5 SEPTEMBER  2018 | 9.00 AM 5.00 PM | 6 SEPTEMBER  2018 | 9.00 AM 12.30 PM


Increased complexities in banking regulations and the emergence of new financial technologies have brought about fresh challenges in addressing the risks associated with banks.

It has become imperative, with the rapidly evolving nature of cyberthreats, that financial institutions need to work harder than just focussing on strengthening their cybersecurity efforts to keep financial systems and their ecosystems safe. There is a strong global push by regulators, governments and leading security organisations to adopt a more holistic approach to addressing cyberthreats by building stronger cyber resilience — the new gold security standard — to mitigate the risk of cyberattacks.

This event will provide insight into the latest issues and trends in cybersecurity, cyberattacks and how financial organisations can become cyber resilient by adopting various strategic approaches, which include business planning, information security, organisational governance, assessment of digital systems and more.

DAY 1 — Wednesday, 5 September 2018
0800 0900 Registration & Refreshments
0900 0905 Welcome Remarks by Chief Executive, Asian Institute of Chartered Bankers
0905  0930 Keynote Address: Future Forward — Building a Cyber Resilient Banking Industry

  • Abu Hassan Alshari Yahaya, Assistant Governor, Bank Negara Malaysia
0930 1100 Plenary Session 1: Emerging Cybersecurity Trends and Cyberthreats —  What’s Coming Next?
This panel will provide key insights on global cybersecurity trends and cyberthreats in today’s rapidly-changing technology-dependent environment. The discussion will centre on successful attacks and the investigation and remediation methods, and highlight the opportunities and challenges of adopting new and emerging technologies such as blockchain, artificial intelligence (AI), cloud computing and big data to further enhance cybersecurity preparedness.

• Gerry Chng, Partner, ASEAN Cyber Security Leader, EY, Singapore

• Dr Dzaharudin Mansor, National Technology Officer, Microsoft Malaysia
• James Allman-Talbot, Global Head of Incident Response, BAE Systems Applied Intelligence, UK
• Kevin Lau, Head of International Risk Management, Ant Financial, China
• Rob McMillan, Research Director, Gartner, Australia

1100 1115 Coffee Break and Networking Session
1115 1200 AICB & PwC Cyber Resilience Survey presentation

  • Tan Cheng Yeong, Partner, Digital Trust & Security Leader, PwC Malaysia
1200 1330 Networking Lunch
1330 1445 Plenary Session 2A: Raising the Bar on Cyber Resilience in the Financial Industry — A Global Perspective
This session will focus on global regulatory developments, best practices and international standards of cyber risk management, including:

  • The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) — Identify, Detect, Protect, Respond and Recover, and
  • Strategic approaches to developing cyber defence capabilities in managing cyberattacks.

• Jimmy Sng, Partner, Cybersecurity, PwC Singapore

• Gregory Sim, Executive Director and Regional Head, Information and Cyber Security, Standard Chartered Bank, Singapore
• Robert Poh, Director, Asia, Financial Services Information Sharing and Analysis Center (FS-ISAC), Singapore
• Thomas Beretti, Member of Secretariat, Basel Committee on Banking Supervision, Bank for International Settlements, Switzerland

 1445 1500 Coffee Break and Networking Session
1500 1615 Plenary Session 2B: Raising the Bar on Cyber Resilience in the Financial Industry — The Asia-Pacific Perspective
This session will discuss:

  • The overview of the APAC cybersecurity ecosystem
  • What regulators expect of financial institutions in cyber risks
  • The governance framework
  • The infrastructure resiliency requirements, including data centre tier standards, and
  • Enhanced information security.

