This document advertises a cybersecurity conference for financial institutions to be held in Singapore on March 9-11, 2015. The conference will address growing cyber threats and regulatory changes, and feature presentations from industry experts on topics such as enhancing security frameworks, managing risks from BYOD, leveraging cyber intelligence, and developing cyber risk professionals. A half-day workshop on March 11 will focus on tools and techniques for cyber intelligence and analytics to build cyber resilience. The event aims to provide insights and best practices for financial organizations to mitigate cybersecurity risks through analytical, governance, and algorithmic frameworks.

1. conferences
Cyber attacks are growing everyday in
strength across the globe – and unfortunately
not every battle will be won.
Keeping ahead of regulatory changes whilst building a strong IT architecture is the
only mechanism for safeguarding your future.
Jamie Dimon, CEO JP Morgan Chase
Hilton Singapore
9th
– 11th
March 2015
Featuring Half-Day Workshop:
Cyber Intelligence: Collation and Analytics Tools and
Techniques for Cyber Resilience
Facilitated By:
Dr Raymond Choo
Research Director
Cloud Security Alliance, Australia
Dr Raymond has consulted top tier organisations around the Asia
Pacific region and has 20 years of experience in consulting and
forming cybersecurity frameworks and policies
Attend this Premier Forum and Gain Insights into:
• Enhancing security frameworks based on future trends in
regulation
• Mapping the nature of the unbounded cyber threat
• Increasing yourROIontheITarchitectureandresourcesdeployed
• Mastering the art of effective defence by leveraging big data and
behavioural analytics
• Exploring cyber insurance as a risk transference framework
• Developing cyber risk professionals by investing in human capital
• Leveraging the cloud whilst keeping data security
In the Chair:
Geoff Leeming
Head of InfoSecurity Architecture & Engineering, InfoSecurity Change
RBS, Singapore
Testimonials from Past Related Events:
This is a useful event to share and gain knowledge in practices of
other organisations.
Standard Chartered Bank
Good,informativeandanexcellentnetworkingconferenceinthisregion.
Riyad Bank
The various speakers provided a practical insight into how security is
practically implemented, a definite eye opener.
Maybank
All aspects of security were covered from the cultural to the
technological, from best of breed speakers.
Westpac
Expert Speaker and Discussion Facilitator Panel:
Parag Deodhar
CISO
AXA Bharti, India
Jayaraj Puthanveedu
Director, APAC Regional Head of
Business Continuity Management
and Head of CSBC
Deutsche Bank, Singapore
John O’Driscoll
Senior Manager, IT Risk
ANZ, Australia
Leonard Ong
Professional Advocacy Committee
ISACA, Singapore
Tim Neill
Head, Situational Awareness &
Rapid Response Unit Command and
Control Centre
Standard Chartered Bank,
Malaysia
Murali Narasimhan
Head Governance & Risk Analytics
Group Information & Operations
CIMB, Malaysia
Ganesh Narayanan
Head – Consulting Cybersecurity
Services
Thales, Singapore
Andy Chow
Senior Cyber Intelligence Analyst
RBS, Singapore
Dr. Sarwono Sutikno
Cybersecurity Nexus Liaison
ISACA, Indonesia
Eddy Lee
IT Risk & Security Manager
QBE Insurance Asia Pacific,
Hong Kong
Abhinav Singh
Cybersecurity Engineer
JP Morgan Chase, Singapore
Carrine Teoh Chooi Shi
Head, Product Development and
Marketing
Cybersecurity, Malaysia
Martin Leo
Executive Director Risk Management
Morgan Stanley Investment
Management, Singapore
Sung-Ting Tsai(TT)
Vulnerability Expert (Hacker)
Team T5, Taiwan
Mike Harries
Programme Manager
Bank of America, Singapore
Jaisimha Diwakar
AVP – Vulnerability Manager
Barclays Technology Centre,
Singapore
Andrew Chong
Principal IT Consultant
Singapore Government
Richard Wynn
Executive Director Asia
Howden International, Singapore
Cyber Resilience in Financial Institutions
Mitigating cybersecurity risks through an analytical, governance and algorithmic framework
Enjoy 400% Tax Deduction or 60% Cash Payout with
Productivity and Innovation Credit (PIC). To find out
whether your organisation is eligible for the PIC scheme,
visit http://www.iras.gov.sg/irashome/PIcredit.aspx
Silver Sponsor:

2. P
Day One
Monday 9th
March 2015
08:30 Registration and Coffee
09:00 Opening Remarks from the Chair
Geoff Leeming
Head of InfoSecurity Architecture & Engineering, InfoSecurity Change
RBS, Singapore
09:10 Keynote Presentation:
APAC is Under Attack! Preparing for the Next Frontier
• Assessing the changing risk landscape
• Understanding business disruption risks to the financial services sector
• How well prepared are organizations in the region to respond to
disruptions caused by new wave of threats?
