isac2013 - final
TRANSCRIPT
Benchmark information security practices with your comrades around the worldNew method adoption for cloud securityUsing wireless solutions to boost productivity, efficiency and effectiveness of securityPreparing strategies and initiatives to deal with big data and enhance data protectionMitigating cyber threats and attacksStreamlining policy implementation and practices for the overall security system within the organizationAssess how other organizations mitigate Advanced Persistent Threats
“Recognizing the problem before it becomes an Emergency”
Distiguished International and Local Speakers
Highlights
13 Engaging Presentations An exclusive Case Study fromWhite Hat Hacker
Who Should Attend
AviationAutomotive
Banking & FinanceConstruction & Engineering
Energy & UtilitiesElectric and Electronics
Heavy industries: Steel, Cementand Aluminium
Food and BeverageFMCG
Chemical and PetrochemicalOil & Gas
Telecommunications & ITTransportation, Freight & Logistics
Pharmaceutical & BiotechnologyHealthcareMinistries
Government Agencies Municipility
State Government Office Government Departments
of:IT Security
Information SecurityNetwork Security
Information Systems (IS)Management Information
Systems(MIS)Information Technology (IT)
Information Risk ManagementCyber Forensics
from Across All Industries
Chief Information Security Officer (CISO)Chief Information Officer (CIO)
Vice PresidentDirector
Deputy DirectorsGeneral Manager
HeadManager
AnalystOfficer
Do Not Miss
Information is the key business driver for any organization. Therefore, it is crucial to sustain the integrity, confidentiality and availability of these information in an organization. An organization, be it an MNC or the Government sector, that fails to protect its data assets can suffer severe damage - including loss of credibility, customers and revenue, that could even stretch to national security.
Spending on secure routers, unified threat-management appliances, VPNs, network-access control, firewalls and intrusion detection/prevention systems will rise from $6 billion in 2010 and exceed $10 billion by 2016, ABI Research said.
InfoSec Asia 2013 Conference, incorporating Government Technology Symposium 2013, is being organized in order to identify the latest security threats and methodologies to curb the rising information and network security threats. With cloud and big data being the buzzword of 2013, this conference will help information security professionals from all sectors understand the tweaks and changes in that is needed in security systems with these new adaptations.
•••••••
Co-located with: Organized by: Gold Sponsor:Endorsed by: Segment Sponsor:Bronze Sponsor:
Ricky HoRegional Director, APACSSH Communications Security
Philip Victor Director, Centre for Policy &International Cooperation International MultilateralPartnership Against CyberThreats (IMPACT)
Jerome Sun Senior Technical Consultant Crosscheck Networks APAC
Marc GartenbergChief Operating Officer Chair - CyberWarfare Centre -Research & Strategy Centre for StrategicCyberspace + Security Science
Sabariah Ahmad Head, Security Management & Best Practices,Cybersecurity Proactive Services Division CyberSecurity Malaysia
Kelly BrazilDirector of Engineering, Asia-PacificPalo Alto Networks, Singapore
Muhammad Shahriman Samsuddin Independent Security Researcher
Associate Prof. Dr. Omar ZakariaDeputy President Information SecurityProfessional Associationof Malaysia
Matthew Gartenberg Chief Legal Officer Centre for Strategic Cyberspace + Security Science
Hoo Chuanwei Security Infomation OfficerBT Services Singapore
Senior Representative Google, Inc.
