Asia Pacific Summit - Cloud Security Alliance

AgendaThe Global Leaderin Audit, Risk, Fraudand Security TrainingDay 108:30 Registration and morning coffee09:00 Chairperson opening speechChairperson: Aloysius CheangManaging Director – APACCloud Security Alliance09:15 KeynoteExamining the emerging trendsin information security• What are the future prospects forthe field of information security?• What is the biggest change fortoday’s CISO• What are the emerging moderninformation security crimes andthreatsJim ReavisExecutive DirectorCloud Security Alliance09:45 Case studyWhat is in every hacker’s toolbag?• Do you know which techniqueshackers use to identify thesystems and services yourcompany is running?• How do hackers determine yourweakest link?• To avoid becoming the nextvictim, it is vital to understandthe hacker’s techniques andmotives10:15 Morning networking break10:45 Panel discussionKeeping up with the everchanginginformation securitylandscapeThe CISO’s role has become moreprominent in recent years as aresult of increased regulatory andindustry requirements and the everchangingthreat landscape.This session will discuss threats,technologies and the regulatoryenvironment changes impactingthe CISO. Further, this sessiondiscusses strategies in making theright investment decisions that yieldthe greatest impact on informationsecurity risk reduction.Moderator: George WangSenior Director, InfrastructureTechnology & Data Centre OperationsNeptune Orient Lines11:30 Sponsor sessionInformation security riskassessment• In which security solution is itworth investing?• Discover how to better protectvaluable data and otherintellectual property to preservecustomer confidence12:00 Sponsor sessionInformation security breaches• What are the lessons learnedfrom high profile breaches?• Discover what preventivemeasures should be taken toavoid breaches and enable quickrecovery12:30 Networking luncheon14:00 Case studyInformation security governance• Highlighting the importanceof a governance framework forinformation security• The characteristics of an effectiveinformation security governanceprogramme• Discussing industry’s bestpractices and steps in theinformation security programmelifecycleAhmed BaigChief Information Security OfficerAbu Dhabi Government14:30 Case studyLegal challenges in aninformation security breach• Understanding the applicable lawin an information security breach• Preservation of evidence forinvestigations and admissibilityin court• Pursuing the perpetrators andlegal liabilities in the event of asecurity breachLionel LeePartnerRajah & Tann15:00 Afternoon networking break15:30 Case studyBalancing risks and rewards of ITconsumerisation• What are the challengesbusinesses face if they adopt oroppose IT consumerisation?• Discussing best practices forcombating the security riskscreated by IT consumerisation• Assessing the major ingredientsfor an effective policies to reduceIT security riskSapan TalwarRegional Chief InformationSecurity Officer – APACAon16:00 Panel discussionThe BYOD dilemma: Discussingthe security challenges BYODpresentsBring-Your-Own-Device, aninnovation that increasesemployees’ mobility andproductivity but also bringshidden security risks to a corporatenetwork. How does mobility impactsecurity architecture?This session will discuss someof the challenges that must beovercome before organisationscan allow secure access to theirsystems. Our CISO panel willdiscuss the steps that they took tomanage the risks and share tips fordeveloping holistic BYOD policiesand guidelines.16:45 Chairperson closing remarks andend of Day 1

Day 208:30 Registration and morning coffee09:00 Chairperson opening speechChairperson: Aloysius CheangManaging Director – APACCloud Security Alliance09:15 KeynoteDeveloping a business-driveninformation security architecture• What are the key componentsof an effective and holisticinformation securityarchitecture?• Reviewing the strengths,weaknesses and commoncharacteristic of variousframeworks• What are the challenges facedin ensuring the architectureremains relevant and useful?Jerry ArcherChief Security Officer, Sallie MaeBoard Director, Cloud Security Alliance09:45 Sponsor sessionIdentity security solutionsDiscovering industry standardsand best practices for identityand access management thatwill help organisations maintainboth productivity and informationsecurity.10:15 Morning networking break11:15 Panel discussionCloud computing: The pain andthe opportunityCloud computing is a hot topic.Is it time to embrace it or to stayaway? What are the challenges andpotential pitfalls faced in cloudadoption?This session will discuss a variety ofcloud services, cloud deployments,performance and economicbenefits of cloud computing.The CISO panel will also examinethe security element of cloudcomputing services and systems aswell as forecasting future cloud risk.Moderator: Paolo MirandaDeputy Director, TechnologySolutions Corporate DevelopmentNational Volunteer andPhilanthropy Centre (NVPC)Panellist: Sapan TalwarRegional Chief InformationSecurity Officer – APACAon12:00 Sponsor sessionStay technologically