Show News

Subpage Hero

  

11 Oct 2022

Cyber Security World Asia 2022: Enhancing Cyber Resilience with Herbert Smith Freehills' Andrew Moir, Cameron Whittfield, and Peggy Chow

Cyber Security World Asia 2022: Enhancing Cyber Resilience with Herbert Smith Freehills' Andrew Moir, Cameron Whittfield, and Peggy Chow

Herbert Smith Freehills' Andrew Moir, Cameron Whittfield, and Peggy Chow share their thoughts on the rising threat of ransomware and steps to bolster cyber resilience. Get your free ticket to hear more from Andrew, Cameron, and Peggy at Cyber Security World Asia 2022 on 12-13 October.

Q: What do you feel is the biggest cybersecurity challenge facing businesses within the next year? What impacts does this challenge have? And how can we overcome this challenge?

Andrew - The main challenge that we’re seeing at the moment is the evolution of the threat of ransomware. We are seeing threat groups becoming more prevalent and more aggressive. Over the years we’ve seen the threat evolve from pure denial-of-service through data breach, to the threat actors contacting customers and/or the media, and more recently using auto-dialers or sometimes even real phone calls to intimidate victims into paying. 

As more and more companies take a decision not to pay, the threat actors are realising they need to inflict more damage to extract a payment. Many jurisdictions are seeking to overcome this challenge by emphasising as a matter of public policy that companies should not pay ransoms. However, this only goes so far, as most companies’ motivations to pay ransoms are driven by individual circumstances, rather than the collective good.

Q: Do you have your eye on any specific technology or cybersecurity strategy that can help organisations protect themselves from cyberthreats, and why?

Andrew - There is no magic bullet. One interesting, but still emerging, technology is the use of artificial intelligence and machine learning as part of cyber defence. One of the technical challenges that has existed for a long time is assessing what “normal” looks like. How do you tell whether activity is malicious or not? At present, there is always a risk that false positives occur in relation to alerts, or that actual positives are buried in amongst false positives and are ignored or not spotted. New products are emerging that seek to baseline “normal” by continually monitoring and adapting how individual users normally work and behave.

Q: The importance of cybersecurity is being recognised by C-Level staff in recent years, but many cyber leaders still must fight hard to prove the worth of cyber resiliency to board members or executives. What are some of the common frustrations you’ve seen senior executives face?

Cameron - I've seen an element of fatigue around cyber risks in previous years. They were evident though not obvious and certainly not existential.

This has changed materially in recent years, and board sentiment has followed this change. We now see boards that are highly engaged and very keen to ensure they do more than just “comply”.

It still remains difficult for senior executives to focus investment decisions, particularly given the ever-changing threat landscape. I also see, at times, a frustration on both sides when technology investment decisions are considered and made.

The language and terminology used by technology experts can be different from that used by boards – and vice-versa. It is incumbent on us all to bridge this divide to ensure we all understand the risk and make informed, risk based investment decisions.

Q: What would be your biggest piece of advice for fellow technology leaders who are looking to improve their cyber resiliency?

Cameron - We cannot zero-risk this. We are always dealing with risk-based decisions. While we would all love to “gold plate” our technology ecosystems, such a solution is rarely aligned with the actual risk or commercially viable.

We also need to appreciate that vast swathes of our economies are made up of small/medium-sized businesses who must make very careful investment decisions, and cyber is just one of a number of risks - and opportunities - that require their investment focus.

Some very fundamental protections are required – Multi-factor Authentication and Remote Desktop Protocol behind a firewall, for example. However, I think it is appropriate to also look past the important technology resilience and breach response elements to the way we are collecting and holding our data assets.

The best investment can often be relatively simple data collection and retention strategies. We should be limiting our data collection, identifying our most valuable data assets and taking measures to protect them accordingly.

Q: What do you feel is the value of in-person events like Cyber Security World Asia, and why would you encourage fellow business leaders to attend your sessions?

Peggy - In a very fast-moving environment, any gathering of leaders and advisers increases understanding and collaboration. The exchange of ideas that an event such as Cyber Security World Asia can generate is valuable to us all – especially at a time when regulators expect a very high level of proficiency with cyber security from senior management and board members.

Andrew will lead a session on What Organisations Should do to Enhance Their Cyber Resilience.

Cameron will host a keynote on Being In The Room – Effective Crisis Management Techniques when Under Cyber Attack.

Peggy Chow will join a Scenario Discussion titled Organisation-wide Data Hack: Impact of Artificial Intelligence & Its Ethics Could Be Essential to the Cyber Security Field, including experts from ThreatLocker, the IT Standards Committee, and Darktrace.

Secure your free ticket to Cyber Security World Asia at Marina Bay Sands on 12-13 October.

View all Show News
Loading

Sponsors

Diamond Sponsor

  • Threatlocker

 

Platinum Sponsors

  • PacificTech
  • Sophos

Zero Trust VIP Lounge Sponsor

  • beyondtrust

 

Keynote Theatre Sponsor

  • Crowdstrike

 

Theatre Sponsor

  • Microsoft

 

Gold Sponsors

  • Fortinet
  • Barracuda
  • Cloudbric
  • Darktrace
  • Devo

Gold Sponsors

  • Halodata
  • i-sprint
  • Keysight
  • Microsoft
  • Qualys

Silver Sponsors

  • Blackberry
  • Comforte
  • CDNetworks
  • Hackuity
  • Hillstone
  • Horangi
  • logon

Silver Sponsors

  • Flexxon
  • Internet & Idee
  • Illumio
  • Intel741
  • Imperva
  • Thales
  • wiz

Silver Sponsors

  • Carbonite
  • CDNetworks
  • MyRepublic
  • Sangfor
  • Seculetter

Silver Sponsors

  • Ivanti
  • Panorays
  • Mimecast
  • Radware
  • Privasec

 

Silver Sponsors

  • SonicWall
  • Tenable
  • Waterfall Security
  • XM Cyber

 

Silver Sponsors

  • Cysclae
  • Titanium

 

Bronze Sponsors

  • Scantist
  • Toffs Technologies
  • appView
  • Delinia
  • DT Asia
  • Firemon
  • Fortanix

Bronze Sponsors

  • Gatewatcher
  • Cloudnosys
  • Indeed ID
  • PowerDMARC
  • Utimaco
  • Wizlynx

 

Bronze Sponsors

  • Intigriti
  • Thomas Murray
  • Knit Technologies
  • Riskrecon
  • Securosys
  • Telescience
  • UCware

 

Bronze Sponsors

  • nexus
  • socly
  • techfindr
  • atakama

 

Bronze Sponsors

  • Endpoint Cososys
  • Prevalent
  • uSecure
  • Gigamon

 

Bronze Sponsors

  • Apricorn
  • Kanguru

 

Partners

Knowledge Partner

  • BICSI

News Distribution Partner

  • ACN Newswire

Associate Content Partner

  • Uptime Institute

Strategic SEO Partner

  • AdVantage

Strategic Event Partner

  • ISC2
  • Frost & Sullivan

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • ISACA
  • CSCIS
  • La French Tech
  • ASME
  • ERMA

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech
  • CHIME

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India
  • Crest

Media Partners

  • ACN Newswire
  • APAC CIO
  • APSM
  • Asia Blockchain Review
  • Asia Research News

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • CryptoNewsZ
  • ComputerWeekly.com
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO

Official Partner Hotel

  • MBS

Held In

  • SG

Supported By

  • SG

  • Hillstone