Days

Hours

Minutes

Seconds

20th February 2025

08:30 - 18:00

Kuala Lumpur, Malaysia

Overview

Tailoring cybersecurity strategies to your evolving business needs

Malaysia’s cybersecurity landscape is changing with the implementation of Act 854, which marks a crucial moment for the region’s cybersecurity IT and data security executives.

As the quantity and complexity of cyber-attacks grows, strong cybersecurity measures become increasingly important.

CISO Malaysia 2025 unites Malaysia’s visionaries, leaders and experts in cybersecurity, providing a unique platform to delve into the trends that will shape the future of cybersecurity in the country and beyond.

Come join the discussion and see how your business can benefit from everything this event has to offer.

Join the conversation on #CISOSYD

Event Agenda

Time

Session Details

08:30

Registration and breakfast

08:50

Welcoming Remarks from Corinium

Eleen Meleng – Content Director, CISO Malaysia – Corinium

08:55

Chair’s Opening Remarks

09:00

Speed Networking – Making new connections at CISO Malaysia!

During this 10-minute networking session, the aim of the game is to go and meet three people you don’t already know. Use the questions on the screen to guide your conversation. Have fun!

09:05

International/Ministry Keynote
Government and Industry Partnering Up to Strengthen National Cyber Resilience

Exploring the development of collaborative frameworks that bring together government agencies and private industry players to enhance national cybersecurity
Discussing how governments and industries can work together to ensure that regulations are both comprehensive and flexible enough to address the dynamic nature of cyber threats, while also encouraging innovation and growth in the digital economy.
Examining how partnerships between government and industry can facilitate capacity building through training programs, resource sharing, and the development of cybersecurity skills.

09:30

Developing a Secure Future: Managing and Scaling a Modern Developer Security Program

Focusing on the critical aspects of building and enhancing a modern developer security program.
Implementating security practices tailored to the unique challenges of software development
Discussing the different methods for assessing vulnerabilities based on their potential impact and likelihood of exploitation

09:55

CISO Panel
Navigating the Cyberstorm: Strategies for CISOs to Overcome Key Challenges in 2025

Adapting to evolving threat landscape – exploring different strategies and risk assessment framework for CISO
Building a strong cybersecurity culture within an organisation by engaging employees through training and open communication
Aligning cybersecurity initiatives with broader business objectives – risk management, budget, and cross-department collaboration

10:25

Designing A Robust and Future-Oriented Digital Security Strategy Framework

Identifying critical asset and its vulnerability through assessment and utilising threat modelling techniques to anticipate potential attack vectors
Adopting a zero-trust architecture and emphasising the importance of continuous authentication and real-time monitoring
Embracing emerging technologies for enhanced security – AI and ML, blockchain, security automation

10:50

Coffee and connect

11:20

Panel discussion
Building a Secure-by-Design Architecture: Integrating Security from the Ground Up

Understanding how integrating security from the start can reduce risks, improve resilience, and save costs
Tailoring security architectures to fit the unique needs of the business, industry, and risk profile
Addressing the challenges to implement secure-by-design architecture – investment justification, organizational silos, and aligning security

11:50

Preparing CISO Talent For Tomorrow (Not Just Today)

What are the current challenges around preparing future cybersecurity talent for an ever-changing future?
Exploring initiatives to close the talent gap: Can AI support the current talent shortage?
Anticipating the right skills: What skills should a successful future team possess?

12:15

Building Digital Trust in the Era of Quantum Computing and AI: Navigating the New Cyber Risks

Suresh Sankaran Srinivasan – Group Head – Cyber Security & Privacy – Axiata

12:40

Non-Tech Meets Tech – Taking the Cyber Risk Seriously Across the Board

Aligning the different perspectives between tech and non-tech leaders to establish common goals
Fostering a growth-focused relationship with the board
Presentation is key: What makes a good board presentation and how do you drive board-supported cybersecurity initiatives?

13:05

Lunch and networking

Track A: AI in Cyber

14:05

AI-Driven Security Operations: Enhancing Efficiency and Countering AI-Powered Threats

Exploring how AI is transforming traditional security operations by automating repetitive and time-consuming tasks,
Examining how cybercriminals are increasingly using AI to automate and scale their attacks
Leveraging AI in defensive strategies – latest advancements in AI-based threat intelligence and anomaly detection

14:30

Fireside Chat
Governance and AI in Malaysia: Navigating the Intersection of Innovation and Regulation

Integratingf ESG Principles into Cybersecurity Strategy – exploring the evolving landscape ESG principles intersect with cybersecurity risk management
Discussing how organizations can integrate ESG considerations into their cybersecurity strategies, aligning security practices with broader corporate responsibility
Exploring the potential benefits, such as enhanced brand reputation and stakeholder trust, and examining the challenges and opportunities in this integration

14:55

Strengthening Authentication and Safeguarding Access in the Age of Advanced Threats

Exploring how AI is being used to enhance authentication processes – MFA systems, biometric, and continuous authentication methods
Understanding the critical role AI plays in monitoring and analysing user behaviour to detect anomalies
Addressing the growing threat of AI-driven attacks on IAM systems, including the potential for AI to exploit biometric vulnerabilities or manipulate identity verification processes

