Register Now
May 10-13, 2022
Marina Bay Sands / Singapore
+ Virtual

Black Hat Executive Summit

In-person only Event

Wednesday, May 11, 2022

Location

Orchid Junior Ballroom: 4211

Black Hat is pleased to announce the return of the Executive Summit to Black Hat Asia 2022. Black Hat Executive Summit offers CISOs and other cybersecurity executives an opportunity to hear from a variety of industry experts who are helping to shape this next generation of information security strategy. The program dissects the latest technologies designed to stay ahead of sophisticated adversaries and provide a peek into future platforms; we'll outline the next-level skills and strategies CISOs need to bolster their relevance and we'll discuss the latest techniques for maintaining a proactive approach to data protection.

For CISOs and executives looking to transform from a mere manager of information into a corporate champion of business growth, it's imperative to stay on top of the latest insight. That journey begins at the Black Hat Executive Summit.

The registration period has closed, thank you for your interest

*Please note: In order to create an open and candid environment that promotes the sharing of ideas, thoughts, and discussion, the Executive Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program is designed for executive security practitioners. Solution providers, consultants, and vendor attendees are not permitted, with the exception of event sponsors.

Agenda

In-person only Event

Time Session Theme
2:00 - 2:15 PM Welcome and Introductions
  • Jeff Moss, Founder, Black Hat + DEF CON
  • Steve Wylie, General Manager, Black Hat
  • MC: Lidia Giuliano

    Security Advisor/Consultant
    Financial Services

    With over 15 years' experience in the Defence, Financial Services and Telecommunications, Lidia Giuliano has an extensive background in security testing, vulnerability management and prevention and detection techniques. Originally from Melbourne, Lidia spent a number of years in the USA working and researching malware evasion and obfuscation techniques. She has been a past speaker at Black Hat, SecTor, DevSecCon, and has been published in various media.

    Lidia has since returned to Australia where she continues her endpoint security research and speaks at conferences both at home and internationally. She is the conference organiser for BSides Melbourne, spends a lot of her time mentoring others and is passionate about growing the information security community.
2:15 - 2:40 PM

Big Investment, Big Failures in Cybersecurity

From startups with massive risk appetite, to MNC spending hundreds of millions but failing to deliver good outcomes, this talk will explore how cybersecurity funding is not strongly correlated with success.

We will highlight the impact of a security culture: CISOs behaviour and expectations, from security-terrorist to laissez-faire ; from highly engaged to desperation to ever change a company's technical sclerosis.

We will cover first-hand examples of successes and failures, and how Tokopedia's cultural exception makes it a fertile ground for security.

  • Boris Hajduk

    Boris Hajduk is CISO at Tokopedia, where the security team is responsible for securing 1% of Indonesia's GDP and more than 100m monthly active users. Prior to Tokopedia, he held several CISO positions where he built, led and matured global cybersecurity programs and teams for high-growth companies in industries ranging from e-commerce to banking and social networks across ASEAN, Russia, LATAM, UAE, Australia, France and Germany. Boris helped 3 global companies prepare for their IPOs, including a unicorn and a decacorn.
2:40 - 3:05 PM

Cyber War 2022: Russia-Ukraine & Its Policy Implications

Everywhere – from Ukraine to Singapore – information is key to human survival. Therefore, information warfare is an inherent part of human conflict. Nation-states run thousands of computer network operations every day. Some are designed to support democracy and human rights, while others target and terrify innocent civilians. NATO has recognized cyberspace as a domain of warfare similar to land, air, and sea. However, the Internet encompasses enormous gray zones where crime, espionage, and war are hard to differentiate. This talk examines the cyber dimension of the Russian invasion of Ukraine, including military strikes, information operations, and attacks on civilian critical infrastructure. It discusses the creation of improved law, operations, strategy, and technology to deal with cutting-edge digital threats.

  • Kenneth Geers

    Dr. Kenneth Geers works at Very Good Security. He is an Atlantic Council Cyber Statecraft Initiative Senior Fellow, a NATO Cooperative Cyber Defence Centre of Excellence Ambassador, and a Digital Society Institute-Berlin Affiliate. Kenneth served for twenty years in the US Government: in the Army, National Security Agency (NSA), Naval Criminal Investigative Service (NCIS), and NATO. He is the author of "Strategic Cyber Security", editor of "Cyber War in Perspective" and "The Virtual Battlefield", and technical expert to the "Tallinn Manual".
3:05 - 3:25 PM Networking Break
3:25 - 3:50 PM

Building Great Security Teams in the New Normal

The new normal (Covid and post-Covid) has made it more challenging for CISOs to recruit, train, and retain highly effective cybersecurity teams. Will a hybrid staffing model (with gig workers, contract, CISO-as-a-Service) become an attractive option for organizations? What are the trade-offs, risks, and value propositions that CISOs need to be aware of? In this session, Tobias Klingel details ways he’s navigating the new normal to build great security teams.

