• Overview
  • Call For Presentations
  • Program
  • Sponsors
  • Keynotes

Safeguarding Trust

 

Overview 

Join fellow FS-ISAC members from across Asia-Pacific for two full days of learning, collaboration, and networking. 

Summits are our largest events of the year, packed with insightful presentations, workshops, and panels on topics relevant to the security of the global financial services industry. 

Highlights 

Relevance 

The synthesis of cybersecurity and the financial sector distinguishes FS-ISAC Summits from other large industry events. The APAC Summit is specifically designed for cybersecurity professionals in financial institutions.

Content 

Sessions are divided into three tracks – Intelligence, Security, and Resilience – so that you can focus on the most pressing issues in your organization today. 

Connection 

Collaborating with cybersecurity experts from across Asia-Pacific advances your skills and the sector’s security. And by learning from others, you can develop invaluable connections that outlast the Summit. 

Summit Chair

Danny Chan - Director, Regional Security, AP - Mastercard

Danny Chan - Jan 2025Danny is a distinguished, multiple award-winning board member with a global perspective, renowned for his passion, commitment, and decisive leadership. His expertise encompasses information security, cyber and physical security, data protection, and the orchestration of large-scale, complex international operations. Danny’s background is enriched by a diverse array of experiences in both civilian and military contexts, particularly under challenging conditions.

Following a distinguished tenure as a Captain in the Singapore Special Forces, Danny transitioned to the private sector, where he honed his skills in developing, advising, and training law enforcement and military tactical units worldwide with Britam Defense. His career trajectory then led him to Olive Group, where he provided security solutions to Fortune 500 companies, governments, and NGOs across four continents in some of the most demanding environments.

As Director of Global Risk Assessments at Worldaware International Inc., Danny delivered operational intelligence and enterprise risk management solutions to an impressive roster of Fortune 2000 companies. His insights and expertise have made him a sought-after spokesperson, regularly featured on major news networks such as Channel News Asia and The Straits Times.

In his role as Regional Director of Global Safety and Security, Risk Management at Marriott International Inc., Danny handled numerous crises, ranging from man-made incidents like terrorist attacks to natural disasters such as earthquakes, as well as major events like the Olympic Games and data breaches. During his decade-long service, Danny helped develop a world-renowned crisis management program and became a leading voice for security in the hospitality industry.

In 2019, Danny became a Senior Consultant for Security Monitoring and Response in Asia Pacific, the Middle East, and Africa for Mastercard International Inc., where he led the company's efforts through the pandemic and beyond before transitioning into his current role as Regional Chief Security Officer for Asia Pacific. In this role, he is responsible for information, cyber, and physical security, as well as data protection for Mastercard in Asia Pacific. Danny has been very active in coordinating security between the private sector and the government and volunteers as a mentor for YoPros (Young Professionals), where he mentors young professionals.

Danny currently sits on the Global Boards of ASIS International, Harvard Business Review, the US-ASEAN Business Council’s Cybersecurity Subcommittee, and the Counter Terrorism Certification Board. He is also the Vice Chair of FS-ISAC’s Asia-Pacific Strategy Committee.

Outside of his professional endeavors, Danny dedicates time to the community as an Associate Mediator with the Singapore Mediation Centre & Small Claims Tribunals and spearheads the micro-social initiative “Making a Difference.”

Event details 

Theme: Safeguarding Trust

Date: 15-16 July, 2025

Location: Singapore 

Exercise

Participating in exercises increases resilience. Take part in our in-person Tabletop exercise, "SaaS Third Party Outage," on 14 July. This exercise is hosted in conjunction with the 2025 APAC Summit, but registration is separate. Find out more about the exercise here.

Register Now

View Sponsorship Opportunities

 


 

Call for Presentations

 

The theme for 2025 APAC Summit is Safeguarding Trust.

The call for presentations has closed., Notifications will be sent out on 5 May 2025

 

There are no third-party sponsors for this event. FS-ISAC completely runs the CAPS exercises.

 

Day 1 Keynote: Edward Chen, Deputy Chief Executive (National Cyber Resilience), Cyber Security Agency of Singapore

Edward chen headshot - croppedBrigadier General (BG) Edward Chen assumed the appointment of Deputy Chief Executive (National Cyber Resilience) in the Cyber Security Agency of Singapore on 3 Feb 2025.

