CISO Singapore schedule

• Examine the ethical scope of responsibility for CISOs in the implementation of AI-driven cybersecurity solutions – what should CISOs be responsible for?
• Assess the balance between AI innovation and safeguarding privacy, security, and compliance frameworks
• Explore strategies for CISOs to ensure transparency, accountability, and fairness in AI security systems
• Discuss the evolving role of the CISO in addressing AI-related cybersecurity risks and ethical dilemmas

Moderator:

Jason Lau Chief Information Security Officer Crypto.com

Panellists:

Tan Too Ping CISO Changi Airport

Kamran Rafiq CISO MOH Office for Healthcare Transformation (MOHT)

Aniket Kulkarni Global Group CISO Circles

Leonard Ong Director, Cyber Defense Group & Chief Risk Office Synapxe

Jennifer Cheng Director of Cybersecurity Strategy, Asia-Pacific and Japan Proofpoint 

Despite advancements in cyber security tools, human error remains the leading cause of breaches, with phishing attacks, insider threats, and credential misuse continuing to dominate the threat landscape. Independent research highlight 68% of cyber incidents stem from human error, reinforcing Mimecast’s human-risk research revealing that almost 10% of employees account for 80% of security incidents.

My session will explore the factors contributing to user vulnerabilities that lead to certain individuals being classed as high-risk.

You will gain insights into measuring user risk effectively and implementing tailored strategies to enhance cyber security across their organisations. My session will also highlight how a personalised and adaptive security approach can provide customised security measures for each user. By focusing on these high-risk individuals, organisations can safeguard their workforce while maintaining operational productivity.

• Outsmarting Emerging Threats: Implementing cutting-edge strategies and adaptive risk frameworks to stay one step ahead
• Engaging employees through continuous training and fostering a culture of transparent communication
• Syncing cyber security with business growth by aligning risk management with budgets, and cross-department collaboration to drive success without compromising security

Moderator:

Tobias Klingel Director of Information Security Aspire

Panellists:

Thuy Dinh Coordinator, Asia South Pacific Joint Operations Against Cybercrime Interpol

Steven Sim Chair OT-ISAC Executive Committee

Frankie Shuai APAC CISO Financial Services Sector

• The challenge of fragmented security data and siloed tools in large enterprises
• How AI processes, normalises, and contextualises diverse security data
• How AI identifies hidden attack paths and interdependencies across different environments
• The concept of a "single pane of glass" for understanding and managing cyber exposure with deeper monitoring
• How a unified vulnerability management view enables better strategic decision-making and resource allocation

68% of all data breaches are due to human error, and despite significant investments in technical safeguards, phishing and social engineering attacks remain the #1 threat to your organisation.

As cyber criminals harness AI-enabled deepfake technology to craft increasingly convincing social engineering attacks, organisations must adapt their security awareness strategies to counter these sophisticated threats.

In this session we will explore:

• How AI is really being used by cyber criminals in today's threat landscape
• Key considerations for detecting and preventing AI-powered attacks
• How to Align user AI risks, threats, and vulnerabilities to an appropriate risk mitigation framework
• Practical strategies to to protect and educate your workforce in the AI era

• Explore cutting-edge strategies to detect deepfake content and protect communication channels
• Harness multi-factor authentication (MFA), real-time identity verification, and employee training to defend against virtual impersonations
• Assess the role of biometric and behavioural recognition technologies in strengthening remote access security and safeguarding sensitive data
• Update cyber security training programs to foster a culture of scepticism and reduce vulnerability to digital threats

Speakers:

Vijayaraj Suriyakumar Head of Cybsersecurity & Privacy Continental Automotive Singapore

Rahul Singh Global Head of Software, AMR Continental Automotive Singapore

Identity security is crucial for organisations of all sizes. This session will explore the key aspects of managing and securing both human and non-human identities, with insights from One Identity and StarHub. Topics will include security concerns, the importance of identity governance, best practices for managing non-human identities, and strategies for staying compliant. Attendees will gain valuable knowledge on building a secure, efficient identity framework while addressing budget constraints.

• What are the current challenges around preparing future cybersecurity talent for an ever-changing future?
• Exploring initiatives to close the talent gap: Can AI support the current talent shortage?
• Anticipating the right skills: What skills should a successful future team possess?

Many organisations leverage on the cloud to gain agility in innovation and managing IT infrastructure/software. The challenge often is ensuring the security guardrails are in place to support the speed of innovation. Fortinet’s thesis is that security, at its heart, is a data problem. By focusing first on what is normal rather than establishing rules, consolidating many bespoke tools to achieve fewer alerts, simplifying management and automating security policies, we look into how a unified platform approach that continuously learn and “polygraph” behaviours in the cloud is easier and a smarter way to scale the operational challenges of protecting your multicloud environments. 

