CISO FSI Singapore schedule

During this 10-minute networking session, the aim of the game is to go and meet three people you don't already know. Use the questions on the screen to guide your conversation. Have fun!

With the rapidly changing and often turbulent landscape of the digital world, the combination of multiple bad actors has led to a higher complexity of digital risks especially within the financial sector. The amalgamation of 5G high speed connectivity, AI, IOT and quantum computing have exposed new vulnerabilities in the industry, mine rich in two things that influence the way the world turns – money and data.

Join us for a comprehensive deep dive into the digital storm, balancing the agility needed to combat this emerging threat.

• Exploring traditional banking legacy systems and their continuity in the digital landscape of 2025
• Examine the cost-efficiency of replacing legacy systems and its decades established reliability with newer hybrid solutions
• From digital wallets to tokens, explore the potential downstream impacts of innovation in banks and non-financial institutions and the barriers that persist

• Shifting from reactive to proactive offensive tactics by leveraging shared and coordinated efforts amongst CISOs across industries
  
  
• Breaking the silos to foster cross-industry cyber-collaboration
  
  
• Creating community and united front to maintain cybersecurity as a ‘shared responsibility’

Moderator
Jenny Tan Immediate Past President ISACA Singapore Chapter

Panellists
Suresh Sankaran Srinivasan Group Head (Cybersecurity & Data Analytics) Axiata Group

Frankie Shuai APAC CISO Global Asset Management Organization

Henry Ong Senior Manager of Security Engineering – APJ Tenable

• Proactive vs Reactive Security: Which Approach Best Protects Against Vulnerabilities?
  
  
• Beyond Compliance: Policy Driven vs Paper Exercise
  
  
• Security: A Business Accelerator or a Roadblock? Striking the Right Balance for Financial Institutions
  
  
• Turning Awareness into Action: Leveraging Automation for Stronger Cybersecurity

• Posturing agility as the forefront in a time of action for cyber-resiliency
  
  
• Ensuring a seamless incident response for large, medium and small financial enterprises
  
  
• Creating comprehensive guidelines and policies that enhance cyber-maturity to shorten recovery time during heavy attacks

• Looking into regulatory issues in the usage of blockchain applications, including 3^rd party licensing, and safeguarding customer assets
• Exploring potential new applications and protocols in the ecosystem such as tokenisation of real-world assets, stablecoin insurance etc
• Showcasing the tools and measures to mitigate cyber-risk for developers including audits and smart contracts

• Evaluating build, buy, and leverage strategies using a one-way or two-way door approach.
• Embedding secure-by-design principles to strengthen banking infrastructure.
• Implementing shiproom, continuous compliance, and security processes as enablers, not blockers.
• Driving awareness through phishing simulations, rewarding secure behaviours and tracking key effectiveness metrics.
• Ensuring safe integration of cloud identity platforms and Secure GenAI in banking operations.

As financial institutions race to embrace AI and combat increasingly sophisticated cyber threats, there's a critical vulnerability hiding in plain sight: the fragmenting DevSecOps toolchain itself.

This isn't just another tool consolidation story – it's a wake-up call about how the very infrastructure meant to secure our financial systems might be our biggest vulnerability. This session reveals how leading FSIs are transforming their security posture and development velocity by consolidating fragmented toolchains into a unified, AI-powered platform.

Drawing from real-world implementations with some of the largest financial institutions in the world, we'll explore:

• How disconnected security tools and inconsistent entitlement models create hidden vulnerabilities in your delivery pipeline
• Why traditional multi-tool DevSecOps approaches are incompatible with modern AI-driven security requirements
• How platform consolidation enables faster deployments while strengthening their security controls
• Practical strategies for unifying security governance across the entire software delivery lifecycle

• Explore how higher maturity levels in cybersecurity frameworks are influencing underwriting decisions and how insurers and banks can align their risk management strategies to meet market demands
  
  
• Examine how banks assess and mitigate cybersecurity risks through tailored insurance products, balancing coverage and costs
  
  
• Discuss the growing importance of cybersecurity insurance in the banking sector as a key component of risk management strategies

Moderator
Zhou Zhihao Vice President ISC2 Singapore Chapter

Panellist
Kok Yew Toh Vice President Audit and Regulatory Nomura

Andrew Mahoney Head of Financial Institutions, Financial Services & Professions Group - Asia AON

• Prior to starting the AI pilots, how are APAC FSIs conducting detailed threat modelling assignments.
   
