2018년 제8회를 맞이하는 CLOUDSEC 행사는 아시아태평양, 유럽, 미주지역에서 개최되는 세계 최대 규모의 클라우드 보안 컨퍼런스입니다.
사물인터넷, 클라우드 컴퓨팅 및 머신 러닝, 인공 지능 및 기타 컴퓨팅 기술의 발전으로 인해 사람과 사물 간에 다양한 방식으로 서로 안전하게 연결되는 시대를 기대하고 있습니다. 이러한 비전을 실현하기 위해서 기업은 복잡하고 정교해지는 사이버 공격, 새로운 사이버 정책, 새로운 기술 및 확대되는 사이버 보안 기술 격차 등의 현재 과제를 해결해야 합니다.
전세계 전문가들과 업계 리더들이 참여하여 기업의 보안 대응력 강화를 위한 사이버 위협 환경의 트렌드를 설명하고, 빠르게 변화하는 초연결 사회에 대응 할 수 있는 정보 보안 및 위협 관리의 기술적 노하우를 공유하는 자리를 마련 합니다.
8:15 - 8:55Networking In Exhibition Area
8:55 - 9:05Housekeeping
9:05 - 9:15Welcome Address
9:15 - 9:45LEVEL UP: Play to Win
For organizations, having a competitive advantage and providing customer delight is, like an online game, a quest that's already being played in the cloud. As devices become smarter and more connected, and as user habits now dictate that faster is better, enterprises must go through their respective hero's journey to harness and master the "super powers" cloud computing can provide them. It is important, therefore, for these organizations to LEVEL UP and "win" in order to reap the rewards. This thematic keynote presentation will provide insights on the latest and upcoming trends in cloud computing, which may challenge current information security mindset and practices. It will also provide recommendations on how businesses can leverage the aforementioned cloud computing trends without compromising the security of their networks and infrastructure.
9:45 - 10:15Realising the Full Potential of Your Workforce
“The illiterate of the 21st century will not be those who cannot read and write, but those who cannot learn, unlearn and relearn” (Alvin Toffler).
This is not just applicable to individuals but organisations as well.
In today’s landscape, rapid technological changes and business transformations are inevitable. Organisations and individuals need to look at innovative ways to drive efficiency and learn to face up to the challenges of a digitally transformed world.
In this session, Whee Teck will share about the concept of value management and the future of learning which act as strategic levers. These levers will not just strengthen Trusted Source’s capabilities but unleash the full potential of the workforce while overcoming the challenges faced in the cybersecurity space.
10:15 - 10:45Inspiring Your Digital Transformation
The CIO role is changing. Sure, it’s still important to keep the lights on but increasingly the CIO is being tasked with driving change. No longer relegated to a peripheral role, the CIO is being called on to inspire change from the centre.
- We have the technology. But who cares? How will you create the necessary energy and inspiration for change?
- How will you help balance innovation with business as usual?
- What will you need to lead necessary change and transformation?
It has never been a better time or a more challenging time to be a CIO. So many of the rising technology opportunities, like digital transformation, machine learning, artificial intelligence, IOT, and cloud offer the chance for CIOs to be in the middle of the discussion around topics of significant value to the enterprise. At the same time risks associated with security are also at the top of the agendas of many boards. Again, the CIO is one of the key drivers of risk mitigation, playing both offense and Defense. In this session Dhanya will discuss how finding faster paths to seizing opportunity and mitigating risks requires a better ecosystem. With that, organisations and enterprises must ask: what threats should they prepare for? What risks are involved? What processes and procedures should be implemented?
10:45 - 11:15Morning Break
11:15 - 11:45Creating Holistic Cyber Security Strategies
The world of IT security is moving rapidly as a wealth of new technologies such as artificial intelligence, machine learning and deep analytics, to name a few, enter the markets and help to improve defenses of organizations. But even as these innovations vastly improve the technology, there still exist organizational challenges that remain as hurdles to the successful delivery of a robust IT security strategy. In this session IDC will touch on the future of IT security technologies and focus on the structural changes organizations need to make to ensure that this depth of innovation can be best leveraged to create a holistic and robust enterprise security strategy to better equip the frontlines of this cyber war that all organizations are now faced with.