competitiveand relevant in a global marketplace with cloud computingDiscussing the underlyingtechnology, capabilities, economic,and operational impact of thecloud.12:30 Networking luncheon14:00 Panel discussionSocial media: Is your informationat risk?The widespread use of social mediaby employees is a challenge for theCISO. Organisations actively lookfor ways to exploit social mediafor marketing, recruitment andcustomer relationship purposes.How should CISOs deal with theinevitable growth of social media?This session will discuss thestrategic roadmaps for social mediapolicy and examine best practicesto ensure safe and risk-assessedusage of social media within thebusiness.Panellist: Lionel LeePartnerRajah & Tann14:45 Case studyBusiness continuity and disasterrecovery planning• Discussing the impact of a poorlycontained data breach andmishandled responses• Assessing the key points thatshould be addressed in everybusiness continuity plan• How to you ensure employeesare able to develop capabilitiesto deal with threats?Shrikant RamanVP, Security & VulnerabilityManagement – APACJP Morgan Chase10:45 Case studyInformation security compliance• Examining the major corporaterisk factors for informationsecurity compliance• Reviewing the external laws,regulations and standardsapplicable to informationsecurity• How companies can stay withinthe regulatory confines withoutcompromising profitability?15:15 Afternoon networking break“One of the best conferences I have attended, bringingtogether key industry players willing to discuss openly theissues they face together”CSO, AVIVAWeb: www.mistiasia.com/ciso Email: misasia@misti.com Tel: +852 2520 1481

“Unparalleled opportunityto hear and talk to wellrespectedInformationIndustry leaders”Chief Security Advisor,Microsoft Ltd15:45 Case studyAchieving higher virtualisationefficiencies• Discussing to what extentdoes virtualisation improve theefficiency of IT resources• What are the main securityconcerns in improving yourvirtualised environment?• Virtualisation-based security? Ismoving to virtualisation makingnetwork security easier orharder?Sabyasachi ChakrabartymChief Security Officer – APACBritish Telecom16:15 Panel discussionWhy information security keepsfalling off the budget?• Why information security isalways the last priority?• Who should the informationsecurity burden fall on - the CFOor CISO?• What are the key ingredientsof a solid information securityprogramme that will lower costs,reduce risk and ensure consistentcompliance?In this session, the CISO panelwill discuss budget tips and reliefstrategies to beat the budgetcrunch. They share best practicesin maximizing the informationsecurity budget.17:00 Chairperson closing remarks andend of the SummitAbout the organisers:MIS Training Institute is part of the Euromoney Training group. Foundedin 1978, MIS is the international leader in audit, fraud and securitytraining, with offices in the UK, USA and Asia. MIS’ expertise draws onexperience gained in training more than 200,000 delegates acrossfive continents. MIS presents courses and conferences in the areasof: Internal Audit, Fraud, IT Audit, Risk and Information & CorporateSecurity.The Cloud Security Alliance is a not-for-profitorganization with a mission to promote the use of bestpractices for providing security assurance within CloudComputing, and to provide education on the uses ofCloud Computing to help secure all other forms ofcomputing. The Cloud Security Alliance is led by a broad coalition of industry practitioners,corporations, associations and other key stakeholders. For further information, visit usat www.cloudsecurityalliance.org , and follow us on Twitter@cloudsa.Sponsorship OpportunityCISO Asia Pacific Summit provides an excellent business platform to market your expertiseand services by capturing the interest and influencing the decisions of our highly targetedaudience.CISO Asia Pacific Summit serves as an opportunity for you to:• Develop key industry databases and transform top prospects into new clients• Enhance brand recognition to a highly desirable and targeted audience• Network with forward thinking dynamic high-level executive and managementOur partnership programme is packed with extraordinary value allowing our sponsor toreceive prime exposure among a large group of senior executives to whom this congresswill be marketed.Reinforce and elevate your position as a market leader by contacting Ang Kar Wee, at+852 2111 6613 or email Kang@misti.com to discuss more about this opportunity.“The only IT Security eventI will attend!”Head of InformationSecurity, Baille Grifford*Speakers may be subject to change.© Copyright Euromoney Training 2012