  • Tobias Klingel

    Tobias Klingel is the head of information security at Y Combinator-backed fintech startup Aspire. He has extensive industry experience, having previously led security at Siemens Mobility for the region. Tobias specializes in security infrastructure architecture, helping organizations to understand, implement and drive regulatory driven security solutions.
3:50 - 4:15 PM

How to Prevent, Detect and Respond to Cybersecurity Incidents in Our Modern Interconnected World

Adversary skills and tools have improved during the last 20 years, we have more and more data, an environment more and more complex, interconnected, and virtual. But at the same time, we have more techniques to make the life of bad guys complicated: Big Data SIEMs, EDR, Cyber Threat Intelligence, and so on. Several real-world examples will be shared in this talk with a focus on the 3 first phases of Incident Management:

  • Prepare: Know your crown jewels, prioritise, how to prevent and detect intrusion, attack yourself continuously, organise for an efficient response
  • Identify: Triage and do not miss something important
  • Contain: Be fast without impacting business and spoiling evidence

You will hear how challenges have been overcome and common mistakes to be avoided.

  • Franck Vervial

    Franck Vervial currently serves as Regional CISO at L'Oreal (Fortune 500 companies world's largest cosmetic company). Prior to that, he was Head of Cyberdefence for Lazada (Alibaba Group). He has been working in Information Security for 14 years as manager and consultant. And before, as an Infrastructure Engineer for 10 years with an expertise in Unix/Linux. He moved from France to Singapore 8 years ago. His strong technical background in Infrastructure and working in Blue and Red Teams helps him to approach Cybersecurity with a real-world practical understanding of cyber risks in different types of industry such as Retail, E-Commerce and Banking.
4:15 - 4:55 PM

CISO Longevity - A Panel Session

CISOs' responsibilities go beyond just the IT problem with a firewall installation; instead, they are responsible for developing a comprehensive cybersecurity strategy and managing the firms' cyber risks. They must be excellent communicators, managers, and thought leaders, driving cybersecurity culture and building the firm's stepping stones for cyber resilience. While rewarding and game-changing, this demanding role faces challenges; from conflicting reporting lines to constant overtime, the line seems to blur more and more in conjunction with the expanding attack surface and emerging cyber threats. Furthermore, various sources have estimated the average tenure for CISOs at 18 to 26 months. In this panel, we will hear from seasoned CISOs about how they build an environment that supports their success, overcome typical recruitment hurdles, and address reporting issues. They will also discuss what makes them change organizations sometimes faster than expected.

  • Moderator: Dr. Magda Lilia Chelly

    Managing Director and a Chief Information Security Officer
    On Demand

  • Indrani Chandrasegaran Kermorvant

    Indrani Chandrasegaran is a seasoned Cyber Security Executive with total of 20 years’ experience in delivering cyber digital transformation programs, cyber governance advisory, technology advisory, cyber defense operations and managed security services in APAC, Middle East and Europe. She is versatile cyber security professional focused on a vision to advocate cyber security culture and helping organizations globally to rethink and innovate their enterprise cyber resilience program.

    Indrani has served various leadership roles in global multinational firms within the region as Managing Director, VP Managed Security Services , Regional CISO, cyber security strategist where she spearheaded their cyber security services , establish cyber partnerships alliance and help transform their client digital transformation journey.

    She is also a cyber technology enthusiast, actively contributes to product innovation strategies and serves as member of customer/partner advisory board with renowned Global Cyber Technology Vendors. She is a cyber thought leader and shares her knowledge on cyber topics in both local and international forums.

    With her dynamic portfolio and vast experience in the industry, Indrani was awarded as the Top 20 Women in Cyber Security In Singapore 2020, Cyber Resilience and Information Security Award, Program Leader of the Year 2020 and Top 30 Women in Cyber Security ASEAN in the Year 2021.

    Tapping on her success in the cyber industry, Indrani believes in giving back to the community. She actively partners global cyber mentorship programs to co-develop future cyber warriors with the mission to close the cyber skills gap and help secure the digital world.

    She holds Masters In Information Technology along with security certifications as C-CISO, CISM, CIPM, CBCP, CBCLA, PRINCE2 and ISO27001 LA and ISO27001 LI.