BG Edward was commissioned as a Signal Officer in 2000. In his 25 years of military service, he has held several command appointments, including Commander Cyber Defence Group and subsequently Commander SAF C4 Command / Cybersecurity Taskforce. He has also held a number of key staff appointments, such as Director (International) in the MINDEF Defence Policy Office and as Assistant Chief of the General Staff (Intelligence) in the Army. Most recently, he served as the Defence Cyber Chief in the newly formed Digital and Intelligence Service.

As a SAF Overseas Scholarship holder, BG Edward has four engineering and management degrees from Cornell University, Stanford University and the Australia National University. BG Edward also attended military training in the United States and attended military staff college in Australia.

BG Edward is passionate about youth development and believes strongly in paying it forward. He volunteers as a board member of the Institute of Technical Education (ITE) and of the Singapore Chinese High School. He is also on the Industry Advisory Committee of the NUS School of Computing. He also serves as the Vice-President of the Singapore Computer Society – the largest and oldest IT society in Singapore. 

Day 2 Keynote: Isabelle Theisen, Group CISO, Nomura

Isabelle HeadshotIsabelle Theisen has worked as a Chief Information Security Officer (CISO) for over twenty-five years. Her global CISO career started at American Express where she provided security leadership to a global team of security professionals and multiple security service providers across Europe, South America, and Asia-Pac. Since then, Isabelle has assumed the role of CISO or CSO for various organizations in multiple verticals such as Western Alliance Bank, Caesars Entertainment, First American/First Advantage, Warner Bros., and Universal Studios. Over the past seven years, Isabelle has worked in the global financial industry as a CISO for Société Générale, Deutsche Bank, and Credit Suisse/UBS.

In addition to being a CISO, Isabelle has had entrepreneurial experience working for her own consulting company. In this entrepreneurial position, Isabelle assumed multiple hats, creating security marketing materials, developing budgets and staffing requirements, holding public lectures, and identifying new business opportunities.

Isabelle began her Information Technology and Information Security career with Ernst & Young in Los Angeles and moved into international venues in Paris and Sydney. As a Global Senior Manager with practice management responsibilities Isabelle led the development of the new Information Security Service line for Ernst & Young internationally.

Isabelle has a Master of Science in Business Administration (MSBA) with a major in Information Technology and Financial Management from California State Polytechnic University. Her undergraduate studies were spent in France and the U.S. where she earned a B.A. in Anglo-Saxon Literature and a B.A. in Mass Media Communications/Film Studies.

Isabelle is active in the Information Security arena and was nominated “CSO of the Year” including receiving an award for the Innovative Security Training Program at several organizations. She was also a recipient of the “CIO of the Year & Innovations in Technology” award by the Phoenix Business Journal and the Arizona Technology Council.

  1. July 15 Tuesday
  2. 8:00 - 6:00 PM

    Registration

  3. 8:00 - 9:00 PM

    Breakfast

  4. 9:00 - 9:15 AM

    Opening Remarks

  5. 9:15 - 10:00 AM

    Keynote
    Edward Chen, Cyber Security Agency of Singapore General Session

  6. 10:15 - 10:45 AM

    AI Cyber Resilience: Transforming Security Operations in FSI
    Shira Sagiv, Radware Platinum

    Event Toggle Arrow
    As attackers use AI maliciously, financial institutions must harness AI to stay ahead. Financial services must adopt automated, real-time management of the application lifecycle. This session discusses AI?s role in boosting SOC efficiency and incident res
  7. 10:45 - 11:15 AM

    AM Networking Break Sponsored by CSC Digital

  8. 11:15 - 12:00 PM

    A CISO Leadership View of Major Security Topics
    Danny Chan, Mastercard; PB Ong, BlackRock; Travis Hoyt, Bank of America; Adam Palmer, First Hawaiian Bank Resilience

    Event Toggle Arrow
    Two CISO (large bank & mid-size bank) will discuss various security topics. Discussion will focus on strategy and leadership level views of major security issues. The format of the session will be conversational and there will be time for audience questi
  9. 11:15 - 12:00 PM

    AI: Managing the Risk to Find the Benefits
    Robert Shein, Nomura International Security

    Event Toggle Arrow
    This presentation will identify, categorize, and discuss various forms of risk from adoption of AI solutions from external vendors, and describe methods to address them.
  10. 11:15 - 12:00 PM

    A Holistic Approach to Navigating the Threat Landscape
    Alice McCracken, Australia and New Zealand Banking Group Intel

