Despite heightened attention and unprecedented levels of security investment, the number of cyber incidents and their associated costs continues to rise. The concern typically revolves around the growing sophistication of malicious hackers and other adversaries, and whether being secure is even possible in today’s rapidly evolving landscape of cyber attacks. Cybersecurity is a broad and ever evolving discipline – as organisations seek to protect their organisations, it is important to understand how attackers typically achieve their objectives, and the cybersecurity capabilities that any organisation should consider building in order to respond to these threats. In this session, we will discuss the following:
- Anatomy of a cyber attack – introducing the cyber kill chain, and the steps attackers take to achieve their objectives
- Responding to cyber attacks – layered defense and cyber security capabilities, and shift from prevention to detection
- Cybersecurity capabilities – introducing cybersecurity capabilities at a high level, which include cybersecurity management, extended enterprise, application security, infrastructure security, identity and access management, data security and data leakage prevention, threat intelligence, security operations, vulnerability management, incident response and business resilience
Learning Outcome
- Review the anatomy of a cyberattack – introducing the cyber kill chain, and the steps attackers take to achieve their objectives
- Respond to cyberattacks – layered defense and cyber security capabilities, and shift from prevention to detection
- Identify core cybersecurity capabilities
Target Audience
The programme is targeted but not limited to
- Existing Board Directors
- All business decision makers
- Aspiring Board Directors
- Senior management of organisations
- Chief Data Privacy Officers
Virtual Classroom Format | |
Interactive Facilitated Learning |
Speaker
HO SIEW KEI
Executive Director, Risk Advisory – Cyber Risk, Deloitte Malaysia
Ho Siew Kei is an Executive Director within Deloitte’s Risk Advisory practice in Malaysia. He has more than 18 years of experience in risk and controls encompassing IT audit and advisory, and cybersecurity assessments services for clients in various industries, focusing on clients in the banking and insurance industries. Previously, he spent 7 years in the United Kingdom – in an IT Risk & Compliance role for a major financial institution and as a Manager in another big 4 professional services firm based in London. In his current role, Siew Kei manages vulnerability assessment engagements, and cybersecurity maturity and compliance assessments for Malaysian companies, focusing on financial services. His qualifications and professional affiliations include Cybersecurity Audit Certificate, ISACA; Certified Information Systems Auditor (CISA), ISACA; Certified Practising Accountant (CPA), CPA Australia and Certified Information Systems Security Professional (CISSP).
Programme
Time | Agenda |
10.00am | Introduction and Housekeeping |
10.05am | Anatomy of a cyber-attack & cyber kill chain |
10.25am | Responding to cyber attacks |
10.40am | Introducing cybersecurity capabilities |
10.50pm | Summary and Q&A |
11.00am | End of Programme |