-
About
-
Speakers
-
Schedule
-
Venue
-
Contact Us
<
>
CSA APAC Summit 2018
11 October, 2018
Marina Bay Sands Expo and Convention Centre, 1 Bayfront Ave, 018971
Theme: Security in Digital Transformation
Today, cloud represents a fundamental pillar of an organization’s journey to digital transformation. No longer used simplistically for replacing / augmenting primary IT systems, the cloud is increasingly extending into various facets of an enterprise - from mobile applications to industrial control systems, to affecting governance, compliance, training and disaster recovery. Cloud security should and must remain a key design consideration despite cloud’s constantly evolving applications. This year’s CSA APAC Summit welcomes world leading security experts to discuss the latest trends in technology, the threat landscape, security innovations, best practices and global governance in order to help organizations address the new frontiers in cloud security.
Register for the event at: www.cloudandcybersecurityexpo.com/CSA
11 October, 2018
Marina Bay Sands Expo and Convention Centre, 1 Bayfront Ave, 018971
Theme: Security in Digital Transformation
Today, cloud represents a fundamental pillar of an organization’s journey to digital transformation. No longer used simplistically for replacing / augmenting primary IT systems, the cloud is increasingly extending into various facets of an enterprise - from mobile applications to industrial control systems, to affecting governance, compliance, training and disaster recovery. Cloud security should and must remain a key design consideration despite cloud’s constantly evolving applications. This year’s CSA APAC Summit welcomes world leading security experts to discuss the latest trends in technology, the threat landscape, security innovations, best practices and global governance in order to help organizations address the new frontiers in cloud security.
Register for the event at: www.cloudandcybersecurityexpo.com/CSA
Organiser
Supporting Organisation
Co-located With
Suresh AGARWALSales Director, South Asia, Cloud Security Alliance
|
Suresh Agarwal is the Founder and Managing Director of Agarwal Pte Ltd. and Infotech Global Pte Ltd. In this role, he oversees the company’s global operations and development efforts. This includes building strong partnerships and customer relations, developing quality offerings and establishing relevant infrastructure support for our customers.
Suresh has accumulated over twenty-five years of experience in implementing IT solutions around the world. Before this he has led the Oracle Consulting team in Singapore, Business Development efforts at CrimsonLogic, Applications Consulting team at Ernst &Young Consultants Pte Ltd, doing integrations of ERP, APS and legacy systems in a number of countries in Asia, North America, Africa and Middle East. Prior to this, he headed the IT initiative of the Thakral Group, Raffles Software Pte Ltd, as General Manager. In this capacity, Suresh successfully executed three e-commerce and four ERP projects in China, Hong Kong, Singapore and India. Suresh, whose scholastic achievements include two Masters Degrees in Engineering, one majoring in IT systems integration from the National Technological University, Singapore and a second in Industrial Engineering and Management from the Asian Institute of Technology, also holds an Honours Degree in Mechanical Engineering from the University of Rajasthan, India. |
Raju CHELLAMHonorary Vice Chair, Cloud & Big Data Chapter at SGTech
|
Raju Chellam is a Member of the Singapore NCCAC (National Cloud Computing Advisory Council) under IMDA (Infocomm & Media Development Authority of Singapore) & Deputy Chair of the COIR (Cloud Outage Incident Response) Group under ITSC (IT Standards Committee). He is also Hon Vice Chairman of the Cloud & Big Data Chapter at SGTech, previously called SiTF (Singapore IT Federation) & Hon Secretary of the Cloud Chapter of SCS (Singapore Computer Society). He has been a Past President of the BCG (Business Continuity Group) at SCS. He was conferred as an SCS Fellow in March 2018.
