration, DNS tunneling and Malware C2 communications. We’ll show you not only how to detect suspicious hacking activity, but how to find those “known unknowns” in your Splunk Enterprise.
| |
|
10:25 - 10:55 |
|
Keynote 3: The Dark Side of Compliance for Identity and Access Management
Fouad Khalil
Director of Compliance, SSH Communications Security
Standardisation of Identity and Access Management (IAM) is headed for a significant update. Bodies such as NIST, PCI Security Standard Council and IETF recently proposed new best practices and requirements for key management, in which the keys support interactive and automated authentication in the business automation. However, most organistaions lack true centralized management for controlling access credentials and thus leaving that in the "Dark Side" of compliance requirements including HKMA, MAS, PCI-DSS, Sarbanes-Oxley (SOX-404) or ISO27001.
With the rapid change of business environments and threat landscape, IT security and audit professionals need to learn how to identify the risks and access compliance. The presentation will provide you with insight into compliance trends in IAM and case examples; and demonstrate approaches to integrate your security and privacy controls into day-to-day processes and procedures to ensure continuous compliance.
| |
|
10:55 - 11:10 |
|
Networking Break & Showcase Demonstration |
|
|
11:10 - 11:40 |
|
Keynote 4: Combating Advanced Threats – How to Detect an Attack in Real-time
CF Chui
Solutions Architect, Arbor Networks
Each and every day, Security Operational personnel inside your organization have been continuously fighting with all kinds of emerging threats, which grow in terms of number and sophistication. The risk of your network being hacked by the newest 0-day threat, and attackers are trying to exploit weaknesses of your infra-structure has been growing tremendously that you will need to empower your Incident Response team members with the ability to track down threats inside your organization. In this presentation, we are going to take a look at the current challenges faced by most Incident Response team members in the industry. We will discuss the importance of understanding the lateral movement of the attacks; the ability to understand the entire extent and impact of a breach; how to build an evidence trail to identify every facet of the attack. We will also look at the different aspects in detecting an attack hidden inside your network.
| |
|
11:40 - 12:10 |
|
Keynote 5: Protecting your Business by Securing your Weakest Links
Wong Loke Yeow
Director of Security Solutions and Professional Services Consulting, Enterprise Security, Singtel Group Enterprise
Public and private organisations today are facing tremendous challenges in defending themselves in the changing cyber threat landscape.
On the backdrop of a fast evolving cyber threatscape, the defensive capabilities and approaches employed by companies today are out-dated and paltry in comparison to highly sophisticated tools, techniques and capabilities of the threat actors. This is further exacerbated by the global deficit of over 1.5million cyber security talent that is urgently needed to help defend organisations around the World.
Join Mr Wong Loke Yeow in this session as he discusses what pragmatic approaches we can take to protect our enterprises, as well as our oft overlooked partner ecosystem and supply chain – and ensure that every link of our business "chain" is adequately secure, resilient, and can keep us ahead of the cyber security curve.
| |
|
12:10 - 13:00 |
|
Panel Discussion One: The Dynamic Defense Approach to Cybersecurity
Panel Chair:
Geoff McClelland, Program Director, CIO Connect HK
Executive Panelists:
Lim Shih Hsien, Head, Information Security, Hong Kong Jockey Club
Frank Law, Superintendent and Head of Cyber Security, Hong Kong Police Force
Paul Jackson, ex Global Head of Cyber Investigations, JPMorgan Chase; Managing Director, Stroz Friedberg
Shane Read, Chief Information Security Officer (CISO), Noble Group
| |
|
13:00 - 14:15 |
|
CIO Networking Luncheon Roundtables (By Invitation Only)
Topic: Understanding IoT Security Challenges and Risks
Connie Lin
Manager, Consulting and Services Delivery, CITIC Telecom International CPC Limited
And
Nick Ng
Team Lead, Pre-sales Consultant
Fortinet Inc.
Adoption of Internet of Things (IoT) is giving a rise. According to Gartner, Inc., 6.4 billion connected things will be used worldwide in 2016, which is 30 percent more comparing with 2015. More enterprises are adopting IoT infrastructure which gather and share huge quantities of confidential data. Every single device in the IoT represents a potential doorway into your infrastructure and critical data. Is your enterprise ready for IoT? Do you know how to protect the data against the threats in the IoT infrastructure? Join us in the luncheon to learn more about the latest challenges of IoT and security solutions that mitigate the risks.
| |
|
14:15 - 14:50 |
|
Panel Discussion Two: Security in an Outsourced World
Panel Chair:
Todd Stewart, Executive Director, Cyber Security, Ernst & Young
Executive Panelists:
Gabriel Chan, Head of Information Security, Greater China, ABN AMRO Bank
Micky Lo, Chief Information Risk Officer APAC, Information Risk Management, BNY Mellon
Anna Gamvros, Partner, Norton Rose Fulbright Hong Kong
| |
|
14:50 - 15:20 |
|
Keynote 6: The State of Security: Challenges to Solutions
Matt Alderman
VP of Strategy, Tenable Network Security
Organizations have invested in many security products, but are they really working or fully deployed? As security concerns continue to rise, organizations need assurance that previous and future security investments are effective. Analyzing emerging security trends and challenges, it’s time to define the critical domains and capabilities needed to transform security.
| |
|
15:20 - 15:50 |
|
Keynote 7: Hunting and Farming: Concepts and Strategies to Improve Your Cyber Defenses
Bernie Png
Regional Sales Engineer, APJ, Carbon Black
Cyber defense is evolving. The new normal is managing more assets against more attacks with fewer staff. It is often daunting. But all is not lost. We must adapt our strategies, enhance our people and change the tide in order to have a fighting chance. This session will get you thinking about what your organization is doing to try to stop the bleeding and build some resiliency.
| |
|
15:50 - 16:20 |
|
Keynote 8: User Behaviour Intelligence Fundamentals: Behaviours, Characteristics, and Facts
Harjith Prabhakaran
Product Director, Asia Pacific & Japan, Exabeam
Today, most of the modern Attacks rely on Credentials. To attackers, external or internal, valid credentials are a coveted asset. Whether the attacker is a rogue insider or someone who has obtained valid credentials through social engineering techniques, the ability to roam the network with impunity puts valuable data at risk. The hardest problem for the Organizations becomes separating risky behaviours from normal user behaviours.
User Behaviour Analytics Solution, leveraging existing log data to detect modern attacks, prioritize incidents efficiently, and help Organizations to respond effectively. User behaviour analytics analyses actual behaviour to determine risk and to inform overburdened security analysts about potential attacks, as well as how to remediate them. Exabeam will provide more insight on User Behaviour Analytics Solutions and its growing need.
| |
|
16:20 - 16:30 |
|
Showcase Demonstration |
|
|
16:30 - 17:00 |
|
Closing Keynote: Key Takeaways From The 2016 PwC Global State of Information Security Survey
Kok Tin Gan
Cyber Security Partner, PwC
| |
|
17:00 |
|
End of Conference |
|
| * Agenda is yet to be finalized and is subject to change. |
|