The Global Leaderin Audit, Risk, Fraudand Security TrainingIMPORTANT INFORMATION - YOUR EVENT CODERegister on-line at:www.mistiasia.com/cisoMS5126 - MPlease ensure you enter yourevent code when registeringand you will be entered into ourmonthly prize draw to win £50 ofVisa vouchers.Group booking discountWhen two colleagues from oneinstitution book together on the sameevent, there is a 5% discount on thesecond booking. Further discountsare available for larger groups.This discount cannot be used inconjunction with any other offer.Funding supportThe Monetary Authority of Singapore(MAS) administers grants to financialsector organisations that sponsoreligible participants to trainingprogrammes that meet qualifyingcriteria. For enquiries, please contactthe MAS at (65) 6229-9396 or viaemail at fsdf@mas.gov.sg.Please tick which best describes your company: Accountancy - 0005 Bank or Financial Institution - 0020 Corporation - 01494 easy ways toregister1. Webwww.mistiasia.com2. Emailmisasia@misti.com3. Telephone+852 2520 14814. Facsimile+852 2866 7340 Energy Company - 0193 OtherRegistration form Yes, please register me for:CISO Asia Pacific Summit (MH5126)on 1-2 November 2012, SingaporeDelegate details (all of the following is required to process your registration)SurnameFirst nameMr/Mrs/MsSummit fee:Early-bird rate(Book beforeThursday 4 October 2012)Standard rateSAVE2 day Summit US$1,895 US$1,995US$100SAVEVendor / Advisory rate US$2,195 US$2,295US$100The early-bird discount cannot be used in conjunction with any other discount.All fees are net of withholding, business and local taxes.Delegates registering from Singapore will have to bear the prevailing GSTat the date of invoice.Seat is confirmed only upon receipt of payment.PositionDepartmentPayment details (please tick as appropriate) Cheque Invoice Credit card ## To make this payment by credit card, please call +852 2520 1481.Approving ManagerCompanyAddressPositionI have read and understood the booking terms and conditionsSignatureDateTelephoneEmailHow did you hear about the event?FaxI prefer course updates by email.My email address is .Please fax back to +852 2866 7340 or email your details to courses@euromoneyasia.com.Please include the code that appears on top of the address label above in your email.DisclaimerMIS Training reserves the right to alter anypart of the published programme or faculty.In the event of cancellation by MIS Trainingdue to unforeseen circumstances, MISTraining limits its liabilities to refunding thetuition fee of the event.Fee includes lunch and refreshments.Delegates are responsible for their own flightsand accommodation.An invoice will be sent upon receipt ofregistration form.a division ofEuromoney Institutional InvestorData protectionThe information you provide on this form willbe used by Euromoney Institutional InvestorPLC and its group companies (“we” or “us”)to process your order and/or deliver relevantproducts/services and content. We may alsomonitor your use of our website(s), includinginformation you post and actions you take,to improve our services to you and trackcompliance with our terms of use. Except tothe extent you indicate your objection below,we may also use your data (including dataobtained from monitoring) (a) to keep youinformed of our products and services; (b)occasionally to allow companies outside ourgroup to contact you with details of theirproducts/services; or (c) for our journaliststo contact you for research purposes. Asan international group, we may transferyour data on a global basis for the purposesindicated above, including to countries whichmay not provide the same level of protectionto personal data as within the EuropeanUnion. By submitting your details, you willbe indicating your consent to the use of yourdata as identified above. Further informationon our use of your personal data is set out inour privacy policy, which is available at www.euromoneyplc.com or can be provided to youseparately upon request.If you object to contact as identified above bytelephone , fax , or email , or post ,please tick the relevant box. If you do notwant us to share your information with ourjournalists , or other companies pleasetick the relevant box.Cancellation policyIf any registered delegate cannot attend ourcourse, a replacement is always welcome forthe course. Cancellations must be made inwriting (letter or fax) with MIS Training’sacknowledgement. Written cancellationsmust reach this office 30 days before theprogramme commences. A full refundless an administration charge of US$150will be given. For any written cancellationrequests that reach us less than 30 daysbefore the event, no refunds will be given.However, if you wish to attend another MISTraining course in the Asia-Pacific region,a 75% discount voucher which values notmore than 75% of the initial payment willbe issued. Please note that the subsequentcourse must take place within 6 months ofthe initial registration. Discount vouchers aretransferable within the same organisation, butnot to be used in conjunction with any otherdiscount schemes. Discount vouchers will notbe issued for no-shows without cancellation.MIS Training reserves the right to the finaldecision if any dispute arises.Incorrect mailingPlease accept our apologies for mail whichis incorrectly addressed. Should you wish toamend the address/addressee details, pleasesend or fax us a copy of the relevant mailinglabel (on the envelope or brochure) and wewill update our records accordingly.© Copyright Euromoney Training 2012