Author: Events Team

Tobias Gondrom, Chief Information Security Officer at UOB, delivered a presentation around “A CISO’s Playbook: Defense – Dynamic Security Strategies for an uncertain future”

This session covered:

• Cyber Risks
• Threats
• Being nimble for a hostile world
• Agility & Automation
• Priorities & Playbooks

ABOUT TOBIAS GONDROM
Tobias Gondrom is the Group CISO at UOB. From 2015 to 2018, he has been the CTO Security at Huawei, responsible for the security of Huawei’s products and solutions, among them next-generation networking, SDN, NFV, IoT and more. He is a former global board member and former global chairman of OWASP (Open Web Application Security Project, with 40,000 security experts and over 200 chapters around the world). He has about 20 years of experience leading global teams in information security, software development, application security, cryptography, electronic signatures and global standardization organizations. Over the years, he has trained and advised more than a hundred CISOs and senior information security leaders around the world on the management and organization of security teams and programs. Since 2003 he is the chair of working groups of the IETF (www.ietf.org), including most recently the chair of the DOTS (DDoS Open Threat Signaling) WG, a member of the IETF security directorate, and was from 2014 to 2018 member of the IETF Administrative Oversight Committee (IAOC) and the chair of the IETF Trust.

Paul Petersen (Regional Director, APJ – Office of the CISO), Gaurav Mahendru (Sr. Advisory Solution Consultant, Security, and Risk) and Todd Rotger (Global Sales Leader, Security & Risk) at ServiceNow, delivered a roundtable discussion on “Driving faster response to threats and vulnerabilities”

Did you know there is a better way to manage your organisations end to end security posture while meeting compliance regulations? 

ServiceNow discussed enterprise security visibility and the challenges businesses face adhering to the ever-changing compliance landscape.

During this seminar, speakers shared specific use cases associated with key risk indicators that enable organisations to identify and report risks, prevent crises and mitigate them early. The webinar also covered:

• Prioritising vulnerabilities
• Centralise, automating and streamlining incident response and operations
• Controlling risk exposure through real-time dashboards and continuous monitoring
• Reporting to key stakeholders

ABOUT SERVICENOW
ServiceNow (NYSE: NOW) makes work, work better for people. Our cloud-based platform and solutions deliver digital experiences that help people do their best work.

Solomon Tay, Head of IT Controls and Information Security at Singapore Exchange, delivered a workshop around “Security Considerations for Cloud Outsourcing”

During this session, the speaker discussed around the areas of consideration as part of the Singapore Financial Industry players’ journey into cloud outsourcing.

The adoption of Cloud can offer a number of advantages, including faster time to market, scalability, cost savings, enhanced security and access controls. The speaker shared on the areas of consideration when performing due diligence and implementing controls to address the typical characteristics of cloud services, such as multi-tenancy, data commingling and higher propensity for processing to be carried out in multiple locations.

ABOUT SOLOMON TAY
27+ years of IT experience in delivering large-scale systems, re-engineering IT and Operational processes. Domain expertise in Government, Banking and Insurance sectors. I joined SGX in 2018 as Head of IT Controls and Information Security. Prior to SGX, I held senior IT positions in the financial sector including ANZ, CIMB Bank Berhad, Barclays PLC, Standard Chartered Bank, OCBC Bank and UOB Bank. I started my career in the government sector with the National Computer Board (Singapore) in 1990 as part of the Singapore Government’s Civil Service Computerization Programme (CSCP). I am passionate about simplifying processes, improving productivity, driving innovation and delivering robust and secure services for the business units. I am an active member of Standing Committee for CyberSecurity (SCCS) formed by the Association of Banks in Singapore. More recently, I I lead the subgroup for External and Partnership Services in the Industry Core Working Group for the new revision of MAS TRM in 2018. I am also an active member in ABS Cloud Computing Guidelines workgroup in crafting the new version 2.0. Participated in the ABS SCCS Study trip to UK in 2018.

Theo Nassiokas, Director, APAC Cyber & Information Security at Barclays, delivered a presentation around “What does cyber risk means to business”

During this presentation, the audience learned about:

• Defining cyber risk
• Determining cyber risk profile
• Threats, delivery methods and actors
• Data used to measure cyber risks
• Quantifying cyber risk in business terms
• Cyber risk (GRC) tools and insurance

ABOUT THEO NASSIOKAS
A technology risk and regulatory focused security leader with over 20 years of diverse experience, with accountability ranging from law enforcement and criminal intelligence to risk and security strategy and policy development and implementation within government and more recently, financial services organisations across Asia-Pacific. An acknowledged authority in the areas of security, risk, compliance and cybercrime, Theo has publicly spoken on these topics on many occasions. Theo holds an MBA (Tech Mgt) from La Trobe University and is Board Certified in Security Management (CPP) by ASIS International and a Certified Information Security Manager (CISM) by ISACA.