-
08:30
Registration and breakfast
-
08:50
Welcoming Remarks from Corinium
Eleen Meleng - Content Director, CISO Malaysia - Corinium
-
08:55
Chair's Opening Remarks
-
09:00
Speed Networking – Making new connections at CISO Malaysia!
During this 10-minute networking session, the aim of the game is to go and meet three people you don't already know. Use the questions on the screen to guide your conversation. Have fun!
-
09:05
International/Ministry Keynote
Government and Industry Partnering Up to Strengthen National Cyber Resilience- Exploring the development of collaborative frameworks that bring together government agencies and private industry players to enhance national cybersecurity
- Discussing how governments and industries can work together to ensure that regulations are both comprehensive and flexible enough to address the dynamic nature of cyber threats, while also encouraging innovation and growth in the digital economy.
- Examining how partnerships between government and industry can facilitate capacity building through training programs, resource sharing, and the development of cybersecurity skills.
-
09:30
Developing a Secure Future: Managing and Scaling a Modern Developer Security Program
- Focusing on the critical aspects of building and enhancing a modern developer security program.
- Implementating security practices tailored to the unique challenges of software development
- Discussing the different methods for assessing vulnerabilities based on their potential impact and likelihood of exploitation
-
09:55
CISO Panel
Navigating the Cyberstorm: Strategies for CISOs to Overcome Key Challenges in 2025- Adapting to evolving threat landscape – exploring different strategies and risk assessment framework for CISO
- Building a strong cybersecurity culture within an organisation by engaging employees through training and open communication
- Aligning cybersecurity initiatives with broader business objectives – risk management, budget, and cross-department collaboration
Moderator
- Datuk Alan See Co-Founder & CEO Firmus
Panellists
- Amir Abdul Samad Head, Cyber Security (CISO) PETRONAS
- Wan Roshaimi Wan Abdullah CTO CyberSecurity Malaysia
- Chee Lung Yuen CISO Technology Risk Management & BCM, AIA
- Thomas Lim Group CISO Affin Bank
-
10:25
Designing A Robust and Future-Oriented Digital Security Strategy Framework
- Identifying critical asset and its vulnerability through assessment and utilising threat modelling techniques to anticipate potential attack vectors
- Adopting a zero-trust architecture and emphasising the importance of continuous authentication and real-time monitoring
- Embracing emerging technologies for enhanced security – AI and ML, blockchain, security automation
-
10:50
Coffee and connect
-
11:20
Panel discussion
Building a Secure-by-Design Architecture: Integrating Security from the Ground Up- Understanding how integrating security from the start can reduce risks, improve resilience, and save costs
- Tailoring security architectures to fit the unique needs of the business, industry, and risk profile
- Addressing the challenges to implement secure-by-design architecture – investment justification, organizational silos, and aligning security
Panellists
- Norsyahrim Abdul Tahar Head of Enterprise Architecture & Governance Alliance Bank
- Yusfarizal Yusoff Head of Security Architecture PETRONAS Digital
- Thayaalakumar Pakerysamy Associate Director, Digital Security - IAM Systems AIA Digital+
- Mohammed Hashim Security Architect Cloud Security Alliance Malaysia Chapter
-
11:50
Preparing CISO Talent For Tomorrow (Not Just Today)
- What are the current challenges around preparing future cybersecurity talent for an ever-changing future?
- Exploring initiatives to close the talent gap: Can AI support the current talent shortage?
- Anticipating the right skills: What skills should a successful future team possess?
-
12:15
Building Digital Trust in the Era of Quantum Computing and AI: Navigating the New Cyber Risks
Suresh Sankaran Srinivasan - Group Head – Cyber Security & Privacy - Axiata
-
12:40
Non-Tech Meets Tech - Taking the Cyber Risk Seriously Across the Board
- Aligning the different perspectives between tech and non-tech leaders to establish common goals
- Fostering a growth-focused relationship with the board
- Presentation is key: What makes a good board presentation and how do you drive board-supported cybersecurity initiatives?
