SPEAKERS FOR GTACS 2019
ANTICIPATING THE UNKNOWNS- PREPARING FOR THE UNEXPECTED
Keynote Speaker: VICTOR KEONG
Victor Keong, HBA (Ivey 1993) CISA, EMBA (Ivey 1999), CISSP, CISM is currently Cisco’s first Senior CISO/CSO Advisor for Asia Pacific, Japan & China. Victor brings his considerable years (25+) of experience in Cyber and InfoSec to advise Cisco’s strategic clients on charting their Cyber Security Strategy.
Prior to returning to his native Singapore in 2010, Victor spent 17 years with Deloitte in Canada. From a functional perspective, Victor was an experienced partner Deloitte’s Enterprise Risk services group, where he held several senior roles in Deloitte’s Cyber Risk Services' Executive Management Group, including Asia Pacific Cyber Risk Services’ Leader and Global Leader for IT Vulnerability Management. He helped built the Cyber Risk Services Practice at Deloitte into one of the pre-eminent security consulting firms in the world.
Victor was also Deloitte's Lead Client Service Partner with (ISC)2 - Information Systems Security Certification Consortium - where he directed Deloitte's global certification program with (ISC)2, culminating in 1000+ CISSPs globally within Deloitte, the largest among any professional services firm.
Victor also led the Canadian Deloitte firm's Chinese Services Group. Victor has assisted some of Deloitte’s key Chinese clients in establishing a footprint in Canada, as well as consulted with outbound Canadian clients wanting to engage in China. Victor is fluent in several Chinese dialects, including Hokkien, Hakka, Cantonese, and speaks/read/write Mandarin fluently. He is a well sought-after speaker, and has spoken on various conferences, and often quoted in the media.
OPERATIONAL RESILIENCE: CONNECTING THE DOTS. BRINGING TOGETHER BUSINESS CONTINUITY, CYBERSECURITY, AND THIRD PARTY RISK MANAGEMENT
Keynote Speaker: ANDREW BISSETT
Andrew is a commercially focused Risk professional with over 20 years of experience in Enterprise Risk Management Transformation, Internal Audit, Group Policy Frameworks, Corporate Governance and Risk Management Technologies.
Andrew has a solid track record in successfully delivering change within multinational organisations, and previously led the risk function for organisations that include Woolworths Limited, Tabcorp Holdings and Qantas Airways. Andrew was also responsible for the internal audit function whilst at Tabcorp Holdings. Qantas won the Risk Enterprise of the year award in 2010 from Lexis Nexus.
Andrew has assisted a number of organisations to transform their Risk and Assurance functions, with a focus on articulating the risk and assurance strategy to ensure that it aligns with the organisation’s strategy and then enabling people, process and technology to position the risk and assurance function to deliver value to the organisation.
Andrew often presents and facilities training on better practices in Risk and Assurance management locally and internationally, with a focus on cyber security, compliance and integrated risk management and has experience across a number of industry sectors, including, aviation, oil and gas, energy, retail, services, government, telecommunications and financial services.
KEYNOTE SPEAKER: JAD ELSOHEMY
Cyber Security Lead, Thales
Jad Elsohemy, MBA, CISM, CISSP, is currently the Cyber Security Authority for the Urban Rail Systems division of Thales. Jad leads the cyber security team responsible for securing Communication Based Train Control (CBTC) solutions. With over 10 years of experience in protecting critical infrastructure from cyber security threats, Jad has cyber security expertise in IIOT/IOT, Industrial Control Systems (ICS), Safety Instrumented Systems and network security. Prior to joining Thales, Jad spent nearly a decade advising and supporting clients on issues of cyber security in the Oil & Gas industry.