    Event Toggle Arrow
    Hear Alice's journey building a strategic threat intel capability that redefines CTI for the modern enterprise. Shift from isolated threats to understanding how the broader threat environment evolves & anticipating first, second, and third-order risks
  11. 12:00 - 1:00 PM

    Lunch

  12. 1:00 - 1:45 PM

    Actionable Threat Intelligence:
    Bisakha Chakraborty, Wells Fargo Intel

    Event Toggle Arrow
    There is a vast amount of information that is available to intelligence analysts from open source, subscriptions, dark web, peer connects. Threat Intelligence analysts must ingest what truly matters to their organization. The presentation will highlight t
  13. 1:00 - 1:45 PM

    Expanding Perspectives for a Stronger Cyber Industry
    Laura Lees, Citi; Nera Schwartz, Bank of America Resilience

    Event Toggle Arrow
    Bringing together varied backgrounds and experiences strengthens cybersecurity by improving problem-solving, collaboration, and risk mitigation. exploring how fostering representation and valuing different viewpoints can drive innovation, address talent g
  14. 1:00 - 1:45 PM

    The Quantum Countdown Has Begun: Building AI-Powered FinServ Security

    Event Toggle Arrow
    As AI-driven threats evolve, financial institutions must modernize security with Zero Trust, AI-powered fraud detection, and quantum-resilient defenses. This session explores how FinServ leaders can future-proof cybersecurity, enhance compliance, and buil
  15. 2:00 - 2:45 PM

    Beyond the Perimeter: Proactive Cyber Risk Monitoring
    Hongyu Li, SOMPO Holdings Security

    Event Toggle Arrow
    Financial institutions must extend cyber defense beyond traditional perimeters. This session showcases a unique in-house Proactive Cyber Monitoring for financial sector, integrating real-time recon, threat monitoring, and pentesting. Learn how proactive d
  16. 2:00 - 2:45 PM

    Influencing the Board to Support your Cyber Program
    Robert Veres, Colonial First State Resilience

    Event Toggle Arrow
    Planning to present to the board or want to sharpen your message? You are not alone. Phoram (CISO of International Markets at Paypal) and Robert (CISO of Colonial First State) will share a candid exchange of 5 highly impactful techniques that helped them
  17. 2:00 - 2:45 PM

    Modernizing the SOC: A Strategic Framework for FIs
    Sebastiaan Wahlers, Accenture; Sanjeev Shukla, Accenture Intel

    Event Toggle Arrow
    As technology expands and threats evolve, SOCs must shift from traditional monitoring to an integrated, intelligence-driven framework. This session discusses enhancing SOC capabilities through proactive detection, rapid response, and embedded threat intel
  18. 2:45 - 3:15 PM

    PM Networking Break Sponsored by ConcentricAI

  19. 3:15 - 4:00 PM

    Protecting Your Leaders, Your Business and Your Reputation
    Louise Squires, Chubb Limited Resilience

    Event Toggle Arrow
    Governance Emerging regulatory landscape Resilience Roadmap Awareness & Approvals
  20. 3:15 - 4:00 PM

    From Days to Hours: Digital Forensic Automation Transforming
    Elaine Hung, Qube Research & Technologies Security

    Event Toggle Arrow
    Trading environments face unique cybersecurity challenges where speed is critical. Traditional forensic investigations are slow and disruptive. This talk explores how automation and AI accelerate incident response, reducing investigation times from days t
  21. 3:15 - 4:00 PM

    MITRE ATT&CK-Based Threat Prioritization
    Pranabh Bahukhandi, Goldman Sachs Intel

    Event Toggle Arrow
    Financial institutions struggle to prioritize TTPs amid overwhelming threat intelligence. This session presents a MITRE ATT&CK-based framework, using a risk-scoring model on real cyber incidents, adversary trends, and security controls. A case study highl
  22. 4:15 - 5:15 PM

    Cyber Threat Intelligence and Threat Hunting War Stories
    Will Thomas, Team Cymru Silver Solutions Showcase

    Event Toggle Arrow
    This talk explores the intersection of Cyber Threat Intelligence (CTI) and Threat Hunting through real-world war stories. From tracking Initial Access Brokers to uncovering cryptomining botnets, malicious browser extensions, and red team surprises, we'll
  23. 4:15 - 5:15 PM

    API Playground: Test Cutting-Edge Data Security Solutions
    Gurunath Gadikota, Protegrity Silver Solutions Showcase