-
13:05
Lunch and networking
-
Track A: AI in Cyber
-
14:05
AI-Driven Security Operations: Enhancing Efficiency and Countering AI-Powered Threats
- Senior representative - F5
- Exploring how AI is transforming traditional security operations by automating repetitive and time-consuming tasks,
- Examining how cybercriminals are increasingly using AI to automate and scale their attacks
- Leveraging AI in defensive strategies – latest advancements in AI-based threat intelligence and anomaly detection
-
14:30
Fireside Chat
Governance and AI in Malaysia: Navigating the Intersection of Innovation and Regulation- Integratingf ESG Principles into Cybersecurity Strategy – exploring the evolving landscape ESG principles intersect with cybersecurity risk management
- Discussing how organizations can integrate ESG considerations into their cybersecurity strategies, aligning security practices with broader corporate responsibility
- Exploring the potential benefits, such as enhanced brand reputation and stakeholder trust, and examining the challenges and opportunities in this integration
-
14:55
Strengthening Authentication and Safeguarding Access in the Age of Advanced Threats
- Exploring how AI is being used to enhance authentication processes – MFA systems, biometric, and continuous authentication methods
- Understanding the critical role AI plays in monitoring and analysing user behaviour to detect anomalies
- Addressing the growing threat of AI-driven attacks on IAM systems, including the potential for AI to exploit biometric vulnerabilities or manipulate identity verification processes
-
15:20
AI-Driven Cybersecurity: Strengthening Defenses Against Evolving Threats
Haris Tahir - Head of Threat and Vulnerability Management - Maybank
- Integrating security early in the development process enhances agility without compromising on data protection
- Examining the vulnerabilities AI applications may introduce and explore strategies to embed security measures throughout the AI development lifecycle
- Optimising value stream management for end-to-end AI development process while aligning development and security
Speakers:
- Gaurav Sharma, Group CIO, MMC Ports
- Thavaselvi Munusamy, Director – GRC (IT/OT), ITT
- Soumo Mukherjee, Head of Cybersecurity, PRefChem
-
15:15
Offensive Strategies and Defensive Countermeasures against the Rise of AI-Augmented Phishing Attacks
- Exploring how cybercriminals are leveraging AI to enhance the effectiveness of phishing attacks
- Delving into the countermeasures that organizations can implement to defend against AI-augmented phishing attacks
- Discussing the importance of integrating AI-driven tools with employee training programs to create a multi-layered defence against phishing attacks
-
Track B: Incident Response
-
14:05
Fortifying Against the Rising Tide: Leveraging MDR to Combat the Evolving Ransomware Threat
Kevin Goh - Senior Sales Engineer - Sophos
Ransomware remains a severe cyberthreat with significant impacts. The average cost to remediate an attack surged to $2.73 million — a 50% increase from the previous year.
Prolonged recovery times highlight the need for comprehensive response strategies. Sophisticated attacks strain security teams, with 95% reporting challenges in essential operations. These findings stress the importance of reinforcing ransomware defenses and recovery plans.
Robust endpoint protection is key. Sophos Managed Detection and Response (MDR) offers 24/7 support to strengthen security. Enhanced defenses help reduce costs, minimize recovery time, and support business continuity against this formidable threat.
Kevin Goh Senior Sales Engineer Sophos
-
14:30
Your Guide to Responding to Cyber Incident
Nantha Kumar Krishnan - Head of Information Technology Operation – APMEA - Kerry
- Exploring some of the security tools to mitigate the risk in digitalisation
- Understanding how technology can create security loophole
- Addressing some of the challenges in implementing preventative care and putting in place a business continuity plan
-
14:55
Automating Incident Response
- Exploring how automation and orchestration can streamline and optimise incident response processes
- Discussing the tools and techniques for automating tasks like alert triage, threat hunting, and incident containment
- Demonstrating the benefits of incident response automation in reducing response times and improving overall effectiveness
-
15:20
AI-Driven Cybersecurity: Strengthening Defenses Against Evolving Threats
- Exploring the factors that make cyberwar seemingly inevitable and discussing the urgency for robust defence mechanism
- Drawing parallels between the need for automation in cyber defence today and the significance of the production line
- Reflecting on the historical intertwining of technology, markets, and war, and how this connection persists in 2024
Speakers
- Thomas Lim Group CISO Affin Bank
- Naveen Chantiran Head of Cyber Security Air Liquide
-
15:45
Threat Intelligence and Proactive Incident Response
- Emphasising the value of leveraging threat intelligence to proactively identify and mitigate potential incidents.