11:45 - 12:15View of Current Risks and Security Regulatory Landscapes in Singapore
The alarming frequency and sophistication of cyberattacks, and the direct impact to economy and society-at-large demands that governments take decisive action to protect both their economy and the privacy of their citizens. The speaker will talk about the regulatory landscape for CyberSecurity in Singapore and the impact to businesses.
12:15 - 12:40Panel Discussion - Redefining Security
It has been long established that cloud computing is no longer an option or simply an inevitability for organizations; it’s now the new norm for organizations, regardless of size or type.
However, the journey to the cloud is not always a smooth ride, as dynamic real-world factors—from cybercrime and organizational preparedness to geopolitical issues—have to be considered.
In today's computing landscape, how should we define cybersecurity?
In our panel discussion, our panel of experts will talk about the impact of the aforementioned factors to an organization's cybersecurity and cloud strategies and what enterprises need to do to LEVEL UP.
12:40 - 13:40Networking Lunch
13:40 - 14:10Keeping a Billion Cloud Users Secure
Google secures and protects the data and information for over a billion users across a number of its business units and offerings. With some of the largest global networks and systems, protecting our customers data (both business and consumer) requires leading-edge and scalable approaches to security that are both efficient and effective.
Security is embedded in everything that Google does with significant investments made to drive execution as well as through programs such as Project Zero for security research, Project Shield for DDoS mitigation, while taking a new approach to Enterprise Security with BeyondCorp.
Google continues to invest in testing systems for security weaknesses such as finding the first SHA-1 collision and the SSL 3.0 POODLE vulnerability, and openly promotes a Vulnerability Reward Program (paying $3 million in 2016 alone to individuals who have contributed to protect global systems).
Join this session to gain an insight into Google's approach to security, best practice in design and take the opportunity to understand how you can engage with Google to drive security in your organization.
14:10 - 14:40Enabling & Securing the Digital Enterprise
Today, many organisations are experiencing the impact of Digital Transformation. Digitalisation has caused wide-spread disruptions across various industries and multiple aspects of business, unlocking opportunities for value creation as well as cyber risks. Find out in this session how you can safeguard your enterprise data, hybrid network and digital infrastructure. Gain insights on the latest offerings in managed security services and cyber defence.
14:40 - 15:10How do you implement a Cloud Security Strategy?
Many organisations are going through a change to become more innovative driving digital transformation using the power of cloud. The challenge to this is managing security with this new found agility.
How do you enable business agility and manage risk at the same time?
From Strategy to Execution Jonathan Limbo CEO of RightCloud, Ex-Cloudera (Big Data) and Ex-Amazon Web Services (Cloud) will walk through how to manage this transformation Policy to Implementation. Walking through how to implement your cloud environment and have the right approach in tooling so that you can Govern, Manage Risk and Comply with the new norm.
15:10 - 15:40Afternoon Break
15:40 - 16:10Securing the Smart Nation: Moving towards Utopia with Security in Mind
Singapore wants to build a smart nation by 2025. The smart city from within is a system of heterogeneous systems with broad and complicated attack vectors. We want to review modern installed components in smart cities, including electricity management systems, air-quality sensors, solid waste management, urban transportation, exposed infrastructure, and how open government data might make them more robust. We will also provide a checklist to secure your smart city.
16:10 - 16:40Cloud services assurance frameworks
Cloud services innovation, deployment and consumption are proliferating at a runaway rate today, for all the good reasons of opex cost management model, backup and storage, business continuity, scalability, flexibility et al. Then there is FinTech, IOT, mobile apps, all adding to the cloud expansion too.
Nonetheless there are security and governance concerns too, primarily regarding data and availability, given that cloud is an outsourced model, a different network architecture and the user loses visibility and control.
It is paramount to consider and comply with nationally and internationally established security and trust frameworks and certifications, such as from ISO, CSA and also some local ones from SGX-MAS-ABS and IMDA, as at least a base-line assurance and trust reference, that certain processes, policies and methodologies are in place to ensure the cyber-security of the cloud services. We also look at a sampling of statements of assurance from some big cloud providers like Microsoft, Amazon and SingTel.