Panel Discussion: "Overcoming Technology Crisis: Lessons Learnt"
PANELIST: VINCENT LOY
Assistant Managing Director, Technology Group, Monetary Authority of Singapore (MAS)
With effect from 1 May 2019, Vincent will assume the role as Assistant Managing Director, Technology Group with MAS. Prior to assuming his new role with MAS, Vincent is the Managing Director with Accenture Singapore and is heading up its Financial Services. Prior to Accenture, Vincent was in PwC as the Leader for Financial Crime and Cyber for Asia Pacific and also leads the Financial Services Risk Assurance in Singapore. He specializes in managing large scale transformation and managing risks relating to digital, disruption and fintech confronting complex global organisations. These include assessing, designing and implementing complex change programmes in business, technology and cyber risk, controls and governance, resilience and compliance framework in the financial services and government sectors.
Prior to Singapore, Vincent spent more than 20 years in UK and led PwC UK Financial Services Technology Risk practice and was responsible for building the Technology Risk business and advised major international financial institutions and regulators in both the UK and US. In recent years, Vincent has been recognized as a thought leader on technology transformation and cyber risk, advising various organisations including government and regulators on digital transformation, cyber security and technology risk strategy.
Vincent advised Interpol as the knowledge partner for Interpol World. Vincent sits on the MAS International Advisory Board on cyber and is also a member of the advisory board on National University of Singapore (School of Computing). In addition, Vincent was a sub-committee member of the Committee for Future Economy of Singapore which helps to chart the shape of Singapore future economy. Currently, Vincent is doing a mid-term review for the National Research Foundation (NRF) on Virtual Singapore and also will be sitting on the Ministry of Communications and Information’s (MCI) panel of experts.
PANELIST: TINKU GUPTA
Executive Vice President, Head of Technology, Singapore Exchange (SGX)
Tinku is the Head of Technology, SGX, where she is responsible for the overall planning, development and implementation of the company’s technology-related strategies and initiatives, as well as operations of SGX’s technology environment. She was appointed as a member of the SGX Executive Management Committee on 1 May 2017.
Ms Gupta joined SGX in October 1996, then known as SIMEX, as a software developer in the technology team. Over the past 20 years, she has worked in a variety of roles, gaining exposure in many aspects of SGX’s business and technology functions. Amongst her various job rotations, she successfully led the Business Integration and Programme Management function in SGX through a period of significant change and worked on implementing the current Securities and Derivatives platforms on NASDAQ applications. She also headed the Market Data and Connectivity business, successfully establishing the co-location services business and launching the index business, before returning to head the Technology unit in November 2015.
Under her leadership, SGX is steadily strengthening its software development capabilities and building differentiated platforms to support its multi-asset class strategy. Steering experimentation on emerging technologies to enable transformation and innovation excites her to be a technologist in capital markets in this technology-led economy. Ms Gupta holds a Masters’ degree in Electronics and Telecommunications Engineering.
PANELIST: STEPHANIE BOO
Managing Director, APAC
An experienced senior executive with over 15 years in the software industry and technology arena, Stephanie Boo is the Managing Director, Asia Pacific for Menlo Security.
With a mandate to accelerate the growth of the company and engage deeply with customers, partners, and alliances in the region, Stephanie leads the sales, strategic marketing, and business initiatives for the company in Asia Pacific.
Having held senior leadership positions in various organisations across Asia and Southeast Asia,
Stephanie is an adept, versatile and entrepreneurial leader with a keen focus on developing sustainable customer relationships and bringing to market timely solutions that deliver innovation and value.
Stephanie is no stranger to the cybersecurity arena. Before joining Menlo Security, Stephanie was the Senior Regional Director - South East Asia for FireEye Inc. She was responsible for leading the business and managing operations across Southeast Asia and India. She was instrumental in evolving the business strategy, government relations and partnerships, and was also responsible for growing the company significantly in Southeast Asia.
She has served in leadership roles for organisations such as Symantec, WatchGuard Technologies, and Linksys and also was the pioneer in growing Zscaler and IronPort in Southeast Asia.