Talk Synopsis What Danger Lurks in the Dark Web? The general perception about data security is to stick a anti-virus/malware solution and pray it keeps out the bad guys. But where do the bad guys go to get confidential info about you, your customers & your company? The Dark Web or the Dark Net is spoken about in hushed tones. What happens there? What's available there? What can you do to protect yourself? |
Kai CHENCo-Chair, Cloud Security Services Management Working Group
|
Dr. Kai Chen is now serving as the Cybersecurity Ecosystem Specialist of Huawei Technologies Co.,Ltd. His role includes responding to Huawei cybersecurity ecosystem development including strategy, policy and partner engagement, etc. He has over 15 years of working experience in applied cryptography, information and network security technical research, standard development and policy and regulation fields. Kai has also published over 20 research papers and delivered speeches in security related conferences and seminars; developed or co-developed over 10 security standards in wireless communication, DRM and trusted computing and has experience in leading several information security policy and legislation research projects.
He co-founded the GCRF (Great China Regional Forum) of TCG (Trusted Computing Group) and served as co-chair of the GCRF from 2008 through 2015, driving the TPM 2.0 standard development and industrialization within the time frame. In addition to that, Kai also co-founded the cybersecurity working group in USITO (United State Information Technology Office) and co-chaired the working group from 2007 through 2015. During this time, he led the dialogue and collaboration around cybersecurity policy, regulation and standard development in ICT area. Before joining Huawei, Kai worked for Microsoft, Intel China and Bell Labs Research China as well as Lucent Technologies. He is currently the senior member of China Computer Federation and Chinese Association for Cryptologic Research. Kai also holds the Bachelor Degree in Management Engineer, Master Degree in Computer Science and Doctor Degree in Cryptography. Talk Synopsis Is Your Cloud Service Properly Protected? There are plenty of cloud security standards, best practices and certification schemes developed and enforced by the cloud service providers. But the reality is that various cloud security issues are occurring and the customers are the true victims. The gap is that most of those standards and best practices are developed for cloud service providers but it is lack of guidelines for cloud customers on how to secure its cloud services along with the cloud service providers. In this speech, the “Guideline on Effectively Managing Security Service in the Cloud” which is developed by CSA will be introduced. The guideline provides principles and actions for cloud customers to secure its cloud service according to the shared security responsibility model. |
Victor CHINResearch Analyst, Cloud Security Alliance
|
Victor Chin is an information security research analyst with the Cloud Security Alliance (CSA). He has collaborated with industry-leading experts to develop and raise awareness of information security best practices in the ever-changing technology landscape. This, and his experiences working in Asia Pacific, Europe and the United States, has led to him developing a global and high-level understanding of the information security industry and its trends.
Talk Synopsis Vulnerability Management Trends in the Age of Cloud Services Traditional enterprise vulnerability and risk management processes were not designed to deal with cloud services. Gaps in these processes have manifested due to the enterprise not owning and controlling the infrastructure that provisions the cloud service. In particular, the ecosystem built around the CVE (Common Vulnerabilities and Exposures) and the CVSS (Common Vulnerability Scoring System) systems are now inadequate. This session will explore the trends, shortcomings and possible solutions for enterprise vulnerability and risk management processes in the cloud-dominated IT landscape. |
Brian COLEResearch Projects Developer, University of Waikato, New Zealand
|
Brian Cole is a Research Projects Developer at the University of Waikato in New Zealand. He has a background in technology and entrepreneurship. It has been from working with AProf Ryan Ko that he has developed an insight into the rapidly evolving world of Cyber Security and has been involved with New Zealand Standards to work on ISO SC27 for the Ministry of Business Innovation and Employment funded research programme STRATUS. AProf Ko's programme of work has invigorated New Zealand's cyber security research and engagement in industry.
Talk Synopsis STRATUS: from Research to Commercialization There are many challenges in bringing research to a commercial reality and we will explore the engagement with companies in New Zealand and discuss the things that worked and why. The talk will cover the birth of the STRATUS research programme and the flow on effects that it has generated. We will discuss the commercialization routes that are being explored and potential applications for future work. |
Alice LEEDirector - Product Security Office, Seagate Technology; Assistant Membership Director, (ISC)2 Singapore Chapter
|
Alice Lee is a Director – Product Security Office at Seagate Technology, helming a team that manages Application Design & Development, Global Secure system administration, and security operations of IT Security services that support critical business operations. This involves the development and implementation of security principles of secured IT services, such as Cryptography (PKI/HSM Implementation and operation), Identity management, Access Control and functional security requirement.