- Collecting, analysing, and applying threat data to enhance an organisation's security posture and incident response capabilities.
- Showcasing real-world examples of how threat intelligence has helped organisations detect and respond to threats more effectively
-
Track C: Security Architecture
-
14:05
Building a Resilient Security Architecture: Best Practices for Designing Robust Defenses
- Discussing how to create a security architecture that evolves with the latest threats
- Exploring the importance of security layers, segmentation, and zero-trust models
- Highlighting real-world case studies from enterprises that have implemented highly resilient security architectures
-
14:30
Fortifying Cybersecurity in Government Agencies in the Digital Age
Akmal Nizam Abdul Halim - Director, Head of IT Management Department - Armed Forces Fund Board (LTAT)
- Exploring how government agencies can design and implement a security-first architecture tailored to the needs of the organisation
- Discussing the importance of continuous monitoring, threat intelligence, and proactive defense strategies, such as penetration testing and red teaming, to counter APTs
- Examining how government agencies can ensure their cybersecurity practices align with regulatory standards, while also integrating those into broader defense strategies
-
14:55
The Role of AI and Automation in Modern Security Architecture
- Explore how AI and automation can enhance security architecture by improving threat detection, response times, and vulnerability management.
- Discuss the potential for AI to identify patterns that traditional methods may miss.
- Showcase successful AI implementations in security architecture frameworks.
-
15:20
Fireside Chat
Zero Trust Architecture in a Hybrid Cloud World: A Blueprint for Security- Dive into the principles of Zero Trust and how they can be applied to a hybrid cloud environment.
- Examine how to implement Zero Trust for seamless security across on-premises, cloud, and multi-cloud ecosystems.
- Discuss challenges and best practices for securing dynamic cloud workloads while ensuring user access control and data protection.
Speakers
- Prasad Jayabalan Head of Cybersecurity Strategy & Architecture Axiata
- Ashish Vohra ED, Head - Information Security Risk Officer, SC Ventures Standard Chartered Bank
-
15:15
Cloud-Native Security Architecture: Designing for Scalability and Compliance
- Discussing how cloud-native security architecture can enable scalable defenses, adapting quickly to evolving threats.
- Embedding security into DevOps processes and adopting the ‘shift-left’ approach in cloud application development.
- Exploring the role of security automation, compliance monitoring, and Infrastructure-as-Code (IaC) in cloud-native environments.
-
16:10
Teh Tarik & Networking
-
16:40
Fireside Chat
The API Security Imperative: Protecting the Lifeblood of Modern Enterprises- As APIs become the backbone of digital transformation, they also introduce new vulnerabilities that can be exploited by attackers, leading to severe financial, reputational, and regulatory consequences
- Exploring the critical importance of API security in today’s interconnected world, the common challenges organisations face, and why securing APIs should be a top priority
- Discovering how proactive API security strategies can safeguard your enterprise and ensure long-term success in the digital age
Speakers:
- Jaiz Anuar Yeop Johari VP Information & Cyber Security Permodalan Nasional Berhad (PNB)
- Charles Solomon Director of Information Technology & Cybersecurity Senior Aerospace Upeca
-
17:05
Aligning Modern Technology with Security and Business Objectives
- Exploring how we can integrate modern technologies into business
- Planning for security with minimal disruption
- Driving change and building a cybersecurity driven culture cross-department in an organisation
-
17:30
Fireside Chat
What Modern Cybersecurity Strategies Will Help Tackle the New Cyber Battleground?- Modern strategies in cybersecurity: How can we manage new threats that are emerging?
- Risk and threat management in 2024, how has this changed and what has stayed the same?
- How can we anticipate changes that 2025 will bring?
Speakers:
- Manickam Nadesan Head of Information Security & Governance Merchantrade Asia
- Sathis Kumar Batumalai Group Head of IT Security RHB Banking Group
-
17:55
Chair's Closing Remarks
-
18:00
Cheers with peers: Mocktails and mingle
Not Found