View
3
Download
0
Category
Preview:
Citation preview
Web: www.mistiasia.com/ciso Email: misasia@misti.com Tel: +852 2520 1481
The inaugural
CISO Asia PacificSummit
1-2 November 2012 • Marina Bay Sands Singapore
Attend this informative summit in order to:
4 Keep pace with security threats and attacks while minimising impact on business operations
4 Overcome the increasing demand for risk and security management
4 Develop a sound information security policy to ensure key data is managed effectively
4 Align your information security management approach with your organisation’s overall business objectives
4 Maintain privacy and integrity by avoiding fraudulent and unauthorised access to data
4 Strengthen information security by uncovering the techniques used by hackers
4 Identify vulnerabilities and threats to your information resources as well as the impact to your business
The Global Leader in Audit, Risk, Fraud and Security Training
A division of
Featured speakers:Jerry Archer Chief Security Officer, Sallie Mae Board Director, Cloud Security AllianceAhmed Baig Chief Information Security Officer, Abu Dhabi GovernmentSabyasachi Chakrabarty Chief Security Officer – APAC, British TelecomAloysius Cheang Managing Director – APAC, Cloud Security AllianceLionel Lee Partner, Rajah & TannAnil Mahtani Chief Operational Risk Officer, ING InsurancePaolo Miranda Deputy Director, Technology Solutions Corporate Development, National Volunteer and Philanthropy Centre (NVPC)Shrikant Raman VP Security & Vulnerability Management – APAC, JP Morgan ChaseJim Reavis Executive Director, Cloud Security AllianceSapan Talwar Regional Chief Information Security Officer – APAC, AonGeorge Wang Senior Director, Infrastructure Technology & Data Centre Operations, Neptune Orient Lines
Endorsers
Co-organiser
Supported by ExhibitorsSilver sponsors Bronze sponsors
securing the perimeter withinconduit light ital
Who should attend
Senior Information security professionals who have a day-to-day responsibility for ensuring the compliance and security of sensitive information. This includes but is not limited to:
Chiefs, Presidents, Vice Presidents, Directors, General Managers, Heads and Controllers from:• InformationSecurity• InformationVulnerability• InformationAuditandControl• ITGovernance• ITCompliance• InformationRiskManagement• CyberSecurity
Across all industries and government authorities
The inaugural
CISO Asia PacificSummit
1-2 November 2012 • Marina Bay Sands Singapore
Dear Colleagues,
The inaugural CISO Asia Pacific Summit is an elite gathering of senior information security, risk and compliance professionals. We have lined up more than 15 speakers and designed a comprehensive agenda covering hot topics in information security and risk management. The summit will be the best networking, learning and benchmarking event for senior information security professionals in Asia.
The inaugural CISO Asia Pacific Summit is supported by regional and international information security practitioners from well-known organisations with extensive experience of solving the many challenges faced by the industry.
A very big thank you to the members of our Steering Committee for their expertise, guidance and advice in developing our agenda:
Mak Kien Hui Head, Safety and Security Industry Programme
Singapore Economic Development Board
Dr James Lei ZhibinProgram Director of the Enterprise and Consumer Electronics GroupHong Kong Applied Science and Technology Research Institute
Sapan TalwarRegional Chief Information Security Officer
Aon Corporation
Anil MahtaniExecutive Director, Chief Operational Risk Officer
ING Asia Pacific
George WangSenior Director-Infrastructure Technology & Data Centre Operations
Neptune Orient Lines
Luciano Santos Jnr Global Research Director
Cloud Security Alliance
Shrikant RamanVP Security & Vulnerability Management – APAC
JP Morgan Chase
Paolo MirandaDeputy Director - Technology Solutions
National Volunteer and Philanthropy Centre (NVPC)
With all of this high-level expertise under one roof, this is an unmissable opportunity to explore cutting-edge solutions to information security management issues. Act now! Register today to join fellow information security professionals and thought leaders for 2 days of industry-proven case studies, panel discussions and expert presentations.
We look forward to welcoming you to this event!
Kelli Haynes, DirectorMIS and Euromoney Training, Asia Pacific
Web: www.mistiasia.com/ciso Email: misasia@misti.com Tel: +852 2520 1481
Media partners
About the organisers: MIS Training Institute is part of the Euromoney Training group. Founded in 1978, MIS is the international leader in audit, fraud
and security training, with offices in the UK, USA and Asia. MIS’ expertise draws on experience gained in training more than 200,000 delegates across five continents. MIS presents courses and conferences in the areas of: InternalAudit,Fraud,ITAudit,RiskandInformation&CorporateSecurity.
