| 1:00 - 1:15 PM |
Welcome and Introductions
-
Jeff Moss, Founder, Black Hat, DEF CON
Mr. Moss advises companies on security issues, both, electronic and physical, as well as speaking globally on the topic. He sits on several advisory boards helping enterprises make informed decisions on cyber risks.
In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet's unique global identifiers as well as maintaining the root zone of the Internet. This position involved managing the IT security of the ICANN networks and information systems, the physical security of ICANN facilities and meetings, and ensuring that ICANN meets its security and resiliency commitments to the multi stake holder community that oversees ICANN. This position involved extensive international travel and coordination with governments, law enforcement, and operational security communities in support of discussions around Internet Governance and security. Mr. Moss left this position at the end of 2013.
Moss is the founder and creator of both the Black Hat Briefings and DEF CON, two of the most influential information security conferences in the world, attracting over ten thousand people from around the world to learn the latest in security technology from those researchers who create it. DEF CON just had its 21st anniversary.
Prior to creating Black Hat Briefings, Jeff was a director at Secure Computing Corporation where he helped establish their Professional Services Department in the United States, Asia, and Australia. His primary work was security assessments of large multi-national corporations. Jeff has also worked for Ernst & Young, LLP in their Information System Security division. Because of this unique background Jeff is uniquely qualified with his ability to bridge the gap between the underground researcher community and law enforcement, between the worlds of pure research and the responsible application of disclosure.
Jeff is currently a member of the U.S. Department of Homeland Security Advisory Council (HSAC), providing advice and recommendations to the Secretary of the Department of Homeland Security on matters related to homeland security. Jeff is a life member of the Council on Foreign Relations, which is an independent, nonpartisan membership organization, think tank, and publisher.
In 2013, Jeff was appointed as a Nonresident Senior Fellow at the Atlantic Council, associated with the Cyber Statecraft Initiative, within the Brent Scowcroft Center on International Security.
In 2014, Jeff joined the Georgetown University School of Law School Cybersecurity Advisory Committee.
Jeff is active in the World Economic Forum, and recently became a member of the Cyber Security Global Agenda Council for 2014-2016.
ICSA President's Award for Public Service, 2011.
-
Steve Wylie, General Manager, Black Hat
-
MC: Lidia Giuliano
Security Advisor/Consultant
Financial Services
With over 15 years' experience in the Defence, Financial Services and Telecommunications, Lidia Giuliano has an extensive background in security testing, vulnerability management and prevention and detection techniques. Originally from Melbourne, Lidia spent a number of years in the USA working and researching malware evasion and obfuscation techniques. She has been a past speaker at Black Hat, SecTor, DevSecCon, and has been published in various media.
Lidia has since returned to Australia where she continues her endpoint security research and speaks at conferences both at home and internationally. She is the conference organiser for BSides Melbourne, spends a lot of her time mentoring others and is passionate about growing the information security community.
|
| 1:15 - 1:45 PM |
Red Blue Purple AI: Leveraging Today's Technologies to Supercharge Your Security Program
"Red, blue, and purple AI" reverse-engineers the cybersecurity responsibilities of practitioners and modern security programs. It aims to augment these practitioners with practical and useful AI tools. This talk isn't about the future state of AI and ML; it's about taking home concrete strategies and prompts to empower your security team. We will break down these strategies into helpers for red teams, blue teams, and purple teams. Jason will also provide overviews on how to create your own best-in-class prompts based on his experience with OpenAI's ChatGPT-4 and having a top 500 GPT in the GPT store. Expect a wide variety of topics that will not only give you superpowers but also inspire you to augment other parts of your job.
Section Overview:
Red topics include API and algorithm setup, phishing with AI, using AI to bypass EDR signatures, using AI to create physical access tool scripts, using AI to augment C2 infrastructure, using AI to build vulnerability management and vulnerability scanning templates, and using AI as an assistant for web analysis and as an augment to Burp Suite.
Blue topics include an overview of the open source security stack, using AI to help you develop templates for Suricata, Yara, OSQuery, Semgrep, and more, and to design associated policies for security programs to support blue teams. Code scanning using GitHub and Semgrep is also covered.
Purple topics cover adversarial emulation, table topping, and atomics using today's AI tools.
