2022 AGENDA

8:50 - 9:00

OPENING REMARKS
Indonesian Cybersecurity Landscape

Dr. Edit Prima, M.Kom.

Deputy on Duty of Cyber Security and Cryptography for Economy
BSSN

09:00 - 09:15

Cybersecurity and Resilience: Strengthening Critical Information Infrastructure

Intan Rahayu, S.Si., M.T.

Director of Cyber Security and Cryptography for Industrial Sector
BSSN

9:15 - 9:30

Cybersecurity and its Critical Role in Securing eGovernment Infrastructure

• Creating a strong outline of shared responsibility between private and public sector to safeguard critical infrastructure
• Continued collaboration between key agencies and departments to aid in cyber resilience
• Implementing proactive monitoring measures to minimize loss and ensure continuous productivity

Bambang Dwi Anggono

Directorate of Government Informatics Applications Services
Ministry of Communication and Information Technology (MCIT), Indonesia

9:30 - 9:50

Securing Cloud In The Digital First Era

• Cloud and Microservices architecture is the backbone of any organization’s Digital App Architecture. Built in the cloud and for the cloud, cloud-native applications are driving digital transformation and creating new opportunities to increase efficiency.
• Taking a cloud-native approach brings both speed and scalability — attributes its proponents can all agree on, even if they can’t agree on what the term “cloud-native” actually means. For CrowdStrike, cloud-native technologies are purpose-built for the cloud and leverage its unique capabilities as part of their architecture. The growth of serverless functions, microservices and containers by developers has introduced new security risks that have to be accounted for. In this session, we will learn how CrowdStrike’s cloud-native security platform helps organizations to secure their digital infrastructure and apps.

Sanket Bhasin

Senior Product Manager
CrowdStrike

9:50 - 10:10

What is your Strategy for a Proactive Threat Prevention?

As CISOs face increasing regular and sophisticated threats, many are looking to move from reactive to a Prevention-first Strategy via EPP, EDR, MDR and Managed XDR.

Calvin Ho

Country Manager
BlackBerry

10:10 - 10:50

PANEL DISCUSSION
Cyber Secure Cloud: Advancing Towards Cloud with Confidence

• Ensuring cloud security and discussing various services at risk (IaaS, PaaS, SaaS)
• With the numerous advantages of cloud adoption, is there a compromise with the strength of data protection?
• Focus on security, governance, and compliance issues due to increasing sophisticated cyber threats

MODERATOR
Don Tan

Head of Asia Pacific & Japan
Lookout

Wildan Aliviyarda

VP, Head - Public Cloud & Security Solution
Indosat Ooredoo Hutchison

Yohannes Glen

VP - IT Security
PT Indodax Nasional Indonesia

Farly Halim

Regional CISO
Sodexo BRS

Pandu Poluan

Head of Information Security, Digital Transformation Office
Ministry of Health

11:20 - 11:40

My SaaSy Identity: Identity Security for Everywhere, in the Cloud

• Learn about trends in the explosion of identities in use by organizations and the operational and security risks that come with it
• Understand the various types and users of Identity
• Discover what steps you can take to protect identities, regardless of being on-prem or in the cloud, using a modern Identity Security Solution

Josiah Winston

Senior Solutions Engineer, ASEAN
CyberArk

11:40 - 12:00

Managing the Risk of Ransomware in the Supply Chain

• Cyber threats like ransomware are becoming more persistent and presenting new challenges to an organization’s supply chain. How can you understand where these threats are coming from and stop them in their tracks?
• Join Mandeep as she dives into the current state of supply chain risk using exclusive data that correlates cyber security posture to ransomware attacks. Takeaway the best practices for identifying where ransomware attacks are coming from and how to keep your business safe from threats.

Mandeep Sedha

Director of Cyber Product Management
Mastercard

12:00 - 12:20

Cybersecurity and its Challenges in the Healthcare Sector

• Addressing the digital complexities in the healthcare sector
• Understanding the nature of data and the prime need to secure it from theft
• Focus on digital hygiene and prioritizing cyber threat prevention practices

Pandu Poluan

Head of Information Security, Digital Transformation Office
Ministry of Health

12:20 - 12:40

Revealing the Fog of Cyberwar: Complementing Zero Trust with Expanded Visibility

• A review and reflection of LogRhythm’s own Zero Trust journey
• How to gain more security visibility using a SIEM platform?
• How to automate detecting anomaly user activity using a UEBA solution?