• How can boards and senior leadership effectively align cybersecurity priorities with overall business objectives?
• What are the biggest communication gaps between cybersecurity teams, executives, and boards, and how can they be bridged?
• How can organisations break down departmental silos to create a more integrated approach to cybersecurity risk management?
• What governance frameworks and reporting structures best support collaboration between technical teams and executive decision-makers?

Panellists:

Scott Flower Co-Founder CI-ISAC International

Anil K Appayanna Chief Information Security Officer India International Insurance (III) Singapore

• Effectively Integrating AI into the Enterprise

- Navigating governance and transparency in AI adoption

• Managing Insider Threat in a complex environment

- Balancing trust, transparency, and detection without creating fear

- Leveraging cross-functional insights from HR, legal, and cyber teams

• Secure by Design

- Shifting to a security-first culture

- Insights and reflections

As cloud adoption accelerates, so does the challenge of maintaining unified visibility, compliance, and control across diverse environments. Join Wiz and Jonathan Ng, Principal Digital Risk and Security Lead at Handshakes, as he shares how the team transformed their cloud security posture by gaining full visibility of their multi-cloud environment and democratising security. Whether you're grappling with cloud sprawl or striving for secure-by-design practices, this session will offer practical insights into scaling security without slowing innovation.

Speakers:

Kaiyang Cai Regional Vice President Wiz

Jonathan Ng Principal Digital Risk and Security Lead Handshakes

 Now  is the time to shift to modern, human-centric data security. Join the session to learn how adaptive, AI-driven solutions unify content and behavior insights — identifying sensitive data, monitoring risky actions, and dynamically adjusting controls. Gain practical guidance on how to evaluate alternatives, transition from legacy DLP solutions, expand your program without increasing headcount, and communicate the value of your program to management and the board. 

Confidential Computing is an emerging technology to protect sensitive code while it is being processed. Its underlying technology, hardware-based Trusted Execution Environment (TEE), prevents unauthorized access or modification of applications and data while in use regardless of infrastructure access privileges. Additionally, an attestation process can assure that the isolated environment is secure and only the expected application can be executed. As one of the privacy-enhancing technologies, Confidential Computing plays an important role in TikTok's innovation in privacy and security. In this talk, we will give an overview of this technology - its past, present and future. Then, we will introduce our privacy innovation with Confidential Computing and potential use cases for data collaboration, data protection and software transparency.

• Value of Implementing Data Security Posture Management (DSPM) and Data Intelligence Access Governance
• How can DSPM and DIAG help organisations prepare for Generative AI Adoption

Both DSPM and Data Intelligence Access Governance are critical tools for modern organisations aiming to protect sensitive data, ensure compliance, and reduce risk. They address distinct but complementary aspects of data security and governance, helping organisations proactively manage vulnerabilities, minimise attack surfaces, and optimise data usage.

Implementing Data Security Posture Management (DSPM) and Data Intelligence Access Governance (DIAG) can significantly help organisations prepare for the adoption of Generative AI (GenAI) by addressing key challenges related to data security, governance, and compliance.

This session will provide the audience with a high level understanding of why their Cyber, Data Governance and Data Privacy teams will need to collaborate to enable the business in the age of Generative AI.

• Explore strategies to integrate cyber security initiatives with broader business goals to strengthen organisational resilience and drive sustainable growth
• Unpack approaches to involve executives in cyber security strategies, ensuring it remains a top priority within the organisation
• Highlight the potential of cyber security as a strategic asset to deliver business value, enhance resilience, and establish a competitive edge
• How can organisations shift from reactive to proactive risk management, anticipating threats and building a robust security posture?

Moderator:

Joey Chua Director of Digital and IT Transformation Gulf Marine

Panellists:

Deepak Anand Maharaj CISO AirAsia

Lyle Sudheeran Madhavan Head, Program Management & Governance Sentosa Development Corp

Jenny Tan President ISACA SG Chapter

Christopher Lek Director, Cyber Security, Centre for IT Services Nanyang Technological University

Laura Lees Head of Cybersecurity for Client Citibank

• Discover how AI governance can address vulnerabilities exploited by increasingly sophisticated cyber fraud techniques
• Learn to implement secure, compliant AI systems that enhance fraud detection while safeguarding sensitive data
• Gain insights into balancing innovation and cyber security to build trust and resilience against digital threats
• Dealing with advance phishing and digital scam tactics as a business

Panellists:

Perry Young CISO Kyndryl

Jon Lau Director A*STAR - Agency for Science, Technology and Research

Anil K Appayanna Chief Information Security Officer India International Insurance (III) Singapore

Scott Flower Co-Founder CI-ISAC International

Patrick Tay Director, Program & Seminar ISACA Singapore

• Techniques to influence lasting behavioural change in employees
• How can you effectively measure the success of training programs?
• Planning gamified phishing campaigns and immersive attack simulations for C-suite executives and non-technical teams
• Training approaches fand techniques for managing insider threats and supply chain vulnerabilities