Having been in the field of IT and Information Security for over 15 years, Alice has a wealth of experience in establishing and managing successful and trusted IT security services that support critical business operations. This includes IT Security & Business Management experiences leveraging on IT Security technologies and deploying cost-effective strategies to improve operational efficiency and security management in 7/24 mission critical operating environments across the globe. Apart from having an MBA and a Bachelors of Science in Computer Science, Alice keeps her expertise relevant amidst a continuously evolving technology landscape by obtaining key professional certifications, including CISSP, CCSP, CEH and CISM. Talk Synopsis Progressive Cloud Security Education: CCSK vs CCSP CCSK and CCSP are amongst the most widely sought after certifications in the cloud industry. Although the pair are highly regarded, is it necessary to have both? Or is just having one enough, and if so which one? In this talk, experts and trainers of the courses provide their unbiased comparison of CCSK vs CCSP to help you discover which is a better fit for your professional goals. Learn about the differences between the two with a distinct breakdown of the courses, exam details, and strengths of each certification. |
Dr. Hing-Yan LEEExecutive Vice President
APAC Cloud Security Alliance |
Hing Yan LEE has over 30 years of ICT working experience in both the public and private sectors. He was global director of the STAR program at the Cloud Security Alliance (CSA) for 6 months in 2017. Prior to that, he was Director of National Cloud Computing Office at Infocomm Development Authority (IDA) for 9+ years, where he was responsible for the national program for, inter alia, developing the cloud ecosystem, promoting cloud adoption by government agencies and private enterprises, and building a trusted environment (which included developing the Multi-Tier Cloud Security standards and Cloud Outage Incident Response guidelines).
He was previously Deputy Director of the National Grid Office at the Agency for Science, Technology & Research (A*STAR), Principal Scientist at the Institute for Infocomm Research (I2R), Director of Knowledge Lab and Deputy Director of Japan-Singapore Artificial Intelligence Centre at the Kent Ridge Digital Labs as well as Deputy Director at Information Technology Institute (the applied R&D arm of the National Computer Board). He oversaw and managed industry collaborations and applied R&D in machine language translation, spoken language dialogue, expert systems, knowledge discovery, data mining, data visualization, and other knowledge-driven efforts. He worked on projects with organizations such as Department of Statistics, National Archives of Singapore, Housing & Development Board, Defense Science & Technology Agency, Alta Vista, Amazon Web Services, Fujitsu, IBM, Hewlett-Packard, Microsoft, SingTel, and Platform Computing. Hing Yan co-founded two high-tech companies - Language Tapestry and eXage. He was an adjunct associate professor at the National University of Singapore, served on the School of Digital Media & Infocomm Technology Advisory Committee at the Singapore Polytechnic, Engineering Accreditation Board team member (2014), co-chair of the National Infocomm Competency Framework Technical Committee on Cloud Computing as well as member of the Cloud Computing Standards Coordinating Task Force of the Singapore Infocomm Standards Committee. He was also a member of the NatSteel Corporate R&D Advisory Panel, an advisor/member to the Singapore National Archives Board, and the Australia-Singapore Joint ICT Council. Hing Yan is a Fellow and Vice President of the Cloud Chapter in the Singapore Computer Society. He graduated from the University of Illinois at Urbana-Champaign with PhD and MS degrees in Computer Science. He previously studied at Imperial College London in UK where he obtained a BSc (Eng.) with 1st Class Honours in Computing and MSc in Management Science. |
Tadashi ONODERACo-Chair, Industrial Control Systems Security Working Group
|
Tadashi Onodera has extensive experience in IT strategy, organization management, security architecture and management. He formerly led cyber security services in Industrial Control Systems (ICS) & IoT related domain.