  • Murari Kalyanaramani

    Chief Information Security Officer
    UOB Singapore

    Murari Kalyanaramani is the Chief Information Security Officer (CISO) for UOB Singapore has over 20 years’ experience in Information & Cyber Security, Outsourcing & Supplier Management, Business Continuity, Information Systems Auditing and IT Risk Management. Prior to joining UOB, he worked in various leadership roles in several multinational corporations across the banking, consumer and consultancy industries.

    On top of his role at UOB, Murari has taken on international and regional industry leadership and advisory roles. He currently serves as a Senior Industry Advisor for CIO Academy Asia and is a member of the Singapore Institute Directors. He previously served on the International Board of Directors for the Financial Services Information Sharing and Analysis Centre (FS-ISAC), FS-ISAC Asia Pacific Strategy Committee, ISACA International Professional Standards Committee and ISACA International Professional Standards and Career Management Committee.

  • Phoram Mehta

    Phoram Mehta is the CISO for PayPal's Asia-Pacific region. A seasoned professional and technical leader with over two decades in Information Security, Mr. Mehta has been instrumental in building secure technology solutions for multiple companies across a spectrum of sectors including financial services, healthcare, telecommunication, and government in North America and Asia-Pacific regions.

    Mr. Mehta currently serves on the ISACA Singapore board as Immediate Past President and advises cybersecurity startups in Singapore, India and US. Mr. Mehta is an active participant in Cybersecurity forums across Asia-Pacific and North America.
4:55 - 5:00 PM Closing Remarks
5:00 - 6:00 PM Networking Reception

Advisory Board

Magda Lilia Chelly

Magda Lilia Chelly

×

Managing Director and a Chief Information Security Officer

On Demand

Liam Connolly

Liam Connolly

×

CISO

SEEK

Liam Connolly is the CISO for SEEK across APAC, where he is responsible for all aspects of cyber security. He has over 20 years of progressive information security experience in a wide range of disciplines, including strategic program development, incident response and forensic investigations, security operations, application security, threat intelligence, penetration testing, building multi-disciplinary teams, security training, and risk management.

Prior to coming to SEEK, Liam was the CISO at Zynga in San Francisco and has held additional security leadership roles that spanned multiple business sectors including HSBC, University of California, Berkeley, AT&T as well as teaching for the SANS Institute. Liam's expertise is in working with organisations to assess their information security risk posture to better understand their security-related risks and then designing, implementing and managing a security program, often from the ground-up, that is aligned to the organisations culture, vision and strategic business initiatives.

He currently holds several industry related certifications including GCFA, GCIH, GSEC, GCIA, GREM, GCCC, GLEG, GNFA, GISP, SSAP CISSP, and CRISC among others.

Shao Fei

Shao Fei

×

CISO

Singapore's Land Transport Authority (LTA)

Lidia Giuliano

Lidia Giuliano

×

Senior Security Advisor

Tobias Gondrom

Tobias Gondrom

×

CISO

Managing Director at United Overseas Bank Limited (UOB)

Theo Nassiokas

Theo Nassiokas

×

Director, APAC Cyber & Information Security (CISO)

Barclays

Shamane Tan

Shamane Tan

×

Chief Growth Officer, Sekuro

Author of 'Cyber Mayday and the Day After' and 'Cyber Risk Leaders'

Founder, Cyber Risk Meetup

As one of the most established women in the fields of technology and cybersecurity, Shamane Tan is the Chief Growth Officer at Sekuro, leading the security outreach strategy with the C-Suite and executives. Recognised by IFSEC as a Global Top 20 Cybersecurity Influencer and awarded ASEAN Top 30 Women in Security, the 'Cyber Risk Leaders' and 'Cyber Mayday and the Day After' author was also listed in the 40 under 40 Most Influential Asian-Australians.

Winner of multiple awards including ARN Shining Star (Multinational) 2021 and AiSP Singapore's Cybersecurity (Professional) award, the TEDx speaker and podcaster is also the founder of Cyber Risk Meetup, an international community and platform for cyber risk executives to exchange learnings.

Executive Summit Sponsors

Armis® is the leading agentless device security platform purpose-built to protect the world of unmanaged and IoT devices - providing passive, real-time and continuous cybersecurity asset management, risk management, and automated enforcement to prevent cyber attacks from disrupting and compromising your business. Armis has the world's largest Device Knowledgebase, tracking 500M+ devices.

At Nokia, we create technology that helps the world act together.

As a trusted partner for critical networks, we are committed to innovation and technology leadership across mobile, fixed and cloud networks. We create value with intellectual property and long-term research, led by the award-winning Nokia Bell Labs.

Adhering to the highest standards of integrity and security, we help build the capabilities needed for a more productive, sustainable and inclusive world.

Become a Sponsor