    Event Toggle Arrow
    The Protegrity API Playground lets you test Protegrity's data protection features using synthetic data. It includes Vaultless Tokenization for secure, analyzable data and de-identification for analytics and AI. Register for a demo to explore data-centric
  24. 4:15 - 5:15 PM

    Hidden Dangers of File-Based Attacks in FinSvcs Silver Solutions Showcase

    Event Toggle Arrow
    OPSWAT's MetaDefender secures financial institutions from file-borne threats with Multiscanning, Deep CDR, and DLP. It replaces risky manual processes with automated, scalable solutions, ensuring safe file transfers, regulatory compliance, and reduced mal
  25. 4:15 - 5:15 PM

    Four Hours Later: How to Survive In-The-Wild Exploitation
    Benjamin Harris, watchTowr Silver Solutions Showcase

    Event Toggle Arrow
    Cyber attackers aren't waiting. What used to be a window of weeks or months for vulnerability exploitation has now shrunk to hours. This demo session will reframe how we approach vulnerability management, moving from tickboxes to taking an attackers minds
  26. 5:15 - 6:15 PM

    Reception

  27. July 16 Wednesday
  28. 8:00 - 5:00 PM

    Registration

  29. 8:00 - 9:00 AM

    Breakfast

  30. 9:00 - 9:15 AM

    Opening Remarks

  31. 9:15 - 10:00 AM

    Imagine a Cyber Secure World: Utopian Dream or Dystopian
    Isabelle Theisen, Nomura International General Session

    Event Toggle Arrow
    Keynote Speaker Imagine a Cyber Secure World: Utopian Dream or Dystopian Reality?
  32. 10:00 - 10:45 AM

    Women in Cyber Reception

  33. 10:00 - 10:45 AM

    AM Networking Break Sponsored by ConcentricAI

  34. 10:45 - 11:30 AM

    Decoding the Threat Landscape: Strategic CTI Analyst's Chat
    Abdallah Alomari, Bank of America; Arnel Tolentino, Bank of America Intel

    Event Toggle Arrow
    Strategic Cyber Threat Intelligence goes beyond indicators of compromise and technical feeds. It's about connecting dots across global events, geopolitical tensions, and cyber threat landscapes to protect businesses. This walks you through a day in their shoes
  35. 10:45 - 11:30 AM

    Architecting Robust Data Loss Prevention Systems
    Ravi Hariprasada Rao, OCBC Security

    Event Toggle Arrow
    Traditional rule-based data loss monitoring systems are hard to operate due to complex configurations. By adding information classification labels, we can streamline monitoring, improve alert accuracy, and enhance decision-making, boosting responsiveness
  36. 10:45 - 11:30 AM

    Risk Trends in Financial Institutions Across APAC
    Celestine Jahren, Censys Resilience

    Event Toggle Arrow
    We will present findings from a new study of financial institutions in Taiwan, Singapore, Japan, and Australia. In particular, we'll show common trends in exposed services, misconfigurations, and 3rd-party suppliers. This session provides actionable insig
  37. 11:45 - 12:30 PM

    The AI Roadmap for Cyber Defenders
    Sheryl Zeng, TD Bank; Ian Tan, TD Bank Intel

    Event Toggle Arrow
    AI is reshaping cybersecurity, driving both nation-state cyber attacks and defensive innovations. We'll cover key AI-driven cyber threats and attack trends; before diving into AI's role in cyber defense, from threat detection to process automation. We'll
  38. 11:45 - 12:30 PM

    The Big 5 (risks of Cyber Security)
    Paul Atkins, Queensland Sugar Limited Resilience

    Event Toggle Arrow
    With the continually evolving Cyber Security Landscape and managing IT risk register, it is evident that whilst we have a long list of IT risks, there are around 5 BIG risks that impact cyber security. This presentation will review those with examples
  39. 11:45 - 12:30 PM

    Mechanics Behind New Reverse-Proxy Phishing Attacks
    Frank Teruel, Arkose Labs Security

    Event Toggle Arrow
    New Phishing-as-a-Service platforms like Veiled Marble & V3B have democratized sophisticated MFA compromise attacks, allowing rookie attackers to intercept authentication in real-time. This session will reveal how these turnkey solutions are specifically
  40. 12:30 - 1:30 PM

    Lunch

  41. 1:30 - 2:15 PM

    The Evolving Threat Landscape: Cloud Security Trends 2025
    Anup Sinha, Aon PLC Security