• “Extended Enterprise” – service provider risk
• Forecasting challenges and the path forward for the APAC region
Jayaraj Puthanveedu
Director, APAC Regional Head of Business Continuity Management and
Head of CSBC
Deutsche Bank, Singapore
09:50 Expert Insight:
Minimising Cyber Risk Arising from BYOD
• Understanding and internalising the common challenges arising out of
BYOD usage
• Minimising the cyber risk associated with the mobile workspace
• Harnessing CSOC to develop proactive deterrent measures
Ganesh Narayanan
Head-Consulting Cybersecurity Services
Thales, Singapore
10:30 Coffee and Networking Break
11:00 Expert Insight:
Moving Forward from Traditional IT Security: Looking Towards
Cybersecurity Measures
• Is traditional IT security still relevant?
• The trends toward replacing traditional IT Security with forward
looking cybersecurity measures
• Effectively evaluating between traditional security measures and
forward looking cybersecurity measures and implementing the most
effective decisions
Murali Narasimhan
Head Governance & Risk Analytics Group Information & Operations
CIMB, Malaysia
11:40 Expert Insight:
Keeping Your Data Safe whilst Taking Advantage of the Cloud
• Developing a single management interface to increase compatibility
across internal / external platforms
• Mitigating risk associated with using a myriad of third party vendors for
outsourcing
• Private, public or hybrid? Which makes the most sense?
• Monitoring the cloud effectively to meet data security and data
sovereignty goals
Parag Deodhar
CISO
AXA Bharti, India
12:20 Networking Luncheon
13:20 Expert Insight & Demonstration:
Getting Ready for the Unknown – The Future of Cybersecurity
Attacks
• Exploring Malware, APT, Botnets, Social engineering, Phishing and
their role in compromising security
• Assessing the risk levels associated with each threat
• Finding out developments in major cybersecurity categories
• How to level the playing field against decreasing odds? Cyber
intelligence and analytics
Sung-Ting Tsai(TT)
Vulnerability Expert (Hacker)
Team T5, Taiwan
14:00 Expert Insight:
Building Effective Cyber Defense with Intelligence
• Using intelligence to provide predictive analysis and comprehensive
understanding of cyber threats
• Understanding the adversaries and motivations behind attacks to stay
prepared
• Best practices in establishing the cyber intelligence function within an
organisation.
• Building a trusted eco-system and partnership for cyber intelligence
sharing network
Andy Chow
Senior Cyber Intelligence Analyst
RBS, Singapore
14:40 Coffee and Networking Break
PANEL DISCUSSION
15:10 Regulatory Changes in the Region and Organisational
Reactions to Them
• Analysing the current state of regulation in the region
• Discussions on future regulatory roadmaps: Do they all lead to the
same place?
• Assessing the potential impact on organisational transformation and
investments
• Whatliesahead?Themajorconcernsfacinginstitutionsatthistime
Moderator:
Jayaraj Puthanveedu
Director, APAC Regional Head of Business Continuity Management and
Head of CSBC
Deutsche Bank, Singapore
Panellists:
Leonard Ong
Professional Advocacy Committee
ISACA, Singapore
Parag Deodhar
CISO
AXA Bharti, India
Carrine Teoh Chooi Shi
Head, Product Development and Marketing
Cybersecurity, Malaysia
15:50 Expert Insight:
Preventing Data Leakage by Tightening Privacy Laws; Mending
the Weakest Links
• Assessing the impact of data leakages on both financial and regulatory
aspects of financial organisations
• Reviewing and improving data leakage prevention strategies across
the board
• Predicting and analysing future focused methodologies meant to
mitigate data leakage associate risk
Carrine Teoh Chooi Shi
Head, Product Development and Marketing
Cybersecurity, Malaysia
16:30 Case Study:
Aligning Top Management towards Cybersecurity in Low
Maturity Environments
• How/Wheretostart?
