CSA APAC Summit 2016 Banner Image

CSA APAC Summit 2016

Co-hosted with IDA's CloudAsia
Tuesday, May 3, 2016, 09:30 am - 05:30 pm
Suntec Convention & Exhibition Centre Singapore 1 Raffles Boulevard, Suntec City, Singapore 039593 Singapore
Time Topic
0900 am - 0930 am Registration
0930 am - 0940 am

Welcome Address
Aloysius Cheang, Executive Vice President, Asia Pacific of Cloud Security Alliance

0940 am - 1000 am

Opening Keynote
Khoong Hock Yun, Assistant Chief Executive Officer (Development) and Chief Data Officer of Infocomm Development Authority of Singapore (IDA)

1000 am - 1030 am

Opening Keynote
Jim Reavis, Co-founder and CEO of Cloud Security Alliance

1030 am - 1100 am

Cybersecurity Threat and Operating in a Trusted Cloud Environment
Wally Lee, Cybersecurity Architect, Cybersecurity Global Practice of Microsoft

The world has gotten more complex. Cybersecurity threats make security harder now for everyone, but public cloud makes it easier as it shifts security load to provider instead of the user. However, moving workloads to cloud requires an organization to learning to trust (establish, validate, maintain) the cloud and shift their security focus to data, identity, and application.  During this session we will discuss how organizations can introduce simple security best practices in their cloud journey to make it smoother and secure.

1100 am - 1115 am Morning Tea
1115 am - 1145 am

Business Beyond Boundaries, Information In Motion
Todd Partridge, Director of Product Marketing of 
Intralinks Holdings, Inc.

Across all industries exists the challenge of efficiently managing company data in accordance with defined controls. While there are many tried and true strategies and technologies focused on managing information at rest, today’s enterprise is also tasked with protecting information in motion. As technology becomes more accessible to business users, the enterprise needs to ensure that information security and compliance standards are met. Faced with information leaving the enterprise through a variety of tools outside their control, companies quickly need to address the causes of uncontrolled data leakage and identify solutions for protecting their content.

1145 am - 1215 pm

Why You Must Encrypt – And Why The Government Doesn’t Want You To
Daniel Lee, 
APAC Security Solution Evangelist of F5 Networks, Inc.

Data-security regimes are being challenged by greater movement of often sensitive corporate data to and from mobile devices and cloud services. The industry's answer has been to progressively mandate the use of encryption everywhere – but with governments pursuing investigatory decryption powers, is encryption really all the protection it's cracked up to be? This session will explore available encryption techniques; strategies for deciding what to encrypt and how; encryption's role in good data governance; and the potential implications of government decryption powers.

1215 pm - 1245 pm

Panel Discussion: “Overcoming the Top Threats to Cloud Computing”

Luciano “J.R.” Santos, Executive Vice President of Research of Cloud Security Alliance


Benildus Nadar, Head of Security & Global Delivery of Deep Identity Pte. Ltd
Eric T. AshdownCyber Security Managing Partner of Ridge Partners LLC  

Kawin BoonyapredeeManaging Director, Asia Pacific of Qualys, Inc.
Mandar Bale, Strategic Business Manager, Asia, Pacific & Japan of FireEye

Cloud computing represents the next generation of IT, and can be the more secure option, if understood and managed properly. In this panel, leading industry experts discuss the top security threats to cloud computing usage as defined by Cloud Security Alliance. This panel will review the threat vectors that are unique to or magnified by cloud computing, and discuss proactive security measures that can be deployed to mitigate security risks.  From data protection to policy compliance to attack detection and remediation, the panel will provide state of the art advice that attendees can use today to protect their cloud investments.

1245 pm - 0200 pm Lunch
0200 pm - 0230 pm

Application Security Fast Screening and Classification
Keng LeeCOO of Gapertise Inc.