-
Jason Haddix, CEO, Hacker and Trainer, Arcanum Information Security
Jason Haddix AKA jhaddix is the CEO, CISO, and “Hacker in Charge” at Arcanum Information Security. Arcanum is a world class assessment and training company. Jason also holds the title of Field CISO for Flare.io a world class threat intelligence platform. Jason has had a distinguished 20-year career in cybersecurity previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 57st all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason has also authored many talks on offensive security methodology, including speaking at cons such as DEFCON, Besides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, Toorcon and many more.
|
| 1:45 – 2:15 PM |
Securing the Deal: How to Address Cybersecurity Challenges in Mergers and Acquisitions
This session navigates through the cybersecurity risks for M&A and provides a roadmap for integrating cybersecurity considerations throughout the deal lifecycle – from target identification, due diligence to the post-acquisition phase. Highlighting notorious instances of cyber breaches, such as the Marriott-Starwood and Verizon-Yahoo cases, and the emerging legal and financial repercussions for directors, this presentation underscores the value of in-depth cybersecurity assessments beyond the traditional financial and operational due diligence. With regulatory bodies and stakeholders demanding more consideration of cybersecurity issues across the board, and with the long tail consequences of breaches, cybersecurity must be a key part of your acquisition activity if you are to realise the full value of your acquisition. Attendees will leave equipped with actionable strategies for assessing, mitigating, and managing cybersecurity risks to secure the true value of their M&A deals.
-
Annie Haggar, Founder and Principal, Cyber GC
Annie Haggar is the founder and principal of Cyber GC - a legal and consulting firm dedicated to helping businesses prepare, defend and respond to cybersecurity threats.
Annie is a multi-award-winning cybersecurity lawyer. She spent 12 years as legal counsel for one of the world’s largest companies, including 6 years as global legal lead for its managed security business, now one of the largest cybersecurity companies in the world. She has 20 years of experience advising government and private sector clients in technology law, enterprise security risk, procurement security considerations, global security regulation, and cybersecurity risk in mergers and acquisitions.
|
| 2:15 – 3:00 PM |
Fostering Cooperation: A Fireside Chat on Threat Intelligence Sharing and Regional Initiatives
This session brings together three experts to explore the landscape of threat intelligence sharing and its impact on regional cybersecurity initiatives. The conversation will delve into the importance of collaboration across borders and sectors, examining case studies and success stories that highlight the benefits of shared intelligence.
The experts will discuss various strategies organizations have employed to navigate the many challenges, sharing anecdotes of how threat intelligence sharing has impacted cybercrime. They will also reflect on past shortcomings, offering insights into the valuable lessons learned. This session aims to illuminate the critical role of threat intelligence as an important layer of defense against cybercrime, emphasizing its growing importance in the cybersecurity landscape.
-
Scott Flower, Intelligence Entrepreneur, CI-ISAC Australia
-
Ivo de Carvalho Peixinho, Head Cybercrime Intelligence Unit, Interpol
Ivo de Carvalho Peixinho is currently the Head of the Cybercrime Unit at the Interpol Cybercrime Directorate and a seconded officer from the Brazilian Federal Police. He has more than 25 years of experience on cyber security and more than 12 years investigating cybercrime. His current interests include Cyber Threat Intelligence, Malware Reverse Engineering and Computer Forensics.
-
Moderator: Shanna Daly, Principal Consultant, Cosive
Shanna Daly has over 20 years’ experience across the information security industry. Shanna’s expertise has been called upon during countless data breach investigations, giving her an in-depth understanding of the security implementations that work, and the ones that don’t. Shanna continues to share her knowledge with the industry and has built and managed consulting teams of industry experts responding to all types of intrusions and breaches. Her experience across a wide range of information security domains gives her a unique perspective and a “think outside the box” attitude to securing organisations.
|
| 3:00 – 3:20 PM |
Break
|
| 3:20 – 3:50 PM |
What is “Good Enough” Security in Asia-Pacific?
-
Maxine Holt, Senior Director – Research, Omdia
Maxine Holt leads the Omdia cybersecurity research, developing a comprehensive research program in this area to support vendor, service provider, and enterprise clients in the areas of infrastructure security, security operations, data security, and identity, authentication, and access.
Maxine rejoined Omdia (as Ovum) in 2018, following two years at the Information Security Forum (ISF) developing research in areas including Protecting the Crown Jewels, Securing Collaboration Platforms, and Building Tomorrow’s Security Workforce. Prior to the ISF, Maxine spent 15 years in research at Ovum, including security, having started her career as a software developer in the financial services industry and working in consulting for the financial services and internet sectors. Maxine is a regular speaker at events and contributes articles to high-profile publications in cybersecurity.
|
| 3:50 – 4:15 PM |
Redefining DevSecOps after SolarWinds: Lessons from a securities lawyer turned cyber hacker
In July 2023, the SEC released a 4-days rule requiring publicly traded companies to disclose “any cybersecurity incident” that will have a “material impact or reasonably likely material impact” on the business. In October 2023, the SEC filed an action against SolarWinds & its CISO alleging fraud because their “public statements” about the state of cyber security “were in stark contrast” to the reality.
In this session Tom Tovar, a CEO and former securities lawyer, will share real world lessons with CISO so that they get a better understanding of:
- The real meaning of SolarWinds and the SEC’s 4-day rule
- How to define an “incident” for disclosure and remediation
- Is there a remediation safe harbor?