TheCloudSecurityAllianceisanot-for-profit organization with a mission to promote the use of best practices for providing security assurance within CloudComputing,andtoprovideeducationontheusesofCloudComputingtohelpsecureallotherformsofcomputing.TheCloudSecurityAlliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org , and follow us on Twitter@cloudsa.
Agenda
14:00 Case study Information security governance
• Highlightingtheimportanceof a governance framework for information security
• Thecharacteristicsofaneffectiveinformation security governance programme
• Discussingindustry’sbestpractices and steps in the information security programme lifecycle
Ahmed BaigChief Information Security Officer
Abu Dhabi Government
14:30 Case study Legal challenges in an
information security breach • Understandingtheapplicablelaw
in an information security breach • Preservationofevidencefor
investigations and admissibility in court
• Pursuingtheperpetratorsandlegal liabilities in the event of a security breach
Lionel LeePartner
Rajah & Tann
15:00 Afternoon networking break
15:30 Case study Balancing risks and rewards of IT
consumerisation • Whatarethechallenges
businesses face if they adopt or oppose IT consumerisation?
• Discussingbestpracticesforcombating the security risks created by IT consumerisation
• Assessingthemajoringredientsfor an effective policies to reduce IT security risk
Sapan TalwarRegional Chief Information
Security Officer – APACAon
Further, this session discusses strategies in making the right investment decisions that yield the greatest impact on information security risk reduction.
Moderator: George WangSenior Director, Infrastructure
Technology & Data Centre OperationsNeptune Orient Lines
Panellist: Senior RepresentativeAccessData
11:30 Panel discussion Cloud computing: The pain and
the opportunity Cloudcomputingisahottopic.Isit
time to embrace it or to stay away?
This session will discuss a variety of cloud services, cloud deployments, performance and economic benefits of cloud computing. TheCISOpanelwillalsoexaminethe security element of cloud computing services and systems as well as forecasting future cloud risk.
Moderator: Paolo MirandaDeputy Director, Technology
Solutions Corporate DevelopmentNational Volunteer and
Philanthropy Centre (NVPC)
Panellist: Sapan TalwarRegional Chief Information
Security Officer – APACAon
Senior RepresentativePing Identity
12:15 Sponsor session Stay technologically competitive
and relevant in a global market place with cloud computing
Discussing the underlying technology, capabilities, economic, and operational impact of the cloud.
12:45 Networking luncheon
Day 1
08:30 Registration and morning coffee
09:00 Chairperson opening speechChairperson: Aloysius Cheang
Managing Director – APACCloud Security Alliance
09:15 Keynote Examining the emerging trends
in information security • Whatarethefutureprospectsfor
the field of information security? • Whatisthebiggestchangefor
today’sCISO • Whataretheemergingmodern
information security crimes and threats
Jim ReavisExecutive Director
Cloud Security Alliance
09:45 Case study What is in every hacker’s tool
bag? • Doyouknowwhichtechniques
hackers use to identify the systems and services your company is running?
• Howdohackersdetermineyourweakest link?
• Toavoidbecomingthenextvictim, it is vital to understand the hacker’s techniques and motives
Senior RepresentativeBeyondTrust
10:15 Morning networking break
10:45 Panel discussion Keeping up with the ever-
changing information security landscape
TheCISO’srolehasbecomemoreprominent in recent years as a result of increased regulatory and industry requirements and the ever-changing threat landscape.
The Global Leader in Audit, Risk, Fraud and Security Training
“The only IT Security event I will attend!” Head of Information Security, Baille Grifford
Web: www.mistiasia.com/ciso Email: misasia@misti.com Tel: +852 2520 1481
16:00 Panel discussion The BYOD dilemma: Discussing
the security challenges BYOD presents
Bring-Your-Own-Device, an innovation that increases employees’ mobility and productivity but also brings hidden security risks to a corporate network.
This session will discuss the challenges that must be overcome before organisations can allow secure access to their systems. Our CISOpanelwilldiscussthestepsthat they took to manage the risks and share tips for developing holistic BYOD policies.
16:45 Chairperson closing remarks and end of Day 1
Day 2
08:30 Registration and morning coffee
09:00 Chairperson opening speechChairperson: Aloysius Cheang
Managing Director – APACCloud Security Alliance
09:15 Keynote Developing a business-driven
information security architecture • Whatarethekeycomponents
of an effective and holistic information security architecture?
