Total Security Conference Hong Kong 2020: Full Schedule

8:30am PST

Registration & Morning Networking

Wednesday November 11, 2020 8:30am - 9:00am PST

9:00am PST

Chair's Opening Remarks

Wednesday November 11, 2020 9:00am - 9:10am PST

9:10am PST

[OPENING KEYNOTE] Establishing Multi-Layer Defence and Detection to Counter Advanced Cyber-Attacks

Wednesday November 11, 2020 9:10am - 9:30am PST

9:30am PST

Integrating Disparate Security Systems for Streamlined Operations

Learn how a state-of-the-art Security Orchestration Platform can improve the security posture of your company.

Wednesday November 11, 2020 9:30am - 9:50am PST

9:50am PST

[PANEL DISCUSSION] Evolving Cyber-security Threat Patterns: How to Orchestrate and Automate Speedy Responses to AI-Driven Cyber-Attacks

With more sophisticated and speedier campaign-style attacks driven by machine learning, CISOs must rely on security orchestration, automation and response (SOAR) for efficient defence.
- How can CISOs visualize and view beyond their dashboard, the security landscape to correctly identify the real threats
- How to create good eco-systems with multiple defence tools from different vendors
- With attackers using pivot for AI engines and modifying signatures in real time, how can defence adapt and keep up
- How best to automate responses to decrease response time without disrupting business operations

Speakers

Dirk Engeler

The Hong Kong Jockey Club, Head of Information Security – CISO

Steven Fok

Group Information Security Officer, Group Information Technology, Emperor Group

Steven is the Group Information Security Officer for Emperor Group, a conglomerate group with business across Asia countries.  Prior to joining Emperor Group, he has been working in financial industries for over 20 years including Deutsche Bank, JPMorgan Chase and State Street Bank... Read More →

Jay Spreitzer

SVP, APAC Region Information Security Lead, Wells Fargo Bank

Jay is the Senior Vice President and APAC Region Information Security Lead at Wells Fargo Bank. Jay Spreitzer has over 20 years of information security experience. Jay retired from the US Army, after 23 years of service working in various technology and information security roles... Read More →

Wednesday November 11, 2020 9:50am - 10:30am PST

10:30am PST

Automating Investigation Processes and Responses to Minimize Costly Damages from Cyber-security Incidents

Find out how security automation can simplify investigation and reduce reaction time, enabling security teams to mitigate events quicker.

Wednesday November 11, 2020 10:30am - 10:50am PST

10:50am PST

Coffee Break & Security Showcase

Wednesday November 11, 2020 10:50am - 11:20am PST

11:20am PST

Implementing User and Entity Behaviour Analytics (UEBA) for Better Detection

Increasingly skilful hackers are not able to bypass perimeter defences and prevention is no longer enough. Detecting breaches is paramount for speedy response to minimize damages. In this session, learn:
- How shifting from rule- and pattern-based detection to behavioural analytics enabled by AI can effectively detect insider
threats
- How UEBA can enhance monitoring and screening to identify penetrations
- How UEBA complements existing detection tools for comprehensive threat indication

Wednesday November 11, 2020 11:20am - 11:40am PST

11:40am PST

[PANEL DISCUSSION] Safeguarding New Attack Frontier: Securing API from DDoS and Data Leakage

Safeguarding New Attack Frontier: Securing API from DDoS and Data Leakage
As the backbone of innovative partnerships and customer-focused applications, implementation of API has grown exponentially. In the quest for speed and agility, security is often sacrificed, providing enterprising attackers the gap to access sensitive data and essential infrastructure.
- How to prevent data leakage through strengthening authorization and authentication?
- How to detect anomalies in aggregate traffic rates to mitigate DDoS attacks?
- How to identify compromised users?
- What other vulnerabilities should security professionals explore?

Speakers

Fuller Yu

Chief Information Security Officer, Hospital Authority Hong Kong

Fuller has more than 20years of experience in technology risk management and information security for global financial service industry.Heis now Chief Information Security Officer (CISO)of Hospital Authority Hong Kong. Prior to joining Hospital Authority, Fuller held various management... Read More →

Parag Deodhar

Director - Information Security, Asia Pacific, VF Corporation

Parag is the currently the Director - Information Security for Asia-Pac at VF Corporation. In his earlier role he was the Asia CISO for AXA Group.Parag is a Chartered Accountant, Certified Information Systems Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US.Parag... Read More →

Wednesday November 11, 2020 11:40am - 12:20pm PST

12:20pm PST

Integrating Security and Functional API Testing in Automated Platform

Explore how an automated API testing platform can efficiently pinpoint security vulnerabilities during development phrase.

