-
Summary
-
Speakers
-
Schedule
-
Contact Us
<
>
Post Pandemic : Getting Onto The Cloud Safely
The COVID-19 pandemic created an instant demand for cloud-based solutions requiring the majority of organizations to accelerate their journey to the cloud. The CSA Cambodia Virtual Summit will focus on educating stakeholders on the key issues and trends facing cloud and cybersecurity today. The event will deliver the education, tools and knowledge you need to make this easier, faster pivot to the cloud.
This one-day program co-organised by CSA APAC & CSA Cambodia Chapter will provide insight and provide a perspective on critical strategic cloud and cybersecurity concerns. Join the leading experts with domain proficiency and expertise to discuss the key issues and trends facing cloud security and cybersecurity today at this Virtual Summit on 16 September 2022.
The event is free to attend. To register for the sessions, log in using your BrightTalk account. If you do not have an existing account, please sign up here https://www.brighttalk.com/login/. Once the account is created visit https://www.csaapac.org/csacambodiavsummit2022.html and register for sessions you would want to attend under the 'schedule' tab.
Earn CPE Credits: To download your viewing certificate, navigate to the “Viewing History” section of your BrightTALK Account. You can find more information about this here: https://support.brighttalk.com/hc/en-us/articles/204280700-Can-I-have-a-list-of-all-the-webinars-I-ve-attended-
This one-day program co-organised by CSA APAC & CSA Cambodia Chapter will provide insight and provide a perspective on critical strategic cloud and cybersecurity concerns. Join the leading experts with domain proficiency and expertise to discuss the key issues and trends facing cloud security and cybersecurity today at this Virtual Summit on 16 September 2022.
The event is free to attend. To register for the sessions, log in using your BrightTalk account. If you do not have an existing account, please sign up here https://www.brighttalk.com/login/. Once the account is created visit https://www.csaapac.org/csacambodiavsummit2022.html and register for sessions you would want to attend under the 'schedule' tab.
Earn CPE Credits: To download your viewing certificate, navigate to the “Viewing History” section of your BrightTALK Account. You can find more information about this here: https://support.brighttalk.com/hc/en-us/articles/204280700-Can-I-have-a-list-of-all-the-webinars-I-ve-attended-
Co - Organized by
Supporting Organizations
Speakers & Panelists
Parveen ARORA
Member, DevSecOps WG, CSA & Co-Founder & Director, VVnT Foundation
|
Parveen ARORA is quality security consultant and founding director @VVnT SeQuor. He is also Co-founder @VVnT Foundation, a not-for-profit organization embarked on the mission to build an empowered community of Knowledgeable, Efficient and Ethical – Verification Validation & Testing Professionals in India. He is certified practitioner and expert in Cybersecurity, Cloud Security Engineering, Privacy by Design, Scaling DevOps & implementation of Quality-First approach to build better Products and Services in compliance to global standards. His credentials include: CCSK, Certified GDPR Practitioner & Fellow of Privacy Technology, Certified DevOps Leader & Coach, DevSecOps Certified & Practitioner, Certified Software Test Manager & Test Automator, ITIL v3 Foundation Level, ISO 9001, ISO/IEC 27001 and ISO/IEC 20000 Certified, Certified Kaizen Practitioner.
|
CHUON Leangheng
Cloud Engineer, Kirirom Institute of Technology
|
Leangheng is a AWS Certified Solution Architect, with the goal of becoming a Cloud Engineer. is also a senior year student at Kirirom Institute of Technology in Cambodia, where he is pursuing Software Engineering with a major specialization in Infrastructure Cloud Computing. He was an intern for 3 years on Network Administration and Data Center Infrastructure Management to optimize performance for a whole area network of his university.
|
John DIMARIA
Assurance Investigatory Fellow & Research Fellow, CSA
|
John DIMARIA CSSBB, HISP, MHISP, AMBCI, CERP, is Assurance Investigatory Fellow and Research Fellow with CSA. He has 30 years of successful experience in standards and management system development, including information systems, business continuity, and quality. John was one of the innovators and co-founders of the CSA STAR Program for CSPs, a contributing author of the American Bar Association’s Cybersecurity Handbook, a working group member, and a key contributor to the NIST Cybersecurity Framework. He currently manages all facets of the CSA STAR Program which includes security, privacy, continuous monitoring, and development of new solutions.
|
Dr. Hing-Yan LEE
EVP, Government Affairs, CSA
|
Dr. Hing-Yan LEE is Executive Vice President (Government Affairs) at Cloud Security Alliance (CSA). He has 30+ years of ICT working experience in both the public and private sectors. He was previously Executive Vice President for APAC and global director of the CSA STAR program. Before that, he was Director of National Cloud Computing Office at the Infocomm Development Authority, where he was responsible for developing the cloud ecosystem, promoting cloud adoption by government agencies and private sector enterprises, and building a trusted environment (including developing Multi-Tier Cloud Security standards and Cloud Outage Incident Response guidelines).