Stephanie holds a Bachelor of Marketing and Public Relations degree from Curtin University.
PANELIST/MODERATOR: VIKTOR POZGAY
Chief Information Security Officer
Viktor is responsible for strategic leadership of Avaloq’s cyber security program in Asia Pacific, supporting Avaloq’s expansion in Asia Pacific as leader in core banking solutions and services; and world’s leading provider of core banking SaaS and BPaaS outsourcing for private banks and wealth managers.
Prior to joining Avaloq, Viktor led delivery of Information Risk and Enterprise Security Services for HP’s Enterprise Services, across its Asia Pacific & Japan region. In his previous assignments, Viktor held leadership roles in HP’s Global Delivery Organisation focusing on global delivery for key accounts in EMEA and acting as key contributor to startup and maturation of Global Delivery centers in EMEA.
Viktor has over 15 years of experience in information risk, security and service management in a global setting across multiple industries. He is currently based in Singapore.
Viktor holds an Executive MBA degree from INSEAD and Master’s Degree in Telecommunications from Slovak University of Technology.
GOVERNANCE & SECURITY TRACK:
LIM THIAN CHIN
Critical Info Infrastructure Division
Cyber Security Agency of Singapore
Thian Chin is leading the Critical Information Infrastructure (CII) Division at the Cyber Security Agency of Singapore (CSA). The division is responsible for building the cyber resilience of the Nation’s essential services across 11 CII sectors covering government, utilities, transport and services clusters. His team works with sectoral regulators to strengthen the cyber resilience of CIIs, to promote confidence building measures and to deepen the public-private partnership between the government and CII stakeholders. Thian Chin also represents Singapore in International and regional cybersecurity forums where he shares his knowledge on CII protection and cybersecurity capability building.
Thian Chin has over 17 years of experience in Information & Technology governance, risk management, resilience and compliance, and Operational Technology cybersecurity. Prior to joining CSA in August 2015, he was responsible for the regional Technology Governance function in United Overseas Bank. He also led the Technology Risk function in GIC from 2008 – 2013. In his earlier years, he was a Manager and had led a team of auditors in Information Technology in Ernst & Young.
Thian Chin holds a Bachelor’s Degree in Computer Engineering from Nanyang Technological University and is an alumnus of the George C Marshall European Center for Security Studies. He is certified as a CGEIT, CRISC, CISM, CISSP, CISA and SABSA practitioner.
GOVERNANCE & SECURITY TRACK:
Security Senior Manager, Cyber Defense
Global Technical Lead, Incident Response & Threat Hunting
Dan has served as a contributor, Technical Lead and Practice Lead for a Fortune 10 incident response (IR) service. In his role, Dan operated as a senior incident handler and critical incident lead, providing oversight to goals and delivery of service.
Dan’s investigation experience includes support for basic forensic analysis up through responses to complete enterprise breach responses. In the later scenarios Dan directed the IR capabilities and ensure that client was supported throughout mitigation and remediation efforts.
Prior to working directly in security, Dan was a systems developer and test engineer in the automotive industry. His background includes digital signals processing (image and sound/ vibration), NVH test design and analysis of steering systems, application development and enterprise investigations.
During this work, Dan contributed to the patent development of enterprise threat intelligence sharing technologies. Dan has also been a presenter at events such as FIRST, Evanta, HTCIA, APWG, IEEE and many other customer engagements.
Dan’s relevant skills include complex data analysis, client interaction, summation and explanation of complex issues, comprehensive threat understanding, data visualisation and cyber threat hunting.
COMPLIANCE, AUDIT TRACK:
Director, Internal Audit
Government Investment Corporation (GIC)
Vincent joined GIC in 2012 and was appointed Director of Internal Audit in 2014. Vincent leads the department in fostering a strong corporate governance and control environment in GIC.