Talk Synopsis ICS Security on Cloud IIoT has allowed ICS to be connected to cloud, introducing dynamic changes by digital technologies in production sites. Cloud Security Alliance's ICS Security Working Group (WG) focuses on security controls of cloud connected to ICS. In this presentation, Tadashi Onodera, Co-Chair of the WG, will present some points to enhance security of ICS founded in the studies of the ICS Security working group. |
Luciano J.R. SANTOSExecutive Vice President of Research, Cloud Security Alliance
|
J.R. Santos is the Executive Vice President of Research for the Cloud Security Alliance. He oversees the Cloud Security Alliance’s research portfolio that covers a diverse range of cloud security topics such as IoT, quantum security, big data, artificial intelligence and application containers and microservices. He is responsible for the execution of the research strategy worldwide. In addition, he advises over 30+ working groups that develop industry-leading security practices, education and tools. J.R. has over 19 years of experience working in information security in a variety of industry sectors including finance, healthcare, aerospace, retail, and technology. J.R. is an active professional in the security industry and has served on various boards and committees throughout his career. J.R. holds various professional certifications and a bachelor’s degree from the University of Washington.
Talk Synopsis Charting the course through disruption with CSA Research Today, cloud represents the central IT system by which organizations are transforming themselves into digital enterprises. And as benefits of agility, scalability, and security continue to be realized through the cloud, new technology trends such as the Internet of Things (IoT), Blockchain, and Artificial Intelligence extend the benefits - but also creates complexity and possible new attack vectors for ambitious and resourceful adversaries. From its inception, the Cloud Security Alliance (CSA) has explored the horizon, identifying the trends and risks of tomorrow and gathering leading security experts from across the industry to propose solutions today. In this presentation JR Santos, EVP of Research for the Cloud Security Alliance will share his vision for the direction of CSA research, discussing the topics currently being worked on by the community of research volunteers and a roadmap for when these best practices will be released to the industry. |
David SIAHChairman, Cloud Security Alliance Singapore Chapter
|
David Siah is Chairman of the CSA Singapore chapter and Head of Channel & Distribution (APAC, Middle East, Africa) of Trend Micro Singapore. Actively involved in Singapore's cyber-security landscape, he is a member of iDA’s Cyber Security Alliance and iDA’s Cloud Outage Incidence Response (COIR) Working Group, SITF's Security and Governance Chapter Lead, and Trend Labs Singapore which is responsible for malware analysis and incidence response.
Talk Synopsis Helping Enterprises to Align with GDPR In Singapore, the GDPR remains a hot topic for businesses, and with good reason. EU accounts for 10 per cent of Singapore's total trade and with bilateral trade standing at about S$91 billion. Compliance may be time-consuming and costly, but the fallout could be greater for organizations. Aside from exorbitant fines, penalties, and lawsuits, non-compliance could also mean fewer business transactions for some. This presentation will cover the prospective CSA artifacts assisting an organizing navigate the GDPR compliance journey. |
Alex SIOWCo-Chair, Cloud Incident Response Working Group
|
Prof Alex Siow is currently Professor (Practice) in the School of Computing, NUS and concurrently Director of the Advanced Computing for Executives Centre, the Strategic Technology Management Institute (STMI) and the Centre for Health Informatics.
Prior to the current appointment, Prof Alex was the Managing Director, Health & Public Service at Accenture. Alex started his career as a Structural Engineer in the HDB in 1981 and appointed the Chief Information Officer in 1989. In 2003, Alex joined the private sector and became the Senior Vice-President in StarHub Ltd. He held various portfolios including Head, Business Market, CIO and Head, Enterprise Risk Management. Prof Alex was very active in the IT Community. He was the President of the Singapore Computer Society from 1997 to 2001. He was the President of ITMA from 1995 to 1999. He was the first President of the Singapore Chapter of the Project Management Institute and served from 2001 to 2012. From 2001 to 2005, Alex was the Chairman of the e-Learning Chapter of SiTF. Alex is currently member of Temasek Polytechnic Board of Governors, and a member of the Board of Trustees of Singapore University of Social Sciences. He is also a member of the Edusave Advisory Council. Prof Alex’s expertise is in IT Governance, Enterprise Risk Management, Management of Emerging Technology and Technology Roadmap Planning. He is also active in the Fintech and blockchain community. Talk Synopsis What Happens When the Cloud Goes Down? With traditional IT infrastructure in the enterprise, clear business continuity management and disaster recovery plans are almost always predetermined. In the event of outages, clear steps are taken towards recovery. However, the same cannot be said for the cloud, where often, outage incident response plans are unclear, confusing or worst, non-existent. There are many reasons for this, ranging from overconfidence in cloud resilience, to the lack of understanding of the shared responsibility between cloud service providers and users. Regardless, the end-result in the event of an outage is the same – businesses are negatively impacted by service outage, with some cloud service providers and users even folding up from the fallout. This session will explore the frequency and causes of recent cloud outages, and how cloud service providers and users alike can prepare for and mitigate damages and losses. |
Ilia, TIVINHybrid IT Security Architect, Hewlett-Packard Enterprise
|
Ilia Tivin has more than 12 years’ experience working as an information security architect in enterprise and government environments. He started his career in the Israeli Defense Forces as a data security lead, has designed security architectures for key customers during his time with Hewlett-Packard Enterprise, and for the past five years has also been delivering training courses from Cloud Security Alliance and (ISC)2 .