He was Deputy Director of National Grid Office at Agency for Science, Technology & Research, Principal Scientist at the Institute for Infocomm Research, Director of Knowledge Lab and Deputy Director of Japan-Singapore Artificial Intelligence Centre and Deputy Director at Information Technology Institute (the applied R&D arm of National Computer Board). He supervised industry collaborations and applied R&D in machine language translation, spoken language dialogue, expert systems, knowledge discovery, data mining, data visualization, and other knowledge-driven efforts at the Kent Ridge Digital Labs. Hing-Yan is a Fellow of Singapore Computer Society. He graduated from University of Illinois at Urbana-Champaign with PhD and MS degrees in Computer Science. He studied Computing and Management Science at Imperial College. |
LIM May-Ann
Director, Fair Tech Institute, Access Partnership & Emeritus Director, Asia Cloud Computing Association
|
May-Ann is Director of the Fair Tech Institute at technology consultancy firm Access Partnership, and is concurrently Emeritus Director of the Asia Cloud Computing Association (ACCA). She has worked extensively on technology policy development, including data governance policies, digital economy, emerging technology, ICTs for development, green digital sustainability, and cybersecurity. She has worked with many global, regional, and local organizations such as APEC, ASEAN, PECC, INTERPOL, Council of Europe (CoE), United Nations Institute for Disarmament Research (UNIDIR), FELEBAN in Latin America, ACCA, and Asia Internet Coalition (AIC), on thought leadership development, government outreach and stakeholder engagement efforts.
She is appointed to the Singapore Data Protection Appeal Panel 2019-2023, and sits on various international agency task forces, such as the World Bank Group’s Cloud and Data Infrastructure Private Sector Advisory Committee, World Economic Forum’s Digital ASEAN Taskforce, the Data & Jurisdiction Team for the Internet & Jurisdiction Policy Network. A strong advocate for inclusive education, digital literacy, and sustainability, May-Ann also volunteers as a youth mentor with Advisory Singapore, and with nonprofit organization Engineering Good, which focuses on assistive technology and digital inclusion of the under-privileged and disabled. |
Ian LOE
CIO, DFI Retail Group & Adjunct Senior Fellow, SUTD Academy, Singapore University of Technology & Design
|
Ian has more than 26 years of experience in the IT industry with wide industry experience spanning the public sector to financial services. He has deep knowledge in both infrastructure and application security with deep expertise in governance and security technologies.
Today Ian is CIO in a large conglomerate and responsible for the management of cybersecurity, infrastructure, architecture & data engineering for the group. Ian has introduced many modern approaches to technology management including implementing Hyper Converged Infrastructure (HCI), DevSecOps, FinOps, SRE, Risk Based Management, and the use of Breach & Attack Simulation platforms. He has held other senior appointments such as Director, Government Cybersecurity Operations and was responsible for managing cybersecurity operations for the whole of government in Singapore, which included the monitoring of and response to cybersecurity incidents. He is a regular industry speaker on many topics and an active adjunct senior fellow at the Singapore University of Science & Technology. |
Shamsul Izhan Bin Abdul MAJID
Chief Technology & Innovation Officer, Malaysian Communications & Multimedia Commission
|
Recognised for his track record in Digital Transformation for business growth, Sam is a Business Technology leader with vast international experience in driving innovative growth across a diverse range of landscape including transportation, utilities, logistics, telecommunications and Government. At the Malaysian Communications and Multimedia Commission (MCMC), Sam is responsible as the Chief Technology and Innovation Officer (CTIO) over the Commission's technology, innovation vision and strategies execution for growth while focusing on improving technological advancement. He has bootstrapped start-ups and drives corporate innovation. He is a regular public speaker and has gained recognition with innovation awards of IDC, APICTA and iAwards. He holds a Research Masters and Engineering degree from University of Melbourne, Australia.
|
Ramiah MARAPPAN
CISO, Security Spectrum
|
Ramiah MARAPPAN is CISO at Security Spectrum Services LLP as well as an experienced information security consultant, trainer and advisor.