• Reviewingthestrengths,weaknesses and common characteristic of various frameworks
• Whatarethechallengesfacedin ensuring the architecture remains relevant and useful?
Jerry ArcherChief Security Officer, Sallie Mae
Board Director, Cloud Security Alliance
09:45 Sponsor session Identity security solutions Discovering industry standards
and best practices for identity and access management that will help organisations maintain both productivity and information security.
10:15 Morning networking break
10:45 Case study Is risk culture a critical success
factor for information security and risk management?
• Whatexactlyisriskculture?WhyshouldaCISOorCIOcareaboutrisk culture?
• Howdoesitrelatetohavingeffective information security and risk management in the organisation?
• Whatarethestepsandchallenges to developing the right risk culture?
Anil Mahtani Chief Operational Risk Officer
ING Insurance
11:15 Sponsor session Information security risk
assessment • Inwhichsecuritysolutionisit
worth investing? • Discoverhowtobetterprotect
valuable data and other intellectual property to preserve customer confidence
Senior RepresentativeSkyBox Security
11:55 Sponsor session Information security breaches
• Whatarethelessonslearnedfrom high profile breaches?
• Discoverwhatpreventivemeasures should be taken to avoid breaches and enable quick recovery
12:25 Networking luncheon
14:00 Panel discussion Social media: Is your information
at risk? The widespread use of social media
by employees is a challenge for the CISO.Organisationsactivelylookfor ways to exploit social media for marketing, recruitment and customer relationship purposes. HowshouldCISOsdealwiththeinevitable growth of social media?
This session will discuss the strategic roadmaps for social media policy and examine best practices to ensure safe and risk-assessed usage of social media.
Panellist: Lionel LeePartner
Rajah & Tann
14:45 Case study Business continuity and disaster
recovery planning • Discussingtheimpactofapoorly
contained data breach and mishandled responses
• Assessingthekeypointsthatshould be addressed in every business continuity plan
• Howtoyouensureemployeesare able to develop capabilities to deal with threats?
Shrikant Raman VP, Security & Vulnerability
Management – APACJP Morgan Chase
Sponsorship OpportunityCISO Asia Pacific Summit provides an excellent business platform to market your expertise and services by capturing the interest and influencing the decisions of our highly targeted audience.
CISO Asia Pacific Summit serves as an opportunity for you to:
• Developkeyindustrydatabasesandtransformtopprospectsintonewclients• Enhancebrandrecognitiontoahighlydesirableandtargetedaudience• Networkwithforwardthinkingdynamichigh-levelexecutiveandmanagement
Our partnership programme is packed with extraordinary value allowing our sponsor to receive prime exposure among a large group of senior executives to whom this congress will be marketed.
ReinforceandelevateyourpositionasamarketleaderbycontactingAng Kar Wee, at +852 2111 6617 or email Kang@misti.com to discuss more about this opportunity.
15:15 Afternoon networking break
15:45 Case study Achieving higher virtualisation
efficiencies • Discussingtowhatextent
does virtualisation improve the efficiency of IT resources
• Whatarethemainsecurityconcerns in improving your virtualised environment?
• Virtualisation-basedsecurity?Ismoving to virtualisation making network security easier or harder?
Sabyasachi ChakrabartyChief Security Officer – APAC
British Telecom
16:15 Panel discussion Why information security keeps
falling off the budget? Why information security is always
the last priority?
What are the key ingredients of a solid information security programme that will lower costs, reduce risk and ensure consistent compliance?
Inthissession,theCISOpanelwill discuss budget tips and relief strategies to beat the budget crunch. They share best practices in maximizing the information security budget.
17:00 Chairperson closing remarks and end of the Summit
*Speakers may be subject to change.
“Unparalleled opportunity to hear and talk to well-respected Information Industry leaders”
Chief Security Advisor, Microsoft Ltd
Exhibitors Rapid7istheleadingproviderofsecurityriskintelligence.Its integrated vulnerability management and penetration
testingproducts,NexposeandMetasploit,empowerorganizationstoobtainaccurate,actionable and contextual intelligence into their threat and risk posture. For more information, please visit www.rapid7.com
SAIGlobalhelpsorganisationsimplementRiskManagementprograms. Addressing the latest information security risk, SAI launched the online training program - Securing Information
andProtectingPrivacy(SIPP).Withpeopleposingoneofthebiggestthreatstoinformationsecurity,SIPPeducatesemployeesonthenecessaryprecautionstoinformationsecurity.