- Assessing the current environment against known cyber attacks
- Creating awareness to the executives on the current risks
- Enabling C-Suite buy in by integrating IT risk with tangible metrics
• Ifyoucan’tmeasureit,youcan’tmanageit
- Creating metrics that effectively manage the cybersecurity goals
• Whatelse?
- Increasing communication and integrating that within a holistic
organisation wide security framework
Eddy Lee
IT Risk & Security Manager
QBE Insurance Asia Pacific, Hong Kong
17:15 Closing Remarks from the Chair and End of Day One

3. P
Day Two
Tuesday 10th
March 2015
08:30 Registration and Coffee
09:00 Opening Remarks from the Chair
Geoff Leeming
Head of InfoSecurity Architecture & Engineering, InfoSecurity Change
RBS, Singapore
09:10 Case Study:
Transforming Cybersecurity, Risk and Control for Evolving
Threats
• Analysing cybersecurity vulnerabilities, threats and risks and their
associated risk based control categorisation
• IntegratingcybersecuritygovernancewithoverallInformationSecurity
Governance,RiskandAssuranceinlinewithlifecycleapproachof
preparing,investigating,responseandtransformingcybersecurity(PIRT)
• Developing the cybersecurity paradigm by developing communication
with the top management and all relevant stakeholders
• Transforming cybersecurity using COBIT 5 and real case study
demonstrations
Dr. Sarwono Sutikno
Cybersecurity Nexus Liaison
ISACA, Indonesia
09:50 Expert Insight:
Increasing Agility in Incident Response: Being More than Sub
Optimal
• What’s the cost of delayed incident response times? What’s the impact
on reputational and operational risks?
• Re-designing Incident Response (IR) plan and policy to streamline the
response process
• Ensuring your IR plan is integrated across business units
Tim Neill
Head, Situational Awareness & Rapid Response Unit Command and
Control Centre
Standard Chartered Bank, Malaysia
10:30 Coffee and Networking Break
11:00 Expert Insight:
Comprehending Cyber Insurance as a Feasible Risk Transference
Mechanism
• What is cyber insurance and how it can help?
• What types of cyber coverage are present?
• Reviewing the current state of cyber insurance implementation in the
region
• Knowing when to use cyber insurance within the existing IT risk
framework
Richard Wynn
Executive Director Asia
Howden International, Singapore
11:40 Expert Insight:
Building a Big Data Mindset to Safeguard Your Organisation
from Sophisticated Attacks
• What differentiates big data from small data?
• Is log analysis enough to prevent the next attack?
• Building sense from billions of small data points
• Automating bigdatalearningsystemstoprotectagainstevolvingthreats
• Dealing with data privacy issues within big data analytics
Abhinav Singh
Cybersecurity Engineer
JP Morgan Chase, Singapore
12:20 Expert Insight:
Turning IT Personnel into Cybersecurity Risk Professionals
• Understanding the dynamics of cybersecurity talent supply and
demand in the region
• Identifying the key Knowledge, Skills and Abilities (KSAs) for the new
area cybersecurity risk professionals
• Formulating retraining programmes to bring IT personnel up through
the ranks
Martin Leo
Executive Director Risk Management
Morgan Stanley Investment Management, Singapore
13:00 Networking Luncheon
14:00 Expert Insight:
Building a Future Focused IT Architecture for Maximised ROI
• Staying in the curve of evolving cyber threats
• Evaluating the security level of your current IT system deployment and
support
• Smartly investing in your cyber risk management by understanding
which threats can be mitigated through which technologies
• Ensuring the best ROI for security and functionality
Jaisimha Diwakar
AVP – Vulnerability Manager
Barclays Technology Centre, Singapore
14:40 Case Study:
Content Delivery Network and Web Application Firewall: A
Double Whammy for Hackers?
• How does CDN and WAF help prevent cyber attack for institutions?