    Event Toggle Arrow
    The 2025 cloud threat landscape demands advanced security strategies as AI-driven threats rise. Key trends include zero-trust adoption, CSPM advancements, secure data sharing, and compliance automation. Proactive threat hunting and DevSecOps are essential
  42. 1:30 - 2:15 PM

    Unconventional Tactics for Third-Party Due Diligence
    James Healy, Stake Resilience

    Event Toggle Arrow
    Confronting vendor sprawl? Rapid adoption of new AI and SaaS vendors creating an explosion of 3rd and 4th-party risk? Traditional due diligence, like SOC2, ISO27001 and questionnaires inadequate? This session presents unconventional, actionable tactics an
  43. 1:30 - 2:15 PM

    MEMBERS ONLY: You Can't HN/DL the Truth: Harvest Now/Decrypt Later Threats
    John Kingman, JPMorgan Chase Intel

    Event Toggle Arrow
    ?HN/DL? was coined describe quantum decryption and a data acquisition strategy threat actors may undertake to enumerate encrypted data for later decryption. We expand to a practical review to encompass all forms of harvest and decrypt, assessed against t
  44. 2:15 - 2:45 PM

    PM Networking Break Sponsored by ConcentricAI

  45. 2:45 - 3:30 PM

    MEMBERS ONLY: Threat Hunt: Exposing a PhaaS Actorvia Chinese OSINT Intel

    Event Toggle Arrow
    In this session, Strawberry Donut will reveal how an PhaaS (Phishing-as-a-Service) actor was identified, provide an in-depth analysis of the PhaaS phishing kits employed, and demonstrate how the actor's identity was uncovered through Chinese-language OSIN
  46. 2:45 - 3:30 PM

    AI Security Practice
    Reid Zhou, Morgan Stanley; Jaguar Xiong, Morgan Stanley Resilience

    Event Toggle Arrow
    Secure GenAI in finance: encrypt data, audit for bias, monitor threats, comply with regulators, and implement ethical frameworks. Mitigate breaches, model exploits, and regulatory risks while ensuring transparency and accountability.
  47. 2:45 - 3:30 PM

    Building Cryptographic Agility in the FS Sector
    Mike Silverman, FS-ISAC Security

    Event Toggle Arrow
    The cryptography that we rely on is vulnerable to changing threats and advances in technology, notably quantum computing. The sector needs to be able to change algorithms and architectures more efficiently than it does now in response to emerging risks ->
  48. 3:45 - 4:30 PM

    MEMBERS ONLY: Disrupting a Ransomware Group 3.0 Intel

  49. 3:45 - 4:30 PM

    Threat Informed Adversary Emulation - An ATT&CK Guide
    Crys Tan, Citi Resilience

    Event Toggle Arrow
    This presentation shares a framework of running adversary emulation engagements to extract maximum value to the organization.
  50. 3:45 - 4:30 PM

    Challenges of Quantum Safe Initiatives of Japanese Financial
    Osamu Terai, Mizuho Financial Group Security

    Event Toggle Arrow
    In this presentation, I will share the efforts and challenges of Japanese financial institutions to promote Quantum Safe migration, and emphasize the importance of promoting Quantum Safe with global collaboration.
  51. 4:45 - 5:45 PM

    Creating Preemptive Threat Intelligence with Silent Push
    Maulik Limbachiya, Silent Push Silver Solutions Showcase

    Event Toggle Arrow
    Marketed as a tool for automatically creating sites that can be approved for ads on Google, MSFT and FB, TrafficGate creates "shell" websites used by Russian criminal groups, like XXX, IVAN and FIN7 to serve visitors redirects to new malicious domains wit
  52. 4:45 - 5:45 PM

    Be the IT Changemaker Who Locked Down Lateral Movement
    Albert Estevez, Zero Networks; Aaron Steinke, La Trobe Financial Silver Solutions Showcase

    Event Toggle Arrow
    Explore how La Trobe Financial is blocking lateral movement and thwarting ransomware with automated microsegmentation. This case study highlights their "set-it-and-forget-it" strategy, isolating critical assets and enhancing cybersecurity resilience witho
  53. 4:45 - 5:45 PM

    Mobile Application Protection Made Easy
    Krishna Vishnubhotla, Zimperium Silver Solutions Showcase

    Event Toggle Arrow
    For our product demo we are going to demonstrate how an app behaves differently when exposed to certain threats, how we can protect data and users and how the solution integrates with existing soc workflows.
  54. 5:45 - 6:30 PM

    Reception

  55. 6:30 - 8:00 PM

    Signature Event