Bronze sponsors AccessDataGrouphaspioneereddigitalinvestigationsfor20+years.ClientsrelyonAccessData’stechnologiesforincidentresponseandcybersecurity.ItsnewCIRTsecurityframeworkintegratesnetworkanalysis, host analysis and large-scale auditing into a single interface and facilitates continuous monitoring, while enabling more effective handling
of advanced persistent threats and data spillage.
BeyondTrust is the only security solution vendor providing Context-AwareSecurityIntelligence,givingourcustomersthevisibility and controls necessary to reduce their IT security risks,
while at the same time simplifying their compliance reporting.
Our strength is in protecting infrastructure and data across the entire IT landscape: making every device - whether on a desk or in a data center, in a pocket or a virtual machine, or in the cloud - as secure as possible. Our solutions identify and remediate the vulnerabilities that are the basis for cyber-attacks, as well as mitigate internal threats that arise from the accidental or intentional misuse of system or device privileges. In short, we protect from both the external and internal threat.
PingIdentityprovidescloudidentitysecuritysolutionstomorethan800oftheworld’s largest companies, government organizations and cloud businesses. Witha99%customersatisfactionrating,PingIdentityempowers45oftheFortune 100 to secure hundreds of millions of employees, customers, consumers
and partners using open standards like SAML, OpenID and OAuth. Businesses that depend ontheCloudrelyonPingIdentityforsimple,provenandsecurecloudidentitymanagementfor customers and employees through single sign-on, federated identity management, mobileidentitysecurity,APIsecurity,socialmediaintegrationandcentralizedaccesscontrol.Visitpingidentity.comtolearnmore.
securing the perimeter withinconduit light ital
© Copyright Euromoney Training 2012
Silver sponsorsQ1 Labs, an IBM company, is a global provider of high-value, cost-effective next-generation security intelligence products. Thecompany’sflagshipproduct,theQRadarSecurityIntelligencePlatform,integratespreviouslydisparatefunctions--including
SIEM, risk management, log management, network behavior analytics and security event management -- into a total security intelligence solution, making it the most intelligent, integrated and automated security intelligence solution available. Apart from Security Intelligence, IBM Security portfolio includes solutions for Identity and Access Management, DatabaseSecurity,ApplicationDevelopment,RiskManagement,EndpointManagement,NetworkSecurityandmore.IBMSecurityproducts,servicesandexpertiseenableorganizations to more effectively manage risk and implement integrated security solutions for mobile, cloud, social media and other enterprise business architectures.
Skybox Security delivers a complete proactive security risk management solutions that automatically find, prioritize and drive remediation for risks that could lead to data breaches or cyber attacks, in a large or complex network, before an attack.
Skybox enables daily and automated security risk and compliance management tasks such as firewall assessments, vulnerability management, threat management, and change planning.
SkyboxSecurity’scustomersgainsbusinessandtechnicalbenefitsofContinuousVisibility,DailyAttackPreventionandExpertAnalytics–onanenterpriseclassperformancelevelandscalability:
• See,trackandreportonthepotentialbusinessandcomplianceimpactofcyberrisks• Monitorandvisualizecontinuous,device-independentsecuritystatuswithoutnetwork
disruption • Automatesecurityriskmanagementprocessestominimizerisklevelandpreventattacks• Automatethestepsneededtoanalyzesecuritydataandtakepreventativemeasures
every day• Comprehensivesecurityanalyticsprovidedecisionsupporttools,improvesecurityteam
productivityandprovideanswerstosecurityquestionssuchas:Networkpathanalysis,Networkmodeling,Attacksimulation,Vulnerabilitydiscovery,RiskKPImetrics,Multiplemodels(sandboxanalysis),Vulnerabilitydictionary,Correlateswiderangeofsecuritydata
• Extensiveout-of-the-boxintegrationdeliversconsistentfeaturesetforanyenvironment
To learn more, please visit our website www.skyboxsecurity.com
The Global Leader in Audit, Risk, Fraud and Security Training
I prefer course updates by email.
My email address is . Please fax back to +852 2866 7340 or email your details to courses@euromoneyasia.com. Please include the code that appears on top of the address label above in your email.