• Discussing the defacement of Malaysian Airlines Website even though
both CDN and WAF were in place
• Techniques to close the gap and building strengths for the future
Andrew Chong
Principal IT Consultant
Singapore Government
15:20 Coffee and Networking Break
15:50 Expert Insight:
Effectively Increasing User Awareness and Aligning it with
Cybersecurity Goals
• Using Network Behaviour Analytics for threat detection and advance
reporting
• Building training programmes that leverage on best practices and
incorporate metrics
• Transforming training programmes into immersive learning
experiences for Non-IT professionals
• Getting buy-in from top management for cybersecurity goals to
nurture a culture of data stewardship and data care
John O’Driscoll
Senior Manager IT Risk
ANZ, Australia
PANEL DISCUSSION
16:30 Building Cyber Resilience for Years to Come
• Taking current methodologies to the next level
• Combining the best of risk frameworks and technology
• Building and using big data to change from a reactive to proactive
framework
Moderator:
Murali Narasimhan
Head Governance & Risk Analytics Group Information & Operations
CIMB, Malaysia
Panellists:
Mike Harries
Programme Manager
Bank of America, Singapore
John O’Driscoll
Senior Manager, IT Risk
ANZ, Australia
Tim Neill
Head, Situational Awareness & Rapid Response Unit Command and
Control Centre
Standard Chartered Bank, Malaysia
17:15 Closing Remarks from the Chair
17:30 End of Conference
marcus evanswould like to thank everyone who has helped with the
research and organisation of this event, particularly the speakers and
their staff for their support and commitment.

4. W Half-DayWorkshop
Wednesday 11th
March 2015
CYBER INTELLIGENCE: COLLATION AND ANALYTICS TOOLS AND
TECHNIQUES FOR CYBER RESILIENCE
• The emerging cyber threat landscape: Not a matter of if, but of when!
• Proactive cyber intelligence collection and sharing
• Incident handling: Bringing together incident management, digital
forensic, Capability Maturity Model for Service, etc
• Securing the weakest link … Humans! An Engaging Stakeholders,
Acceptable Behaviour, Simple Teaching method, Yardstick (EASY)
training model
Dr Raymond Choo
Research Director
Cloud Security Alliance, Australia
About Your Workshop Facilitator:
Dr Raymond Choo
Research Director
Cloud Security Alliance, Australia
Dr Raymond is Research Director at The Cloud Security Alliance (CSA)
Australia Chapter. He’s also a Fulbright Scholar and Senior Lecturer of
University of South Australia. Dr Raymond has (co)authored a number
of publications in the areas of anti-money laundering, cyber and
information security, and digital forensics including a book published
in Springer’s “Advances in Information Security” book series, and a
book published by Syngress/Elsevier (Forewords written by Australia’s
Chief Defence Scientist and Chair of the Electronic Evidence Specialist
Advisory Group, Senior Managers of Australian and New Zealand
Forensic Laboratories). His research has been widely cited, including in
key government reports such as the 2010 Australian Government House
of Representatives Standing Committee on Communications Report on
the Inquiry into Cyber Crime, 2011 Australian Government Joint Select
Committee’s Report on Cyber-Safety.
Some achievements in Dr Raymond’s career:
• 2014 Academic Impact and Uptake Award which recognises
researchers who have made important contributions to knowledge and
have demonstrated excellence in research achievement in an area of
strategic importance to the University of South Australia
• One of 100 Emerging Leaders (Innovation) in Weekend Australian
Magazine / Microsoft’s Next 100 Series in 2009
• Recipient of 2010 ACT Pearcey Award
• 2010 Consensus IT Professional Award
• 2009 Fulbright Scholarship
• 2008 Australia Day Achievement Medallion
• 2008 British Computer Society’s Wilkes Award Computer Journal
2007’s Best Paper
Workshop Schedule:
08:30 Registration and coffee
09:00 Morning session commences
10:30 Morning refreshments and networking break
11:00 Morning session re-commences
12:30 Workshop concludes
Why You Cannot Miss This Event:
The Asia Pacific region is two times more likely to be targeted by advanced
cyber attacks than the rest of the world according to Fireeye Research.
On top of the list of attacks are financial institutions for the importance
of data they possess. With organised cyber crime now controlling a
multi-billion dollar black market, customers of financial institutions
are becoming more concerned about the safety of their data, making
regulators clamp down on issues related to cybersecurity. Clearly,
cybersecurity has become a matter of survival for banks in the region.