He has 30 years’ experience and expertise in Information Security Consulting, Design, Development and Operations, Security Risk Assessment, Policy Development and Implementation, Security Operations, Infrastructure Design and Operations and Training. Delivered consulting, design and build engagements for Financial Institutions, Government, Manufacturing, Retail, Academic Institutions, Telecom, Commercial and Aviation in Asia Pacific, Middle East and Europe regions. He has 10 years of teaching experience in Information Security, Networking and Data Centre Operations, DevOps, Privacy and Cloud. He participated in the ISO ISO/IEC JTC 1/SC 27 committee as a subject matter expert. His certifications include CISSP, CISA, CCSK, CBSA, DevOps, and DevSecOps certifications. He is an authorised CCSK instructor. |
OU Phannarith
Chair, CSA Cambodia Chapter
|
Mr. OU is Chairman of CSA Cambodia Chapter, research fellow at the Center for Inclusive Digital Economy, Asian Vision Institution (AVI), Professor at Royal University of Law and Economic (RULE) specializing in Cybersecurity and Senior Advisor to the Cambodia Digital Tech Association (CDTA). He is founder of the first cybersecurity awareness website (www.secudemy.com), ISAC-Cambodia (Cybersecurity), Cyber Studies Network (CSN), and founder of Cyber Youth Cambodia.
|
Jim REAVIS
Co-Founder & CEO, CSA
|
For many years, Jim Reavis has worked in the information security industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging security trends have been published and presented widely throughout the industry and have influenced many. Jim is helping shape the future of information security and related technology industries as co-founder, CEO and driving force of the Cloud Security Alliance. Jim has been named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com.
Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, governments, large enterprises and other organizations on the implications of new trends such as Cloud, Mobility, Internet of Things and how to take advantage of them. Jim founded SecurityPortal, the Internet’s largest website devoted to information security in 1998, and guided it until a successful exit in 2000. Jim has been an advisor on the launch of many industry ventures that have achieved a successful M&A exit or IPO. Jim is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. Jim has a background in networking technologies, marketing, product management and systems integration. Jim received a B.A. in Business Administration / Computer Science from Western Washington University in 1987 and formerly served on WWU’s alumni board. Jim was recognized as a WWU Distinguished Alumnus in 2015. In 2016, Jim was inducted into the Information Systems Security Association (ISSA) Hall of Fame. |
Lefteris SKOUTARIS
Program Manager, CSA
|
Lefteris Skoutaris has been working as a security analyst for Cloud Security Alliance in the past 4 years and is currently the program manager of the Cloud Controls Matrix (CCM) Working Group (WG) and CCMv4.0 development activities.
Mr. Skoutaris has worked in the past at the European Space Agency (ESA) and European organization for Network and Information Security (ENISA), substantially contributing to cyber and cloud security projects on research, architecture and frameworks development. |
Time |
Activity |
Session Link |
2:00 pm |
Welcome Remarks Dr. Hing-Yan LEE (EVP, Government Affairs, CSA) Welcome Address Phannarith OU (Chair, CSA Cambodia Chapter) Opening Address Jim REAVIS (Co-Founder & CEO, CSA) |
|
2:30 pm |
Keynote : Cloud Adoption and Data Governance in Cambodia LIM May-Ann (Director, Fair Tech Institute, Access Partnership & Emeritus Director, Asia Cloud Computing Association) There is much interest and excitement about how Cambodia can be riding the wave of digitalization through cloud computing to power its economic development. This presentation will examine the level of cloud adoption in Cambodia, the types of services which are being consumed, and examine some cloud adoption and cybersecurity related issues and regulations which may help - or impede - Cambodia's digital transformation journey. |
|
3:00 pm |
Journey to the Cloud : Roles & Responsibilities CHUON Leangheng (Cloud Engineer, Kirirom Institute of Technology) The talk will cover factors which determine that we need to consider transforming to the Cloud and the necessities that we should prepare. The session will also deep dive into the perception of business and technical sides toward the cloud to foresee all the criteria and the benefits. In addition, the speaker will introduce popular cloud services and fundamentals of cloud security. |
|
3:30 pm |