Leonardo Hutabarat

Enterprise Sales Engineering Manager, APAC
LogRhythm

12:40 - 13:00

SOC Modernization & Securing the cloud

• Ensuring cloud security and discussing various services at risk (IaaS, PaaS, SaaS)
• With the numerous advantages of cloud adoption, is there a compromise with the strength of data protection?
• Focus on security, governance, and compliance issues due to increasing sophisticated cyber threats

Deric Karunesudas

Security Regional Sales Manager
Splunk

14:00 - 14:40

PANEL DISCUSSION
Privileged Access Management: Elevating the Power of Access Control in an IT Environment

• Controlling the damage arising from internal and external malfeasance
• Addressing the risks and challenges – Lack of visibility and awareness of privileged users
• Finding the line between over-provisioning and under-provisioning of privileges

MODERATOR
Kevin Pang

Solutions Engineer and Evangelist
BeyondTrust

Yogesh Madaan

Head - Information & Cyber Security
Bukalapak

Albertus Adrian

Head of Security GRC
Tokopedia

Jurgen Visser

Head of Cyber Threat Intelligence (CTI)
GoTo

Catur Bayu Setyawan

Head of Department Security Architecture
PT Pegadaian

14:40 - 15:00

Cybersecurity Resiliency Against Cyber Crime Syndicate

• Understanding Cyber ​​Syndicate Attack Pattern
• Creating a proactive defense mechanism align with Threat Actor TTP
• Infuse Effective Cyber ​​Risk Management to combat Cyber ​​Crime Syndicate

Raditio Ghifiardi

VP, Head - Information Security & Compliance
PT Smartfren Telecom

15:00 - 15:20

Redefining the Security Culture in Indonesia for a Safe & Secure Digitalisation

• Challenges in building a sustainable security culture in Indonesia
• Aligning organizational determinants and individual determinants of culture to manifest a cyber secure conscious behavior
• Identify and prioritize objectives for building a national culture of cybersecurity

Deni Kurniawan

VP - ICT Security Management
PT Telekomunikasi Selular

15:20 - 15:40

Promoting Cyber Incident Response in the New Threat Landscape

• Updating the new threat landscape and understanding the response to the new vulnerabilities
• Building trust and communication as a foundation of Incident Response Capability
• Understanding more about key success factors in CSIRT

Rudi Lumanto

Chairman
CSIRT.ID

9:00 - 9:15

Securing the Future of Indonesia’s Digital Infrastructure

• Adopting and adapting to modern structures and regulations to a have an enhanced visibility
• Enabling a digital identity ecosystem to foster the national economy
• Establishing cybersecurity policy and multi-agency collaboration framework to enhance cyber resilience

Deddy Kartika Utama

Head of Information Security
Ministry of Home Affairs

9:15 - 9:35

Safeguarding the Data On-Prem and in Cloud

• Data Security on-premises – Key Considerations
• Data Security in the cloud – Hybrid/Multi Cloud
• How does this affect your cloud strategy?

Melvin Koh

Head of Sales Engineering, ASEAN
Thales CPL

9:35 - 09:50

Addressing the Rise in Need to Secure Online Privacy – Strengthening the Internet Security Blanket

• With the ever-growing penetration of mobile users, how to ensure comprehensive security?
• Enacting strict guidelines and policies to maximize online privacy
• What are the challenges of a connected environment with the continued evolution of cyberspace?

Dr Pratama Persadha

Chairman
CISSReC (Communication & Information System Security Research Center)

09:50 - 10:10

Exodus of Endpoints : Risk to Resilience

• Organizations cannot thrive today if their key assets lack round-the-clock security.
• Lacklustre cybersecurity measures not only inhibit business growth but can also lead to companies losing their customer trust.

Romanus Prabhu Raymond

Director of Product Support & Security Evangelist
ManageEngine, a division of Zoho Corp

10:10 - 10:50

PANEL DISCUSSION
Identity and Access Management: Enabling a Controlled User Access to Critical Information in an Organisation

• Aligning resource access in a distributed dynamic environment with industry’s transition from firewalls to zero trust models
• Ensuring a centralized directory service with enhanced oversight and visibility to orchestrate accessibility
• Retiring from manual legacy identity infrastructure and moving towards automating and modernizing the IT to scale up efficiently and effectively

MODERATOR
Kenneth Devan

Asia Sales Director
Okta

Ratih Sudirham

Senior Solutions Engineer
Okta

Obrina Candra Briliyant

Head - Cybersecurity Program
National Cyber and Crypto Polytechnic, BSSN

Purnama Sulfa

VP, Head - Security Services Department
PT Bank Mandiri (Persero) Tbk

Hans Iandy

Head of Compliance & Information Security
Sinarmas Land

11:20 - 11:40

Cyber Exposure Management Across the Modern Attack Surface

The modern attack surface has changed dramatically over the last decade. It’s grown not only in sheer volume of assets, but also in the variety of assets that have become exposure risks. In addition, the assets that make up your attack surface are more interconnected than ever before, so an exposure in one area can quickly become a breach in a critical part of the business.