Vincent focuses on employing best practice audit methodologies and being a trusted business partner to GIC’s other functional areas to bring about positive changes to GIC’s control environment. Prior to joining GIC in 2012, Vincent was a Director with Barclays Bank Singapore. He started his career in Deloitte & Touche and has held various appointments in Risk and Audit with Deutsche Bank AG, Societe Generale and Chase Manhattan Bank.
Industry Principal, Asia Pacific ICT Practice
Frost & Sullivan
Kenny Yeo is an analyst with the ICT team and leads the cyber security practice across Asia Pacific. He is currently researching on how technologies like cybersecurity, IoT, cloud and analytics impact different industries. With 16 years of research, team management and business development experience, he has expertise in segments like cybersecurity, IoT, smart retail, industrial and e-government.
Kenny has participated in multiple consulting engagements helping companies with digital transformation, and shared his thoughts in the media with CNBC Asia and Channel NewsAsia, and publications with South China Morning Post, ComputerWeekly, Enterprise Innovation and Logistics Insight Asia among others.
HOT TOPIC: VALERIAN ROSSIGNEUX
Sales Engineering Manager
Valerian Rossigneux has over 12 years of functional experience with providing a wide range of Enterprise Security and Technology consulting services to clients in multiple geographies. Valerian has a deep understanding of technology and services fundamentals, which enables him to recognize the challenges with information security management. As a seasoned risk practitioner, Valerian knows the information security threat vectors and understands how they operate. This has enabled him to design and deploy effective information security strategies and controls, as well as provide guidance to investigate and respond to incidents where controls may have been breached and sensitive information compromised.
Prior to joining Crowdstrike, Valerian was the endpoint lead at FireEye/Mandiant and started his career in cybersecurity at Airbus. Valerian earned a MS degree from the University of Montpellier (France), specializing in Information Systems Security.
PANEL DISCUSSION: SHELEADSTECH
"Beyond our Technical Capabilities - Breaking Gender Stereotypes in the Tech World"
CO-HOST & PANELIST:
Partner, Technology Risk & Assurance, CIO, DPO
Jenny is a Technology Risk & Audit Partner with more than 18 years of experience in providing and managing assurance and consultancy services. She is also the Chief Information Officer and Data Protection Officer of PwC Singapore. Her expertise includes Business Continuity Management, Internal Audit & Risk Management, IT Audit & Advisory, Outsourcing Standards and Non-profit Organisation services. Prior to joining PwC, Jenny was leading the Technology Risk Management and Corporate Risk Advisory Practice of Singapore’s largest mid-tier professional organisation.
Jenny, whom is currently leading the IT Audit Support Practice and Business Resilience Practice of PwC Singapore, has led and managed numerous IT audit, internal audit, crisis management and business continuity management jobs. Her portfolio included regional work in the Asia Pacific region. Through her practical experience in leading complex global engagements, she brings an appreciation of the approach and dedication required to deliver a consistent, high quality global audit. Jenny is also a regular trainer on her risk assurance subjects to internal and external professionals.
Jenny holds a Master of Accountancy, Master of Business Administration, Bachelor of Science in Business Computing (Hons), Graduate Diploma in eCommerce and Graduate Diploma in Information Technology Security. She has several professional certifications and she has served on the Board of ISACA since 2015, the Advocacy Committee of IIA since 2017, the SATA Commonwealth Digital Committee since 2019 and IAPP Asia Advisory Board since 2019. She is also the ISACA SheLeadsTech Champion who spearheaded this initiative to close off diversity gaps.
CO-HOST & PANELIST:
Director, Group Audit,
Mabel Bolisay is a leader in technology audit, risk advisory, project management, and digital transformation programs, with a diverse experience spanning 20 years across industries. She is currently a Director in Group Audit at Deutsche Bank Asia Pacific (DB), managing the Global Markets Technology Audit Team in APAC. She is part of DB’s global IT audit leaders, who act as independent business partners and provide a pro-active, systematic, and disciplined approach to examine, evaluate, and objectively report on the adequacy of both design and effectiveness of the bank’s internal control, as well as the effectiveness of IT risk management and governance processes. Her work focuses on both risk-based and regulatory compliance assessments and reviews for applications security, front to back technology processes, vendor outsourcing, and electronic trading functions. Her global and regional responsibilities cover 11 countries in APAC, as well as the relevant global markets application and production management functions located across the globe.