Digital Transformation in the Public Sector through Cloud Adoption Shamsul Izhan MASJID (Chief Technology & Innovation Officer, Malaysian Communications & Multimedia Commission) The largest employer of the country cannot afford to be left behind on the rapidly increasing pace of the Digital Transformation journey. For this reason, the Government of Malaysia introduced MyDigital, a national blueprint for public sector Digital Transformation covering 6 main pillars including adoption of cloud and 100% adoption of Digital Signature, expansion of telecommunication coverage and manpower digital upskilling. In this presentation, MCMC will share our ongoing efforts as part of driving Digital Transformation in the Public Sector through Cloud Adoption. |
|
4:00 pm |
Cloud Security – A Journey Though Stages of Maturity Ian LOE (CIO, DFI Retail Group & Adjunct Senior Fellow, SUTD Academy, Singapore University of Technology & Design) With the cloud landscape ever evolving and expanding, what we know as cloud security is also changing. In this session, I will walk the audience through a journey on my approach to cloud security from simple compliance and Cloud Security Posture Management (CSPM) to cloud native security and attack surface management. I will also explore some aspects of “post-incident” forensics support and what it takes to forward an organisation’s cloud security maturity. |
|
4:30 pm |
Bridging the Compliance & Development Gaps with DevSecOps Parveen ARORA (Member, DevSecOps WG, CSA & Co-Founder & Director, VVnT Foundation) It is important to recognize the compliance objectives and translate them to appropriate security measures. CSA recommends “Six Pillars of DevSecOps” and provides a high-level set of methods and solutions to build software at speed with minimal security-related bugs. CSA provides guidance to ensure the gap between compliance and development is addressed by identifying inflection points within the software development lifecycle where these controls can be embedded, automated, measured, and tested in a transparent and easily understood way. CSA and SAFECode aim to continuously improve software security outcomes. The recent publication covers in-depth details on Framework for Bridging Compliance and Development with the use of DevSecOps practices. |
|
5:00 pm |
Cloud Security Compliance : CSA Tools for Regulators Ramiah MARAPPAN (CISO, Security Spectrum) As countries and industry sectors pivot towards cloud adoption, their respective regulators and industry sector associations seek to ensure such adoption complies with their existing security requirements. This can be achieved through mapping between their own security requirements with the Cloud Control Matrix (CCM) while the Cloud Service Providers (CSPs) can demonstrate compliance to the requirements by getting certified through the STAR program. STAR-certified CSPs provide security assurances that are the same or similar to what is required by the respective country/industry specific framework/standards. In this talk, the speaker will share the role and benefits of CCM, Cloud Auditing Guidelines and STAR in cloud adoption and compliance. |
|
5:30 pm |
Introduction to the Cloud Controls Matrix v4.0 Lefteris SKOUTARIS (Program Manager, CSA) The presentation aims to provide a synopsis about the latest release of the Cloud Control Matrix version 4.0, a greater insight into its development and new components, the current activities of the CCM working group (ongoing works, published and future works) and finally an update on CSA’s STAR program and transition policy from CCMv3.0.1 to CCMv4.0. |
|
6:00 pm |
CSA STAR Program – Turning your Scars into STARS John DIMARIA (Assurance Investigatory Fellow & Research Fellow, CSA) Cloud adoption has been growing rapidly over the years due to business benefits such as cost savings, scalability, increased security, ease of deployment. In 2020 the world experienced an even bigger upsurge due to the COVID pandemic. This massive growth in cloud adoption also brings about a unique set of challenges when it comes to data privacy and security. The Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and harmonization of standards. Companies that submit to the STAR Registry indicate best practices and validate the security posture of their cloud offerings. They increase the level of assurance by turning their scars into STARs. It’s about reducing complexity, which equals reduced cost, decreased risk and increased security. Join us on this must-attend as CSA provides you with an insight into the global growing mandate for organizational certification and details behind CSA STAR. During this session you will learn how it has evolved into a framework that provides a flexible, incremental, and multi-layered cloud provider system that is being recognized as the international certifiable harmonized GRC solution, starting with development, implementation and the three levels of the Open Certification Framework that constitute up the STAR Program. |
Disclaimer : The ordering & timing is subject to change