Cyber attacks are here to stay. The only thing that can define success or
failure in terms of an attack depends on how the organisation chooses
to respond to it. This marcus evans event Cyber Resilience in
Financial Institutions will bring together accomplished speakers to
analyse the pressing issues affecting CIO’s, CISO’s and information security
professionals in the region. Burning issues such as tackling the fluid nature
of regulation in the region, transforming cybersecurity professionals
into risk managers, raising user awareness within institutions as well as
leveraging big data and behavioural analytics to better protect against
growing threats, this forum will provide answers and insights into topics
that hold relevance for years to come.
There will also be a workshop on developing and solidifying cyber
intelligence and analytics to help professionals implement changes to
their current organisational processes without having to spend heavily on
augmenting their IT infrastructure and architecture. The main aim of the
workshop is to help professionals develop data collection grids, automate
analytical frameworks and frame feedback loops into organisational
policies to create a more proactive approach to cybersecurity.
Who Should Attend:
C-Level Executives, Presidents, Vice Presidents, Managing
Director, Directors, General Managers, Head of Departments,
Senior Managers, Regional Managers, Managers, Supervisors,
Executives of Financial Institutions:
• IT Audit
• IT Risk
• IT Compliance
• Operational Risk
• IT Infrastructure
• IT Security Analysis
• IS Compliance & Audit
• IT Assurance
• Systems
• Database
• ICT
• Risk
• Governance
• Disaster recovery
• Security System Architecture
• Network Security
• Enterprise Security Architects
Business Development Opportunities:
Does your company have services, solutions or technologies that the
conference delegates would benefit from knowing about?
If so, you can find out more about the exhibiting, networking
and branding opportunities available by contacting:
Peter Morgan on +61 2 9238 7200 or email
PeterM@marcusevansau.com

5. Speakers Profile
John O’Driscoll
John O’Driscoll is Senior Manager, Information & Technology Risk, with the ANZ
Banking Group located in Melbourne, Australia.
Prior to ANZ, John was the Head of IT Risk and Security at AMP in Sydney,
Australia. He had responsibility for IT Risk, IT Security and Disaster Recovery for
the AMP group who are a leading fund manager, superannuation and insurance
company in Australia and New Zealand.
John has over 25 years IT governance and risk management experience which he
has acquired in a number of IT Audit and operational risk management positions
in the financial services and public sectors. He was an early adopter of computer
assisted audit techniques and has trained many financial and IT auditors in the
use of Audit Command Language (ACL).
Andy Chow
Andy is a certified cyber security professional with more than 12 years of
experience in various critical infrastructure industries such as banking, military,
telecommunication, manufacturing and transportation. In his current role
under corporate security services, he specializes in cybercrime intelligence for
a global bank. His areas of responsibilities include monitoring and identifying
cyber threats through open and closed source intelligence, delivery of strategic
and tactical intelligence products for information security, cyber security and
information technology stakeholders to make informed security decisions.
Andy acts as an ambassador for the bank to build and maintain relationships
with law enforcement, intelligence community, cyber security organizations,
and peers from banking & financial services industry. Andy has broad skill
sets with cybercrime intelligence and cybersecurity which includes cyber
intelligence strategy development, intelligence collection and analysis, malware
analysis, security analytics, cyber incident response and investigations, and
delivery of security infrastructure technology solutions. He holds the following
certifications: GCED, CISSP, CISM, CRISC, CISA.
Parag Deodhar
Parag is the Chief Risk Officer & Senior Vice President at Bharti AXA General
Insurance Co. Ltd. Parag is a Chartered Accountant, Certified Information
Systems Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US.
He is also the President of Bangalore Chapter of ACFE. He has over 17 years’
experience in Enterprise Risk Management, Information Security and Forensics,
Audit, Consulting and Programme Management. Parag has written several
articles in online and print media and is a regular speaker at industry forum and
seminars. Parag has worked with multinationals like AXA Group, Deutsche Bank,
KPMG and Mahindra British Telecom.
Abhinav Singh
Abhinav singh is a young information security specialist with a keen interest in
the field of Information security and has adopted it as his full time profession.
His core work areas include Malware analysis, Network security, System and
Enterprise security. He is also the author or “Metasploit Penetration testing
Cookbook” and “Instant Wireshark” published by Packt Publishing, UK.
Abhinav’s work has been quoted in several Infosec magazines and portals. He
shares his day to day security encounters on www.securitycalculus.com.