Talk Synopsis Progressive Cloud Security Education: CCSK vs CCSP CCSK and CCSP are amongst the most widely sought after certifications in the cloud industry. Although the pair are highly regarded, is it necessary to have both? Or is just having one enough, and if so which one? In this talk, experts and trainers of the courses provide their unbiased comparison of CCSK vs CCSP to help you discover which is a better fit for your professional goals. Learn about the differences between the two with a distinct breakdown of the courses, exam details, and strengths of each certification. |
Time |
Duration |
Activity |
- |
- |
Registration |
1000 - 1005 |
5 mins |
Welcome Remarks Dr. Hing-Yan LEE, EVP, APAC, Cloud Security Alliance |
1010 - 1035 |
25 mins |
Keynote - Charting the Course through Disruption with CSA Research (presentation slides) Luciano (J.R.) SANTOS, EVP of Research, Cloud Security Alliance |
1040 - 1105 |
25 mins |
PPT 1 - What Danger Lurks in the Dark Web? Raju CHELLAM, Honorary Vice Chair, Cloud & Big Data Chapter at SGTech |
1110 - 1135 |
25 mins |
PPT 2 - STRATUS: from Research to Commercialization (presentation slides) Brian COLE, Research Projects Developer, University of Waikato, New Zealand |
1140 - 1205 |
25 mins |
PPT 3 - Industrial Control Systems (ICS) Security on Cloud (presentation slides) Tadashi ONODERA, Co-Chair, ICS Security Working Group |
1205 - 1300 |
55 mins |
Lunch Break |
1300 - 1325 |
25 mins |
PPT 4 - Is Your Cloud Service Properly Protected? (presentation slides)(publication) Dr. CHEN Kai, Co-Chair, Cloud Security Services Management Working Group |
1330- 1355 |
25 mins |
PPT 5 - What Happens When the Cloud Goes Down? (presentation slides) Prof. Alex SIOW, Co-Chair, Cloud Incident Response Working Group |
1400 - 1425 |
25 mins |
PPT 6 - Vulnerability Management Trends in the Age of Cloud (presentation slides) Victor CHIN, Research Analyst, Cloud Security Alliance |
1430 - 1455 |
25 mins |
Panel Discussion - Cloud Security - None of the Users' Business? Moderator: Suresh AGARWAL (Sales Director, South Asia, Cloud Security Alliance) Panelist:
|
1500 - 1525 |
25 mins |
PPT 7 - Progressive Cloud Security Education: CCSK vs CCSP (presentation slides 1) (presentation slides 2) Alice LEE, Director - Product Security Office, Seagate Technology; Assistant Membership Director, (ISC)2 Singapore Chapter Ilia TIVIN, Hybrid IT Security Architect, Hewlett Packard Enterprise |
1530 - 1555 |
25 mins |
PPT 8 - Helping Enterprises to Align with GDPR (presentation slides) David SIAH, Chairman of Singapore Chapter, Cloud Security Alliance |
Address
Marina Bay Sands Expo and Convention Centre, Cyber Threats, Defence & Response Theatre
1 Bayfront Ave, 018971
Marina Bay Sands Expo and Convention Centre, Cyber Threats, Defence & Response Theatre
1 Bayfront Ave, 018971
For other enquiries, please email us at [email protected].