In this session, we will discuss

• Uncovering cyber risks across the highly dynamic and ever-changing modern attack surface including cloud, containers, custom web apps, IoT and OT
• How organisations can extend visibility and reduce risk across the modern attack surface
• How security professionals can communicate and manage cyber exposure risk to make better decisions at all levels

Target serangan pada era modern sekarang ini telah berubah secara dramatis dalam satu dekade terakhir. Perubahan ini bukan hanya dari sisi perkembangan banyaknya aset yang menjadi resiko eksposur tetapi juga dari macam-macam jenis asetnya. Selain itu, aset Anda yang menjadi target serangan, berintegrasi lebih banyak dibanding sebelumnya, sehingga eksposur di satu area dapat dengan cepat menjadi resiko serangan di bagian penting bisnis Anda.

Pada sesi ini, kita akan membahas:

• Resiko siber di berbagai target serangan modern yang sangat dinamis dan selalu berubah, yang antara lain pada cloud, container, aplikasi web modern, IoT, dan OT
• Bagaimana sebuah organisasi dapat memperluas visibilitas dan mengurangi resiko di berbagai target serangan modern
• Bagaimana team security di organisasi Anda dapat berkomunikasi lebih baik ke top management dan dapat mengelola resiko siber untuk membuat keputusan yang lebih baik

Rio Sibuea

Security Consultant, Indonesia
Tenable

11:40 - 12:00

Full Stack Security Suite for your Hybrid Environment

• Early detection and remediation of cyber threats
• Mitigation around potential cyber threats
• Removal of blind spots in the organisational environment to enhance cyber resiliency

Ts. Mohd Fadhly Mohd Hassim

Senior Security Engineer – Malaysia and Indonesia
SentinelOne

Baskoro Setyo Utomo

Sales Engineer
Horangi Cyber Security

12:00 - 12:20

Designing 5G Security as the Backbone of Smart Cities in Indonesia

• Understanding the attack surface and associated vulnerabilities
• Design of 5G security framework and compliance for Indonesian ecosystem
• Discussing solutions with maximum simplicity and minimized risk

Obrina Candra Briliyant

Head - Cybersecurity Program
National Crypto and Cyber Polytechnic, BSSN

12:20 - 12:40

Talking to the Enemy - The Necessary Evil of Engaging with Cyber Criminals

In the midst of a ransomware attack, business leaders and ICT teams are forced to contemplate some truly difficult questions:

• Should we engage with the threat actor?
• How do we assess the credibility of extortion demands?
• Under what circumstances would we consider actually paying a ransom?
• Can you even trust a cyber-criminal?

Nick Klein

Executive Director / Digital Forensics & Incident Response (DFIR)
SANS Institute

12:40 - 13:00

Owning Your Cybersecurity Mid-Game Strategy

• Conventional approach for ransomware focuses on preventing initial access and relying on backup recovery—but it hasn’t slowed the extortion menace.
• Prevention is an uphill battle for defenders: attackers only need to succeed once. And restoring data doesn’t negate downtime or the consequences of a data breach.
• Defenders need a much broader window to catch and stop ransomware before the damage is done and take necessary actions that can alert your team to the intrusion – command and control communications, data staging and lateral movement

Chris Thomas

APJ Senior Security Advisor
ExtraHop

13:00 - 13:10

Open-XDR as Next Generation SOC Platform to Combat Cyber Crime

• Why cyber breaches keep happening despite millions of dollars investment?
• Future proofing your SOC initiatives
• How Open-XDR as Next Generation SOC Platform can be key to mitigate Cyber Crime Attacks?

Rendy Darmawidjaja

Senior Technical Advisor
Alfa Siber Teknologi

14:00 - 14:40

PANEL DISCUSSION
Ransomware Rush - The Rise in Need to Detect and Disrupt the Malware

• Addressing the vulnerabilities in the system that allow the attackers penetrate successfully
• How to use deception-based model to identify the earliest attack stage?
• Ensuring the use of standard practices to wipe ransomware and reimage the system

MODERATOR
Yogesh Madaan

Head - Information & Cyber Security
Bukalapak

Indra S Adillah

Head of ICT
PT Indonesia AirAsia

Jurgen Visser

Head of Cyber Threat Intelligence (CTI)
GoTo

Teguh Febrianto

Head of Information Security
PT Bank Tabungan Negara (Persero) Tbk

Edwin Purwandesi

Head of Digital Infrastructure & Security
Telkom Indonesia

14:40 - 15:00

Cyber-Hygiene and Data Compliance – Tackling the Known Unknowns

• How to employ a sound cyber hygiene routine with the varying risks of vulnerabilities?
• How to ensure the protection of sensitive data from unauthorized usage? Is data compliance the key solution in managing the data throughout its lifecycle?
• Powering an organization with various data protection strategies to overcome the compliance regulation challenges

Krisnanto Padra

Head of Information Security
Bluebird Group