Leonard Ong
Leonard has over 15 years of experience in Information and Corporate Security
gained in telecommunication, enterprise and banking industries. He has been
in a number of different roles within security profession such as Information
security, corporate security, project management, consulting and business
development. He leads Enterprise Governance practice for a regional consulting
firm. Prior to that, he was with Barclays Capital as Head of Information Security
Risk & Operation, Asia pacific. During his tenure with Nokia Siemens Networks,
he provided professional consulting services for regional telecommunication
carriers to secure their networks. Public recommendations were received for the
projects. Leonard spent 7 years in Nokia Corporate Security. He was responsible
in securing Nokia businesses across the region, which includes 7 countries.
Leonard has been volunteering in a number of security associations since early
2000. His longest service is with ISACA Singapore Chapter where he has been
elected as Chapter President twice. He is currently serving as Honorary Chairman
for ASIS International Singapore Chapter since 2011 among other appointments.
Leading information security associations, such as (ISC) and ASIS International,
have recognized his efforts. He was awarded Information Security Leadership
Achievement (ISLA) - Senior Information Security Professional category in
2011 and Professional Certification Board Regional Award in 2014. Previously,
National Infocomm Competency Centre (NICC) has awarded Leonard with ‘IT
Specialist of the Year’ in 2005. He received K. Wayne Snipes 2013 award for
ISACA Singapore Chapter being the best very large chapter in Asia. Leonard
regularly delivers presentations and trainings in the region.
Sung-Ting Tsai
Sung-ting (TT) is the leader of Team T5 Research. They monitor, analyze, and
track cyber threats throughout the Asia Pacific region. His major areas of interest
include document exploit, malware detection, sandbox technologies, system
vulnerability and protection, web security, cloud, and virtualization technology.
He especially is interested in new vulnerabilities in new technologies, and
frequently presents the team’s research at security conferences, such as Black
Hat, HITCON, and Syscan. He and Ming-chieh are members of CHROOT security
group in Taiwan. Sung-ting (TT) is also the organizer of HITCON -the largest
technical security conference in Taiwan.
Mike Harries
Mike Harries has a broad range of experience including the management
of people, budgets, vendors, projects, risk, compliance and varied hands on
technical skills spanning a career of over thirty years. The industries that I have
mainly worked in are the telecommunications industry, banking, energy,
beverages, insurance and manufacturers. He was as Head of Networking at
Coca-Cola for five years and was responsible for building from scratch, a global
network carrying voice, data and videoconferencing traffic.
He has spent the last twelve years at Standard Chartered Bank primarily in the
roles of Programme manager, Network Design, Network Security Architecture
and Network Governance. He also has, over the past few years, been more
involved with infrastructure risk, audits and compliance.
Recently, he has been working as a technology consultant, looking at
recommendations for the application landscape of a leading Singaporean bank.
The recommendation pack that his team has produced will shortly be presented
at board level. Currently he is at Bank of America, as a Programme manager,
rolling out voice related infrastructure throughout APAC.
Eddy Lee
Eddy Lee leverages his 15 years of security leadership experience to advise
organisation on reducing their risk posture by solving complex security problems
and by building resiliency into their organization. Eddy delivers expert guidance
on reducing the high cost of IT security failures, both financially and in terms
of brand reputation with his deep expertise in network security, identity
management, policy design, risk assessment and penetration testing. Before
joining the QBE team Eddy was a Regional Head of Information Security Risk
for HSBC Private Bank and a Lead Information Risk Manager for CSC, where he
gained valuable experience building security programs for enterprise class clients.
Jayaraj Puthanveedu
Jayaraj Puthanveedu is the Asia Pacific Head of Business Continuity
Management and Corporate Security and Business Continuity Head for
Deutsche Bank Singapore. Prior to his current role, he was in heading a portfolio
of functions such as Operational Risk, Business Continuity, Corporate Security
and Anti Fraud for Deutsche Bank in India and Sri Lanka.
In the past, he has held several leadership and technical roles across the
region at Northern Trust, Goldman Sachs and Cable & Wireless in the areas of
Operational Risk, Information Security, Technology Risk and Business Continuity
Geoff Leeming
Geoff Leeming is the Head of Information Security Architecture and Engineering
for RBS Corporate and Institutional Banking. He has worked and consulted in
Information Security for over 20 years, working across numerous industries but
specialising in Investment Banking. He holds a master’s degree in Information
Security from Royal Holloway, University of London.