Wednesday November 11, 2020 12:20pm - 12:40pm PST

12:40pm PST

Networking Lunch Break

Wednesday November 11, 2020 12:40pm - 2:00pm PST

2:00pm PST

How Software Defined Infrastructure (SDI) Could Positively Impact Cybersecurity

Businesses, in the quest for agility, are increasingly looking to adopt software-defined infrastructure (SDI) for simplified access and ease of management. By its very nature, SDI has significant security advantages in countering risks, which this session will illustrate.

Wednesday November 11, 2020 2:00pm - 2:20pm PST

2:20pm PST

[PANEL DISCUSSION] Minimizing Enterprise Vulnerabilities: The Need for Timely and Agile Patch Deployment to Prevent Exploitations

While system administrators are urged to patch known vulnerabilities urgently, various delays exist.
- How could vendors shorten the time frame between identifying the vulnerabilities and the general deployment of patches?
- Understandably, patch roll outs are priorities for government and companies with critical infrastructures and system. Yet, can
SMEs gain access to security patches earlier?
- What are the best approaches to speed up regression testing for speedier patching?
- How to address patching needs of users' own devices connected to organizations' networks?

Wednesday November 11, 2020 2:20pm - 3:00pm PST

3:00pm PST

Mastering Third Party Cyber Risk Management in an Interconnected World

Companies are at the centre of data ecosystems, sharing data with partners, suppliers and contractors. A leading consultant will highlight the best practices in managing data protection risks for data you originate that resides with third parties.

Wednesday November 11, 2020 3:00pm - 3:20pm PST

3:20pm PST

Coffee Break & Security Exhibition Showcase

Wednesday November 11, 2020 3:20pm - 3:40pm PST

3:40pm PST

Managing the Inevitable: Ensuring Cyber Resiliency for Business Continuity and Data Recovery

Since cyber-attacks can no longer be fully prevented, it is imperative for organizations to be prepared to respond to and recover from adverse cyber events to limit the severity and ensure business continuity.
- How well-prepared are organizations in Hong Kong to respond and restore services?
- What are the best practices in creating and implementing response and recovery plans?
- How can attacks and relevant responses be identified efficiently?
- What more can we do to accelerate service restoration?

Speakers

David Chan

Chief Information Security Officer, Hang Seng Bank Limited

David has over 10 years in the area of information security including risk management, penetration testing and application security in various industries such as government, private sectors, utilities and FSI and is currently the Chief Information Security Officer (CISO) of Hang Seng... Read More →

Micky Lo

Managing Director, Chief Information Risk Officer APAC, BNY Mellon

Micky Lo joined BNY Mellon in July 2013 as Chief Technology Risk Officer APAC. He is leading the regional team with the mission to enable business solutions while proactively protecting BNY Mellon from information risks in a balanced control environment. He oversees and govern the... Read More →

Wednesday November 11, 2020 3:40pm - 4:20pm PST

4:20pm PST

Presenting the Business Case by Establishing Value and Measurable Indicators

While CISOs have successfully elevated cybersecurity to the board level, creating business cases to obtain necessary investment remains a challenge.
- How can CISOs demonstrate the value of security and proof that investment in security is worthwhile?
- How can CISOs define measurable KPIs and KRIs that makes sense to the Board?
- Security is often likened to insurance. How can CISOs justify security investment to board members who may not have technology background?
- Insurance Authority has placed the responsibility of security to board level, mandating their approval of the framework. Has this ease the difficulties in securing funding for CISOs in insurance industry?

Speakers

Sam Coco

Head of Information Security & Technology Risk, Asia Pacific, Fidelity International

Sam Coco is the Head of Information Security & Technology Risk, Asia Pacific for Fidelity International. Based in Hong Kong since 2011, Sam oversees information security, technology risk, cyber security and cyber defense operations... Read More →

Gabriel Chan

Head of Global IT, Gaw Capital

Gabriel has 20 years' experience in cyber security and technology risk management, specialising in the banking and financial industry. As the Head of Global IT in Gaw Capital, he is responsible for the technology development, IT operation and cyber security strategy across the international... Read More →

Wednesday November 11, 2020 4:20pm - 5:00pm PST

5:00pm PST

Closing Remarks & End of Conference

Wednesday November 11, 2020 5:00pm - 5:30pm PST