Prior to joining DB, she has led strategic implementation programmes, such as SAP GRC across different industries, as well as an end-to-end digital insurance platform, innovative retirement product solutions and distribution channel transformation. She has also held senior management roles in both KPMG and EY Singapore for IT audit, risk and management consulting. She holds a Bachelor of Science in Accountancy from Wesleyan University-Philippines, and is certified as CISA, PMP, and CPA. Mabel is a strong advocate of diversity and inclusion, and aims to be a catalyst for empowering women in the workplace and increasing their leadership representations.
Theresa contributes over 25 years experience in the Technology, Executive Search and Organizational & Leadership development business in Asia.
Theresa’s career began with IBM Singapore where she managed global petrochemical and transportation clients such as Shell and British Petroleum. The management of these clients had taken her all over the world for business planning and client meetings.
After IBM, Theresa established a boutique talent firm specializing in High-Tech sectors, under the global brand of International Technology Partners (ITP World-Wide), Houston. She was an equity partner as well as Co-Chairman. In 2008, she was selected by Business Week as one of ‘The World’s 150 Most Influential Headhunters’.
Through 360 Dynamics (Singapore and Malaysia), Theresa provides consultancy, coaching and facilitation in organizational development, leadership assessment, development and succession planning. Her clients include MNCs and equity-funded startups and span across private and not-for-profit sectors.
Theresa holds an MSC (Organizational Psychology) from Baruch College, City University of New York and a BBA from the National University of Singapore. She is an associate coach and women leadership advisor with the Centre for Creative Leadership.
She is a board member of the Agency for Integrated Care (Ministry of Health), a member of the Governing Council of SID (Singapore Institute of Directors) and Chairperson of SATA CommHealth - winner of the 2018 Corporate Governance awards. She is the Immediate past President of The Centre for Non-Profit Leadership and a Council member for ICLIF’s leadership energy awards.
Head of CSO – APAC
Sunila joined Deutsche Bank (DB) in 1996. She is currently the Chief Security Officer - APAC.
Other roles in DB were Lead for Application Transformation – Nucleus Program, CIO Global Banking (GB), CIO HR technology, CIO Private Wealth Management (PWM), CIO GT APAC, CIO of Operations IT, CIO of Banking Systems IT, providing IT solutions to GTB, PBC, PWM and HR predominantly.
Based in Singapore, Sunila had accumulated vast experience with an exceptional track record of more than 41 years in IT solutions, for the financial industry in private wealth, cash management, trade finance, custody, securities, retail banking, treasury back office and stock exchange/ central depositories.
Prior to joining DB, she was a Senior Consultant in various software consulting firms and had developed the initial versions of two wholesale/corporate banking solutions/products which are predominant in the financial markets: Banker (Flexcube) and Symbols.
Sunila holds a Bachelor of Arts degree in English. She further pursued post graduate diplomas in Marketing Management and Computer Management from Mumbai University, India.
Sunila is a key proponent of equality and diversity, both within and outside of Deutsche Bank, presenting regularly at industry conferences and diversity forums as a key note speaker and panel expert.
MORE TRACK SPEAKERS
TALENT POOL: PROF PANG HWEE HWA
Professor, Dean of the School of Information Systems
Singapore Management University (SMU)
Hwee Hwa is a professor, as well as the Dean of the School of Information Systems at the Singapore Management University, or SMU. He and his colleagues at SMU are passionate about creating computing technology for companies and public agencies to transform their business models and processes. The technology areas that the school cover span cybersecurity, cyber-physical systems, data science, machine learning, and intelligent systems. They also offer various Bachelor, Master and PhD degree programs that train IT professionals, in technology development, application of IT in business and smart city, and addressing legal concerns associated with new technology.