Richard Wynn
With over 24 years experience of handling Financial and Professional Risks,
Richard began his career in 1991 in London with C E Heath Plc arranging
Professional Indemnity, Directors & Officers Liability and Crime insurances
before moving to Howden in 1997. He has since been based in Dubai
establishing Howden’s broking office in the Middle East in 2008 and moved to
Singapore in 2012 to head up Howden’s Financial Lines practice for Asia. Richard
specialises in arranging insurances for Financial Institutions, including Cyber
Insurance and Mergers & Acquisitions Insurance as well as Crime, Professional
Risks and Management Liability.
Dr. Sarwono Sutikno
Dr. Sarwono Sutikno is an Associate Professor at School of Electrical Engineering
and Informatics, Institut Teknologi Bandung and also Senior Lecturer at
Asymmetric Warfare Study Program, Indonesia Defense University.
He has also been appointed as ISACA Academic Advocate for ITB, since 2007; as
Cybersecurity Nexus Liaison, ISACA Indonesia Chapter, since September 2014.
He is also member of Technical Committee 35-01 Information Technology, Head
of Working Group on Service and IT Governance, and Member of Working
Group on Information Security, National Program on Standardization – National
Body for Standard & Ministry of Information and Communication

6. Speakers Profile
Andrew Chong
Andrew Chong has over 20 years of experience in the IT domain and over 10
years in IT Security and risk management.
In the early years, he was a software engineer who has flew to Silicon Valley CA
to work in a technology start-up.
After returning back to Singapore, he achieved the CISSP security certification
in early 2001. Andrew has a broad skill sets which includes Application Security,
Penetration Testing, Cyber Security and have a keen sense of looking out for
security vulnerabilities. He has also modified the Zeus Trojan source code to
demonstrate how the Trojan can bypass 2FA on different Internet banking
banks. In 2014, Andrew was awarded the e-Bay Bug Bounty award for
discovering a OWASP Top 10 high risk vulnerability in eBay website. He also
recently discovered a 0-day full jobs applications resume document download
vulnerability on a major job search site. He currently work as a Principal IT
Consultant in a Singapore government agency.
Tim Neill
Tim Neill is Head, Situational Awareness and Rapid Response Unit, having joined
Standard Chartered Bank in October 2014. He is based at the Bank’s command
centre in Kuala Lumpur, Malaysia and is responsible for incident and crisis
management. Tim is an experienced risk leader with a career that spans more
than 15 years in the banking, oil and gas and private equity sectors.
Prior to joining Standard Chartered, Tim was Global Head of Incident
Management and Head of Command Centre at Deutsche Bank. In this role, he
was responsible for all technical outage response and monitoring. During his
time there, he was instrumental in reducing Deutsche Bank’s incident rate to the
lowest on record.
Internationally experienced, Tim has lived and worked in London, Dubai and
Kuala Lumpur having held senior risk leadership positions with global banks
as well as spending a period in private equity where he specialised in the
commercialisation of new technology in the fields of defence and information
security.
Apart from his day-to-day responsibilities, Tim actively supports the Bank’s
sustainability programmes, such as ‘Seeing is Believing’. This programme is a
global initiative dedicated to tackling avoidable blindness and a collaboration
between Standard Chartered and the International Agency for Prevention of
Blindness.
In addition to his passion for new technology, Tim’s interests include veteran’s
level rugby union and restoring vintage motorcycles.
Murali Narasimhan
Murali is the Managing Director, Governance and Risk for Technology and
Operations of CIMB Group. Murali has over 25 years of International experience
in Technology, Operations and Risk Management and has held leadership roles
in Technology and Risk Management at organizational and industry level. He
has extensive experience in the field of resilience and has fostered national and
global partnerships in the field.
Ganesh Narayanan
Ganesh is the Head of Consulting, Cyber Security Services for Thales Solutions
Asia. Ganesh comes with more than 21 years of experience in information
technology, Cyber Security industry, working with major banks, government
agencies, regulators, industrial control/ SCADA based systems, major telecom
and enterprise segments in Asia.
Ganesh has expertise in Cyber Security consulting, Business Leadership, Market
knowledge, Resiliency Management, Performance, Cyber Strategy & Policy
development and Cyber Security training, with extensive exposure in business
footprints in South East Asia.