16:40 - 16:55Panel Discussion - Level up your Cloudsecurity in 2017
What do you need to know about your data and how do you ensure it is compliant in the cloud? - Breaking down data compliance rules and what it means to your organisation. - How can IT security adapt to safely support digital transformation whilst also remaining compliant? - How do you monitor and secure your data as it grows and spreads across multiple cloud locations?
17:25 - 17:35Closing Address and Prize Draw
13:40 - 14:10Threat Protection for Next Gen Data Centers with NSX
NSX builds networks in software. Data center operators can achieve levels of security, agility and economics that were previously unreachable with physical networks. Learn how to deliver granular security to every workload with micro segmentation and in addition - reduce operational overheads and enable consistent security and networking policy across multiple private sites or even across to public clouds.
14:10 - 14:40Availability to the cloud: Best Practises to outsmart Ransomware
After becoming one of the main cyber security threats in 2016 and recently causing an international turmoil in May 2017, ransomware is keeping everyone on their toes regarding the protection of their critical data and computer systems. As infection approaches diversify and traditional antivirus protection is surpassed, companies need to treat data protection proactively, getting the right solutions and processes in place to prepare for the inevitable attack.
- Discover the benefits of extending Availability to the cloud
- How to efficiently recover from an attack
14:40 - 15:10Level Up - Raising the bar for cybersecurity
In a threat landscape that continues to evolve, your organization has to be better prepared to stave off threats. Attacks can go unseen for weeks because threats are increasingly difficult to detect, and there is a lack of visibility and threat intelligence to provide insight for quick remediation.
But attacks that go unnoticed are just the beginning. Your pain point could be the siloed security products you’re using that don’t work together. Risky user behavior. Or anything that endangers your data or dulls your competitive edge. In this session, Mr Tarun Gupta will share how can you partner with Trend Micro to fight against the evolving threats.
15:10 - 15:40Afternoon Break
15:40 - 16:10Ransomware: Bigger, Badder, Stronger
Ransomware has been a problem in the cyberspace since it was first discovered in 2005. Its emergence forever changed the way the world perceives cyber threats. Unlike the old days when worms and ordinary malware are just relatively small clout in a computer system, ransomware proved that it can have real-life damage to users, not to mention to enterprises that are subject to damage in operations and brand reputation.
As ransomware attacks continue to diversify over the years, so does its targets. Now, no business or user is too small or big for ransomware. In 2016, it cost victims over US $1 billion in losses, which is the most expensive to date. As far as impact is concerned, look no further than the outbreaks of WannaCry and Petya. Affected hospitals had to turn away patients or shut down their emergency wards. Car manufacturing plants had to stop production, and power grids were disrupted.
It will not be surprising if ransomware grows into something more dangerous in the future. In terms of potential, they can evolve into something that can disable an entire infrastructure until the ransom is paid. Cybercriminals may soon look into approaches like hitting industrial control systems (ICS) and other critical infrastructure to paralyze not just networks but ecosystems.
16:10 - 16:40Cyber Security - Back to the future
Back to 1999. Systems were connected. Security Weaknesses existed. Hackers broke into systems. In 2017, millions more systems are connected. Hackers turned into cyber soldiers, spies, criminals or entrepreneurs. The same (and many more) security weaknesses exist within the average organisation. The consequences for our economies, political landscape and people’s lives are devastating. No matter how many security products we buy, we seem to ignore basic security hygiene. The Aussie Department of Defence created the Top 4 in 2013 and the Essential 8 in 2017. Sound advice that will prevent malware from running and limit the extent of incidents.
16:40 - 16:55Panel Discussion - Level up your Network Security
Balancing network performance and security as network architecture grows in complexity. - Assessing the advantages and disadvantages of active and passive network security devices. - Is ROI the right metric to justify spending on network security, what are the alternatives? - How can you effectively communicate cyber risk to budget holders?
17:25 - 17:35Closing Address and Prize Draw