HOT TOPIC: MIKE LEOW
Privacy Engineering Lead
GrabTaxi Holdings Pte Ltd
Mike is the Privacy Engineering Lead at GrabTaxi Holdings Pte Ltd. He was tasked to setup the Privacy Engineering team where his role is to infuse privacy into the company. Besides infusing the Privacy by design concept into the company and developing privacy tools, he also involves in Privacy Assurance advisory work in the company
Prior to Grab, Mike spent 4 years with the Singapore Personal Data Protection Commission as an Investigation officer, where he investigates into data breaches. He was also a member of the “Data Protection Office” in PDPC, where he carried out the Data Protection Impact Assessment exercise for the commission.
Mike currently is a member of the IAPP Asia Advisory Board and Fellow of Information Privacy. He is also a certified CISA, CISM, CIPM, CIPT, CIPP/A and CITPM. Mike holds a Bachelor degree in Information Technology and a Master of Science in Information Studies.
GOVERNANCE & SECURITY TRACK: SIGFRIED CHING
Managing Director, Risk Assurance – Digital Trust
Topic: "Marriage of Business and Technology Resilience – Till Crisis Do They NOT Part"
Background: Sigfried is a Managing Director with PricewaterhouseCoopers Singapore in the Risk Assurance group and has over 24 years of professional experience of around 11 years were in the field of Incident/Crisis Management and Business Continuity Management. He also has experience in IT Audit, Operational Risk Management and in large, complex transformation programs.
COMPLIANCE, AUDIT TRACK: JONATHAN LING
Director, Advisory Services, ERNST & YOUNG
Topic:"Robotic Process Automation (RPA) Assurance"
Background: Jonathan is a Director with the Advisory Services practice in Singapore. He has over 15 years of experience in conducting audits and consultancy projects around technology risk and data analytics. His areas of experience include security and risk governance, outsourcing and third party vendor risk management, process risk and technical assessments. He is responsible for service delivery and managing multiple engagement teams that assist clients in deploying proper information systems, resources and internal controls to manage risk and improve efficiencies. He has also performed and led engagements covering process analytics, transaction verification, revenue assurance as well as analytics enablement for Internal Audit and Finance clients to embed data analytics into risk management, fraud detection and performance improvement initiatives.
Jonathan graduated from the University of Melbourne in Australia with a Bachelor of Science (Information Systems and is a Certified Information System Auditor.
COMPLIANCE, AUDIT TRACK: HOI WAI KHIN
Director, Business Consulting, RSM Singapore
Topic: "Endpoint Security Audit"
Background: Wai Khin specialises in information security and business continuity, and has vast overseas and local experience in managing technology risk.
In his current position, Wai Khin has extensive exposure to the management of risk/audit/security programmes to meet legal, human resources, audit, IT, risk management and information security requirements. This involves constant innovation of ideas to implement value-added security programmes to support the client's organisational objectives and building a robust security framework that goes beyond regulatory compliance.
His global experiences include assisting organisations in audits for IT due diligence, Sarbanes Oxley 404 IT General Computer Control, and IT diagnostics for mergers & acquisitions. Wai Khin has also supported clients in ISO 27001 certification projects, cloud technology, bring your own device (BYOD), as well as compliance with Singapore's Personal Data Protection Act (PDPA) and internal and external IT audit requirements.
Prior to joining the firm, he was an information security officer managing security, business continuity and audit programmes for a global B2B company. His experiences also include working as a data protection officer for a leading semiconductor manufacturer, tasked with protecting highly confidential R&D IP information. Wai Khin also previously provided audit assurances, security and business continuity advisory services at a Big 4 firm.