Ganesh also was an entrepreneur with business development acumen in M2M,
e-Reader based e-Learning solutions and was the founder Director of Vestal
Corporation Singapore from 2006-2011.
Ganesh has a Bachelor Degree in Telecommunications Engineering and an MBA
from California State University, East Bay, California.
A native of India, he lives in Singapore for the last 15 years, has passion for
English literature and also a freelance writer.
Martin Leo
Mr. Leo has over 20 years of experience in diverse and challenging roles in
the Financial Services industry. Prior to joining Morgan Stanley Investment
Management, Mr. Leo served in a number of General Management and Risk
Management roles. His last assignment with ING Group was as the Chief
Administrative Officer at ING Investment Management India and before that
was the Apac Head of Non Financial Risk Management for the Investment
Management business. In these roles, he has combined senior strategic
oversight roles with some very hands on roles involving people, processes
and systems. His specialization has been operational risk management, IT risk
management, business continuity management, fraud risk management and
physical & personal security.
Carrine Teoh
Carrine Teoh Chooi Shi is the Head of Product Development & Marketing
Department, CyberSecurity Malaysia, an agency under the Ministry of Science,
Technology and Innovation, Malaysia (MOSTI).
Carrine Teoh was from the Integrated Circuit (IC) Design field where she was
involved heavily in R&D and IC consultancy. She holds Master of Business
Administration from University of South Australia, Australia and Bachelor of
Engineering (Electrical & Electronics) from Nanyang Technological University,
Singapore. She also had experience in business management and business
development for IT industry before joining CyberSecurity Malaysia.
Her current post at CyberSecurity Malaysia deals with strategic positioning and
collaboration that includes the development of new products and services,
initiatives and exploration of new co-operations that could grow into strategic
partnerships with key players in cyber security, locally and internationally.
She currently involves in engagement with multiple stakeholders, to enhance
information security especially amongst Critical National Information
Infrastructure (CNII), cyber safety acculturation and economic development
in cyber security industry. One of the initiatives she champions is Malaysia
Trustmark.
She is a Certified Information Systems Security Professional (CISSP). She is also
a Certified Business Continuity Professional (CBCP) specializing in business
continuity and disaster recovery.

7. Silver Sponsor:
Thales is a global technology leader in the Aerospace, Transportation and Defence & Security markets. In 2013, the company generated revenues of
€14.2 billion with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and
deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with
operations around the world working with customers and local partners.
In the field of Cyber Security, Thales is a world leader in cyber and cryptographic security products, assessment services, audit services, consulting
solutions and specialised Cyber Security operation centres.
Media Partners:
Innovizio [ http://www.innovizio.com/ ] as to become a World Leader in Business Innovation & Smart Solutions. Knowing the unknown, connecting
the dots, defining the new standards for Digital transformation, Digital marketing, leading to future Innovative Business solutions. Mission “A magical
mirror of the new digitized world” Delivering Solutions about Business Innovation | Digital Transformation | Big Data | IoT @Innovizio is the parent
organisation behind the BigdataQ.com | BigDataFreelance.com | BigDataUniversity.eu | TelecomExecutives.nl platforms.
BigDataQ.com, a Global leading BigData Media - News - Events - Strategy- Resources - Solutions platform. BigDataQ.com partners with many
International BigData and Cloud events from Silicon Valley to Singapore, provides Big Data Strategists / Data Scientists delivers Executive Business
Technology Strategy and Enterprise Data, Innovation and Digital Transformation solutions, is advisory to large Companies in Benelux / EMEA regions.
BigdataQ, BigDataFreelance.com and BigdataUnviersity.eu platforms are part of the InnoVizio group
(http://www.innovizio.com/)
Global Banking & Finance Review is one of the world’s leading online Portal covering Global News, Videos, Analysis, Opinion, Reviews and
Interviews from the world of Banking, Finance , Wealth Management, Trading, Business, Technology and much more. Read in over 200 different
countries and ranked below 15,000 globally by Alexa across billions of websites. To find out more, visit us at http://www.globalbankingandfinance.com
Online Media Partner:
The Singapore Business Review provides daily news about the Singaporean business landscape, supplies opinions on happenings in the business
world and allows audiences to have an insight on the views of industry experts.
Our Business Partners