Registration form Yes, please register me for:
CISO Asia Pacific Summit(MS5126)on 1-2November2012,MarinaBaySandsSingapore
Summit fee:
The early-bird discount cannot be used in conjunction with any other discount.All fees are net of withholding, business and local taxes. Delegates registering from Singapore will have to bear the prevailing GST at the date of invoice.Seat is confirmed only upon receipt of payment.
VenueMarina Bay Sands Singapore10 Bayfront Avenue, Singapore 018956 Tel: +852 6688 8868 www.marinabaysands.com/
MIS Training reserves right to change venue without prior notice.
Payment details (pleasetickasappropriate)
Cheque Invoice Credit card#
#To make this payment by credit card, please call +852 2520 1481.
I have read and understood the booking terms and conditions
Signature Date
Group booking discountWhen two colleagues from one institution book together on the same event, there is a 5% discount on the second booking. Further discounts are available for larger groups.
This discount cannot be used in conjunction with any other offer.
Funding supportThe Monetary Authority of Singapore (MAS) administers grants to financial sector organisations that sponsor eligible participants to training programmes that meet qualifying criteria. For enquiries, please contact the MAS at (65) 6229-9396 or via email at fsdf@mas.gov.sg.
© Copyright Euromoney Training 2012
Cancellation policyIf any registered delegate cannot attend our course, a replacement is always welcome for the course. Cancellations must be made in writing (letter or fax) with MIS Training’s acknowledgement. Written cancellations must reach this office 30 days before the programme commences. A full refund less an administration charge of US$150 will be given. For any written cancellation requests that reach us less than 30 days before the event, no refunds will be given. However, if you wish to attend another MIS Training course in the Asia-Pacific region, a 75% discount voucher which values not more than 75% of the initial payment will be issued. Please note that the subsequent course must take place within 6 months of
the initial registration. Discount vouchers are transferable within the same organisation, but not to be used in conjunction with any other discount schemes. Discount vouchers will not be issued for no-shows without cancellation. MIS Training reserves the right to the final decision if any dispute arises.
Incorrect mailingPlease accept our apologies for mail which is incorrectly addressed. Should you wish to amend the address/addressee details, please send or fax us a copy of the relevant mailing label (on the envelope or brochure) and we will update our records accordingly.
Data protectionThe information you provide on this form will be used by Euromoney Institutional Investor PLC and its group companies (“we” or “us”) to process your order and/or deliver relevant products/services and content. We may also monitor your use of our website(s), including information you post and actions you take, to improve our services to you and track compliance with our terms of use. Except to the extent you indicate your objection below, we may also use your data (including data obtained from monitoring) (a) to keep you informed of our products and services; (b) occasionally to allow companies outside our group to contact you with details of their products/services; or (c) for our journalists to contact you for research purposes. As
DisclaimerMIS Training reserves the right to alter any part of the published programme or faculty. In the event of cancellation by MIS Training due to unforeseen circumstances, MIS Training limits its liabilities to refunding the tuition fee of the event.
Fee includes lunch and refreshments. Delegates are responsible for their own flights and accommodation. An invoice will be sent upon receipt of registration form.
a division of Euromoney Institutional Investor
an international group, we may transfer your data on a global basis for the purposes indicated above, including to countries which may not provide the same level of protection to personal data as within the European Union. By submitting your details, you will be indicating your consent to the use of your data as identified above. Further information on our use of your personal data is set out in our privacy policy, which is available at www.euromoneyplc.com or can be provided to you separately upon request.
If you object to contact as identified above by telephone , fax , or email , or post , please tick the relevant box. If you do not want us to share your information with our journalists , or other companies please tick the relevant box.
4 easy ways to register
1. Web www.mistiasia.com
2. Email misasia@misti.com
3. Telephone +85225201481
4.Facsimile +85228667340
Delegate details (all of the following is required to process your registration)
Surname Mr/Mrs/Ms
First name
Position Department
Approving Manager Position
Company
Address
Telephone Fax
How did you hear about the event?
Early-bird rate (Book and pay before
Monday 8 October 2012)Standard rate
2 day Summit US$1,895 US$1,995
Vendor / Advisory rate US$2,195 US$2,295
SAVEUS$100
SAVEUS$100
Register on-line at:
www.mistiasia.com/cisoPlease ensure you enter your event code when registering and you will be entered into our monthly prize draw to win £50 of Visa vouchers.
IMPORTANT INFORMATION - YOUR EVENT CODE
MS5126 - W
Recommended