• Best practices in LLM code security and establishing a SBOM (Software Bill of Materials) of the LLM packages being deployed.
  
  
• Reviewing cloud landing zone configurations and endpoint security controls to ensure proper monitoring of LLM model installations for malicious activity
  
  
• How APAC BFSI organisations are already automating security and their use of LLMs in agile software development.

• Addressing challenges in digital currencies and cross-border transactions with next-generation technologies.
  
  
• Lead strategies that combat sophisticated threats within banking
  
  
• Discussing the central role of CISOs in shaping an organizational approach and fraud prevention

Moderator
Tobias Klingel Head of Information Security Aspire App

Panellists

Shebani Baweja CISO, Consumer, Private, Wealth & Business Banking Standard Chartered

Dr. Kawin Boonyapredee Chief Strategy Officer – APAC Applied Quantum

Picklu Paul Senior Engineering Leader - Cybersecurity Grab

• Delve into the current hurdles in operational efficiency and how AI and ML can aid cybersecurity in banking, insurance and wealth management
• Broaching the challenges in scaling AI across FSI verticals such as regulatory compliance, data privacy and user experience
• Explore strategies to seamlessly integrate AI into FSI industry workflows

The Financial Services industry is firmly putting enhancing cyber resilience at the heart of regulations and guidelines being rolled out globally. Examples include the MAS Technology and Risk Management Guidelines, EU DORA and Japan FSA Cybersecurity Guidelines. All of these accept the inevitability of cyber-attacks, and prioritise the ability to contain their impact, something that segmentation is essential for. In this session you will:

• Understand why prevention is becoming economically unviable and containment is realistic
• See how a Zero Trust strategy delivers better resilience
• Learn why segmentation is the key capability that makes this possible

• • Explore how AI and machine learning can enhance detection accuracy, reduce false positives, and improve overall efficiency in identifying suspicious transactions
    
    
  • Examining how AI can monitor high-volume, low-value transactions in real time, especially in digital wallets and cryptocurrency platforms
    
    
  • Discovering potential challenges in integrating AI into existing legacy AML and fraud systems within financial institutions

• Prioritising zero-trust security models and continuous monitoring to enhance safety across public cloud environments
  
  
• Challenges associated with 3^rd party cloud providers and preparing strong SLAs (service-level agreements), robust security controls and clear shared responsibility models for risk management
  
  
• Highlighting response strategies for cloud-based disaster recovery
  
  
• Ensuring business continuity in the event of security breaches and data losses within cloud environments

• Explore strategies to address limited budgets, talent shortages, and rising cyber threats in financial services.
  
  
• Practical tips for meeting stringent regulations without overextending resources.
  
  
• Leverage partnerships, affordable tech, and a security-first culture to stay competitive.

• Proactively closing the gap between traditional cyber-training programs and FSI specific needs such as forensic capabilities and threat intelligence
  
  
• Driving hardline initiatives to appeal cybersecurity roles to professionals while training current employees to meet new challenges
  
  
• Dissolving present challenges with new investments in technology and education for organisational and academic transformation.

Moderator

Neha Agarwal Vice President of Technology Audit Citibank 

Panellists
Jannem Yong Senior Vice President, Head of IT Security SBI Digital Markets 

Abbas Kudrati Chief Identity Security Advisor – APAC Silverfort

Anshul Johri Group CTO Validus

• Ensuring emerging technologies align with long-term business outcomes, not short-term fixes.
  
  
• Navigating regulatory pressures while staying agile and competitive in a fast-evolving digital economy.
  
  
• Identifying and prioritising technology investments that deliver lasting value and resilience in a volatile threat landscape.
  
  
• Building a tech strategy that secures buy-in from leadership by connecting cybersecurity, innovation, and business growth.