Parul KhannaChief Technology Officer & PresidentThird Eye Ethical Hackers Society ®
Ng Kang SiongPrincipal Researcher, Information Security Lab, MIMOS Berhad
20 – 21 March 2013Putra World Trade Centre, Kuala Lumpur
+603-2600 6000 +603-2600 6111 [email protected] www.jfpsgroup.com
InfoSec Asia 2013 Conference
www.infosecurityworld.net
Incorporating:
www.govtechshow.com
Day One | March 20 | Wednesday Conference Agenda
Day Two | March 21 | ThursdayRegistration & The Arrival of Guests
Opening Ceremony & Launch of Infosecurity World 2013
Exhibition Tour & Morning Refreshments
Opening Remarks by Chairperson
Session OneKeynote Address:Navigating Security in the world of Emerging Technologies• Establishing the status quo of the region's security progression• The dynamic business environment of Virtual and Mobility• Assessing the emerging technologies and how it often spells out “New
Threat”Associate Prof. Dr. Omar Zakaria, Deputy PresidentInformation Security Professional Association of Malaysia
Session TwoCyber Threats and Enhancing Nations' Cybersecurity Readiness• The prominent threats that were seen in 2012• Case study on targets• What ITU-IMPACT is doing in helping nations to enhance their
cybersecurity readinessPhilip Victor, Director, Centre for Policy & International CooperationInternational Multilateral Partnership Against Cyber Threats (IMPACT)
Session ThreeDriving business performance and balancing IT security for an organisation• The changing business and threat landscape• The impact of this change on Today's business• Requirements on the enterprise IT network security to achieve business performance• Taking the first step towards proactive management of your IT network security Kelly Brazil Director of Engineering, Asia-Pacific Palo Alto Networks, Singapore
Session Four 2012 Decoded! Lessons learnt• Tops attacks of the year• Trends – how, who and is there a why?• Forecast potential future attacks to provide early warning and mitigate
the damageMarc Gartenberg,Chief Operating OfficerChair - CyberWarfare Centre - Research & StrategyCentre for Strategic Cyberspace + Security Science
Networking Luncheon
Session Five User Key Auditing and Remediation in Encrypted Environments• Current state of encrypted network connections• Real world example – A Global Top 5 Bank managing 1.5 million keys• Best practices for key remediation• Overview of encrypted channel auditing• Approaches to resolving enterprise challenges Ricky Ho, Regional Director, APAC SSH Communications Security
Session SixAre we having the right engagement? – The missing piece• Incorporating Security into the organization's Yearly Strategic Plan• Do Information Security Professionals feel sidelined?• Garnering Management support and employee participationHoo Chuanwei, Security Information OfficerBT Services Singapore
Afternoon Refreshments
Session Seven Defending Multilayer Threats Against Web Services/XML• Attack and threat vectors targeting towards web services and XML transactions • Leveraging up-to-date techniques and architecture to defend valuable SOA system/assets• Addressing security, performance and management challenges for heterogeneous and complex SOA/Cloud systems• Standards and regulations required for security auditing Jerome Sun, Senior Technical ConsultantCrosscheck Networks APAC
Session Eight BYOD – The changing enterprise access Model and how it impacts Security?• How has mobility changed access requirements?• Are smart phones jeopardizing enterprise security?• Moving from device centric to data centric• A risk based approach to an enterprise access model designParul Khanna, Chief Technology Officer & PresidentThird Eye Ethical Hackers Society ®
End of Day 1
0830
0900
1000
1030
1045
1115
1145
1215
1300
1400
1430
1515
1545
1615
1700
Registration & The Arrival of Guests
Opening Address by Chairperson
Session OneBringing together all stakeholders in the fight against Cyber Threats• National effort on what is being done• The roles played by governments, enforcement agencies and critical national sector agencies• Mitigating cyber threats through Information Security Management System (ISMS) implementation• Over view of what ISMS isSabariah Ahmad Head, Security Management & Best PracticesCybersecurity Proactive Services DivisionCyberSecurity Malaysia
Session Two CyberCrime: Where do you draw the line?• Exploring the legal issues of cyber crimes• Laws, legislations and regulations - who is to protect who?• Understanding the repercussions of being a corporate victimMatthew Gartenberg, Chief Legal OfficerCentre for Strategic Cyberspace + Security Science
Morning Refreshments & Exhibition Tour
Session ThreeWhat would Cloud Computing mean for Information Security personnel?• How is it different from current security practice?• What are risk associated with cloud computing?• How to manage risk? Ng Kang Siong Principal Researcher, Information Security Lab MIMOS Berhad Session FourLeveraging Cloud Computing & Search - Google Earth for Governments and Enterprises• Understand the Principles of Cloud Computing and how this is applied in applications such as Search and Geospatial Search• How governments can leverage on the Cloud to: * Enhance service efficiency * Reduce costs * Increase public awareness (and satisfaction)• Explore real-life, Case Studies where Cloud technology and Geospatial applications are used in governments around the worldSenior RepresentativeGoogle, Inc. Networking Luncheon & Exhibition Tour
WHITE HAT HACKER SHOWCASE
Session FiveMini Workshop: Show and Tell - Exploiting weaknesses in the organization's network• Pointing out vulnerabilities of the system• Identifying loopholes that hackers can work on • Detecting the tell-tale signs• Conducting pen-test• Persistence backdoor • DDoS protection - the various mechanismMuhammad Shahriman Samsuddin Independent Security Researcher
Afternoon Refreshments & End of Conference
0830
0900
0915
1000
1045
1115
1145
1230
1400
1530
“There is an enormous market demand for information. It just has to be fulfilled in a way that fits with the
technology of our times.”-Marc Andreessen-
“In the new economy, information, education, and motivation are everything.”
-William J. Clinton-
20 – 21 March 2013Putra World Trade Centre, Kuala Lumpur
+603-2600 6000 +603-2600 6111 [email protected] www.jfpsgroup.com
InfoSec Asia 2013 Conference
www.infosecurityworld.net
Incorporating:
www.govtechshow.com