15:20

AI-Driven Cybersecurity: Strengthening Defenses Against Evolving Threats

Integrating security early in the development process enhances agility without compromising on data protection
Examining the vulnerabilities AI applications may introduce and explore strategies to embed security measures throughout the AI development lifecycle
Optimising value stream management for end-to-end AI development process while aligning development and security

15:45

Offensive Strategies and Defensive Countermeasures against the Rise of AI-Augmented Phishing Attacks

Exploring how cybercriminals are leveraging AI to enhance the effectiveness of phishing attacks
Delving into the countermeasures that organizations can implement to defend against AI-augmented phishing attacks
Discussing the importance of integrating AI-driven tools with employee training programs to create a multi-layered defence against phishing attacks

Track B: Incident Response

14:05

Incident Response Tabletop Exercises and Simulations

Exploring how AI is transforming traditional security operations by automating repetitive and time-consuming tasks,
Examining how cybercriminals are increasingly using AI to automate and scale their attacks
Leveraging AI in defensive strategies – latest advancements in AI-based threat intelligence and anomaly detection

14:30

Your Guide to Responding to Cyber Incident

Nantha Kumar Krishnan – Head of Information Technology Operation – APMEA – Kerry

Exploring some of the security tools to mitigate the risk in digitalisation
Understanding how technology can create security loophole
Addressing some of the challenges in implementing preventative care and putting in place a business continuity plan

14:55

Automating Incident Response

Exploring how automation and orchestration can streamline and optimise incident response processes
Discussing the tools and techniques for automating tasks like alert triage, threat hunting, and incident containment
Demonstrating the benefits of incident response automation in reducing response times and improving overall effectiveness

15:20

AI-Driven Cybersecurity: Strengthening Defenses Against Evolving Threats

Exploring the factors that make cyberwar seemingly inevitable and discussing the urgency for robust defence mechanism
Drawing parallels between the need for automation in cyber defence today and the significance of the production line
Reflecting on the historical intertwining of technology, markets, and war, and how this connection persists in 2024

15:45

Threat Intelligence and Proactive Incident Response

Emphasising the value of leveraging threat intelligence to proactively identify and mitigate potential incidents.
Collecting, analysing, and applying threat data to enhance an organisation’s security posture and incident response capabilities.
Showcasing real-world examples of how threat intelligence has helped organisations detect and respond to threats more effectively

Track C: Security Architecture

14:05

Building a Resilient Security Architecture: Best Practices for Designing Robust Defenses

Discussing how to create a security architecture that evolves with the latest threats
Exploring the importance of security layers, segmentation, and zero-trust models
Highlighting real-world case studies from enterprises that have implemented highly resilient security architectures

14:30

Fortifying Cybersecurity in Government Agencies in the Digital Age

Akmal Nizam Abdul Halim – Director, Head of IT Management Department – Armed Forces Fund Board (LTAT)

Exploring how government agencies can design and implement a security-first architecture tailored to the needs of the organisation
Discussing the importance of continuous monitoring, threat intelligence, and proactive defense strategies, such as penetration testing and red teaming, to counter APTs
Examining how government agencies can ensure their cybersecurity practices align with regulatory standards, while also integrating those into broader defense strategies

14:55

The Role of AI and Automation in Modern Security Architecture

Explore how AI and automation can enhance security architecture by improving threat detection, response times, and vulnerability management.
Discuss the potential for AI to identify patterns that traditional methods may miss.
Showcase successful AI implementations in security architecture frameworks.

15:20

Fireside Chat
Zero Trust Architecture in a Hybrid Cloud World: A Blueprint for Security

Dive into the principles of Zero Trust and how they can be applied to a hybrid cloud environment.
Examine how to implement Zero Trust for seamless security across on-premises, cloud, and multi-cloud ecosystems.
Discuss challenges and best practices for securing dynamic cloud workloads while ensuring user access control and data protection.

15:15

Cloud-Native Security Architecture: Designing for Scalability and Compliance

Discussing how cloud-native security architecture can enable scalable defenses, adapting quickly to evolving threats.
Embedding security into DevOps processes and adopting the ‘shift-left’ approach in cloud application development.
Exploring the role of security automation, compliance monitoring, and Infrastructure-as-Code (IaC) in cloud-native environments.

16:10

Teh Tarik & Networking

16:40

Fireside Chat
The API Security Imperative: Protecting the Lifeblood of Modern Enterprises

As APIs become the backbone of digital transformation, they also introduce new vulnerabilities that can be exploited by attackers, leading to severe financial, reputational, and regulatory consequences
Exploring the critical importance of API security in today’s interconnected world, the common challenges organisations face, and why securing APIs should be a top priority
Discovering how proactive API security strategies can safeguard your enterprise and ensure long-term success in the digital age

17:05

Aligning Modern Technology with Security and Business Objectives

Exploring how we can integrate modern technologies into business
Planning for security with minimal disruption
Driving change and building a cybersecurity driven culture cross-department in an organisation

17:30

Fireside Chat
What Modern Cybersecurity Strategies Will Help Tackle the New Cyber Battleground?

Modern strategies in cybersecurity: How can we manage new threats that are emerging?
Risk and threat management in 2024, how has this changed and what has stayed the same?
How can we anticipate changes that 2025 will bring?

17:55

Chair’s Closing Remarks

18:00

Cheers with peers: Mocktails and mingle