Mobile applications have not only become indispensable to modern life, but have also become part of all organizations. With the emergence of cloud computing technology, organizational reinforcement is needed to adapt to this fundamental change. Cloud computing enables real-time use of applications, offering the enterprise enormous flexibility. Accompanied by the convenience; with the inclusion of applications, security problems resulting from the lack of transparency present challenges to risk management. Cloud Security Alliance Mobile Application Security Testing Initiative strives to create a more secured cloud ecosystem to protect mobile applications. Engineering methods are established by system protection and applied to structure, design testing, and review of applications. The working group co-chair Keng Lee from Gapertise will be sharing our recently released Mobile Application Security Testing whitepaper in this session.

0230 pm - 0300 pm

The Future of Cloud & IoT Security
Evan Dumas, Head, Emerging Technologies APAC, Middle East, & Africa of Check Point

Data center virtualization has come a long way transforming from a hardware focused approach to application focused approach. This has created unique challenges. To complicate matters, cloud environments are becoming more complex with organisations buying from multiple cloud vendors. The Internet of Things (IOT) trend has also further new challenges. In this session, we will share our security strategy in the face of this vulnerability.

0300 pm - 0330 pm

Enabling Cloud Adoptions with Security & Trust
Dr. Meng-Chow Kang, CISO, APJC Region of Cisco Systems, Inc. 

Cloud computing has reached a tipping point as many organizations have either adopted, or are planning to adopt, some form of cloud computing technology – whether IT knows and manages it or not. “Speed to capability” is one of the primary reasons that individuals, and businesses are increasing using cloud. Despite this, many IT executives remain hesitant to endorse a “cloud-first” approach. While there may be security and privacy challenges, reluctance to migrate to the cloud can potentially increase an organization’s risk rather than mitigating it. This session discusses Cisco's approach towards designing security and trust, addressing the underlying challenges, and enabling rapid cloud adoptions in its enterprise.

0330 pm - 0400 pm Afternoon Tea
0400 pm - 0430 pm

Managing Cloud Computing Paradoxes
David Shearer, CEO of (ISC)2

As pressure mounts to leverage the operational expense (OpEx) verse capital expense (CapEx) model that cloud solutions and services provide, many organizations are caught up in a series of perceived and real paradoxes. For example, some organizations feel it’s more difficult to secure information in the cloud, while others believe moving your data to the cloud can actually improve an organization’s information security posture.  Some organizations are drawn to the price point of cloud-based solutions verses on-premises solutions based on price-point, speed of deployment, implementation, adaptability, and elasticity of the cloud. Conversely, other organizations are seeing rapid sprawl of cloud solutions across their enterprise with often sobering security consequences.  This session will provide some suggestions for dealing with paradoxes like these and embracing cloud solutions and services in a more predictable way.

0430 pm - 0500 pm

Panel Discussion: "Cloud and the Enterprise 2016"


Jimmy Sng, Partner, Technology Consulting, Singapore of PricewaterhouseCoopers Consulting


Hoo Chuan-Wei, Technical Advisor of Asia Pacific of (ISC)2
Richard Keirstead, Audit Director for Technology of Australia and New Zealand Banking Group
Sai HonigInformation Security Manager of Waikato District Health Board
Simranjit Aujla, Head of Mobile, IoT, Digital; Asia Pacific & Japan of Hewlett Packard Enterprise

Large enterprises accelerated their cloud adoption in 2015, and many are reporting to be "all in". Our panelists have been at the forefront in addressing enterprise security and compliance needs in cloud and will be providing their insights on security innovations in the cloud. Attendees will learn about the key security lessons learned from the perspective of cloud providers. Which best practices are well suited for cloud and which are becoming obsolete? What trends to providers expect to see in 2016 to improve cloud security? Hear from the best and the brightest among cloud providers to learn from their experiences partnering with customers to deliver secure enterprise cloud computing. Understand where Cloud is gaining traction by hearing our findings on Cloud Adoption in APAC!

0500 pm - 0530 pm

Closing Keynote
Martin LeoExecutive Director of Morgan Stanley Investment Management

0600 pm - 0900 pm Cocktail Reception