- The CISOs role in cyber disclosure do’s and don’ts
- Using technology to claim control over cyber delivery
-
Tom Tovar, CEO, Appdome
Tom Tovar is the co-creator and CEO of Appdome – the industry's first platform to automate mobile app defense. A growth entrepreneur and technology leader, Tom has a passion for building products that dramatically improve life and work. At Appdome, his mission is to secure the mobile app economy from the ground up while pioneering a new era of DevSecOps platforms designed to deliver more protection with less work and protect mobile apps, mobile customers, and mobile businesses faster and easier for everyone. Experience: Tom has been creating businesses in cyber security, enterprise software, and workflow automation for 20 years. In enterprise workflow automation, Tom served as a Board Member and product advisor at Totango, a leading customer success platform, and Executive Chairman of and product advisor at Badgeville, a Digital Motivation company. Badgeville was sold to CallidusCloud. In cyber security, he served as CEO of Nominum, holding several patents, and creating the next generation of intelligence DNS and bot defense. Nominum was sold to Akamai. Tom grew to hold several executive positions at NetScreen, a leading, publicly traded, firewall company. NetScreen was sold to Juniper Networks. In each role, Tom has bought his passion for people and keen product instinct to make businesses grow. Personal: On a personal note, Tom is a rarity, a Native American CEO in Silicon Valley. A blue-collar kid, Tom started his education at the University of Houston, Honors College, where he earned a B.B.A. in Finance and Accounting, with High Honors. After that, he earned a J.D. from Stanford Law School and began his technology career as a lawyer in the Internet boom, the start of the Digital Economy. He's been a mountaineer, climbing several mountains in the Western Hemisphere, and completed marathons and triathlons around the world. He is also engaged and the proud dog-dad of Walter, a TikTok famous Corgi. Philosophy: "I try to build products that do good. For me, it's the path to the greatest reward."
|
| 4:15 – 4:55 PM |
Securing the Future: Navigating Cybersecurity Challenges in the APAC Landscape
In this panel, we're bringing together leading security experts from the APAC region to talk about the current issues in cybersecurity. We'll explore the incidents (public) that have had the biggest impact on cybersecurity teams, look into the regulatory challenges across the region, and discuss strategies for finding and training more security talent. Our conversation will also cover how to protect digital initiatives and how leaders in the region are addressing vulnerabilities in supply chains.
-
Sunila Shivpuri, Managing Director – Regional Head of CSO – APAC at Deutsche Bank
-
Ang Leong Boon, Head of IT Security, National University of Singapore
Leong Boon is the Head of IT Security at NUS Information Technology, overseeing cybersecurity governance, operations, incident response, and user awareness initiatives throughout the University. With over two decades of expertise in cybersecurity, he has a deep interest in security incident handling and response.
During his 14-year tenure at NUS, he has spearheaded numerous investigations into significant cybersecurity breaches, including a high-profile APT attack on local universities in 2017.
As a passionate advocate of the subject, he does adjunct teaching as an Executive Education Fellow at NUS School of Computing and mentorship for cybersecurity startups with ICE71. He is also an avid speaker and has presented at major security conferences such as RSA Conference.
In 2022, he co-developed and co-led the inaugural UN-Singapore Cyber Fellowship Programme with Prof Yaacob Ibrahim, successfully guiding more than 80 cybersecurity leaders from over 60 member states in the past two years.
As an alumnus of NUS, Leong Boon holds a bachelor’s degree in computer engineering. His contributions to the field were recognized in 2022 when he was honored with the CSO30 ASEAN Leadership Award, which recognized him as one of the foremost senior cybersecurity executives in the region.
-
Varun Acharya, CISO, Healthscope
Varun is a healthcare CISO with previous industry experience in higher education, banking, and manufacturing. He has held specialist and leadership appointments in Identity and Access Management, Security Governance, and Security Operations functions. Varun is extremely passionate about stopping cyber-attacks before they eventuate by proactively leveraging Cyber Threat Intelligence and Hunting capabilities, as well as the power of information sharing within the global cyber security community.
-
Jason Haddix, CEO, Hacker and Trainer, Arcanum Information Security
Jason Haddix AKA jhaddix is the CEO, CISO, and “Hacker in Charge” at Arcanum Information Security. Arcanum is a world class assessment and training company. Jason also holds the title of Field CISO for Flare.io a world class threat intelligence platform. Jason has had a distinguished 20-year career in cybersecurity previously serving as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 57st all-time on Bugcrowd’s bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason has also authored many talks on offensive security methodology, including speaking at cons such as DEFCON, Besides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, Toorcon and many more.
-
Moderator: Tobias Gondrom, CISO, UOB
|
| 4:55 – 5:00 PM |
Closing Remarks
|
| 5:00 – 6:00 PM |
Networking Reception
|