• Kok Tin Gan, Partner, Cyber Security & Privacy, PwC Hong Kong

• Budsakorn Teerapunyachai, Director, Information System Examination Department, Bank of Thailand
• Pardiyono, Senior Analyst, Indonesia Financial Services Authority
• Lim Tong Lee, Deputy Director, Technology Risk Supervision Division, Monetary Authority of Singapore
• Zainal Abidin Maarif, Technology Risk Specialist, Bank Negara Malaysia

1615 1700 Spotlight Session on Ethical Hacking

  • Joseph Fisher, Head of Security Testing, BAE Systems Applied Intelligence, UK


DAY 2 — Thursday, 6 September 2018
0800 0900 Registration & Refreshments
0900 0930 Keynote Address 2: The New Era of Security — Man and Machine

  • Mary Jo Schrade, Assistant General Counsel, Regional Director, Microsoft Digital Crimes Unit Asia, Microsoft, Singapore
0930  1045 Plenary Session 3: Sailing the Cyber Sea: Challenges and Way Forward in Cyber Risk Management
This session will focus on the evolving issues, challenges and solutions of cyber risk, including:

  • Balancing: Vulnerabilities vs cyber risk management technologies
  • Building talent capacity and capability
  • Cyber risk intelligence sharing (platform) and protection
  • The complexities of the cyberthreat landscape.

• Megat Mohammad Faisal, Partner, Executive Director, Risk Advisory, Deloitte, Malaysia

• Albert Lim Lip Khen, Chief Information Officer, HSBC Bank, Malaysia
• Jason Yuen, Partner, Advisory, EY, Malaysia
• Mohamed Anwer Mohamed Yusoff, Head of Cyber Security Industry Engagement & Collaboration, CyberSecurity Malaysia

1045  1100 Coffee Break and Networking Session
1100 1130 Spotlight Session on Strengthening Collaboration to Sustain Cyber Resilience

  • Brian Hansen, Intelligence Officer for Asia Pacific, Financial Services Information Sharing and Analysis Center (FS-ISAC), Singapore
1130 1230 Demo Session on Brand Monitoring and Compromise Management Tools

  • Jayce Yeo, APAC Regional Sales Director, Digital Brand Services, CSC, Singapore
  • Mirza Asrar Baig, Chief Executive Officer & Founder, CTM360, Bahrain
  • Lee Trinh , Programme Manager, MarkMonitor, Singapore
  • Wo Swee Teck, Vice President – Regional Sales, SecureMetric Technology, Malaysia
1230 1330 Networking Lunch
1330 End of Event

*Please note that the event agenda is subject to change.



Abu Hassan Alshari Yahaya

Assistant Governor, Bank Negara Malaysia


Assistant Governor, Mr Abu Hassan is in charge of several key functions of Bank Negara Malaysia (BNM) including the Bank’s Regional Offices and Centralised Shared Services. He is a member of the Bank’s Strategic Management Committee.

Mr Abu Hassan is also a member of the Board of Directors of the Cooperative Commission and the Credit Counselling and Debt Management Agency of Malaysia.

Mr Abu Hassan graduated with Economics degree from Monash University, Australia and started his career with BNM in 1987 in the supervisory and regulatory roles. He also served as Director of Strategic Communications of the Bank for nine years and Secretary to the Bank’s Board of Directors for six years.

Albert Lim Lip Khen

Chief Information Officer, HSBC Bank, Malaysia


Albert Lim is the Chief Information Officer (CIO) of HSBC Bank Malaysia Berhad. As the CIO of HSBC Bank Malaysia Berhad, Albert oversees the full spectrum of technology and is responsible for systems development, technology infrastructure as well as technology support. Albert has more than 15 years of experience in the banking industry across the Asia-Pacific region. His technology experience includes implementation of major initiatives ranging from digital transformation, multi-channel delivery, internet, mobile and web capabilities to large-scale core systems replacements.

Brian Hansen

Intelligence Officer for Asia-Pacific, Financial Services Information Sharing and Analysis Center (FS-ISAC), Singapore


Brian Hansen serves as the Intelligence Officer for Asia-Pacific on the Public Private Partnerships Team of the Financial Services Information Sharing and Analysis Center (FS-ISAC). He leads FS-ISAC’s awareness on and expertise in the latest threat intelligence impacting the financial security industry in Asia-Pacific through coordination with internal and external affiliates, government organisations and law enforcement on threat and resilience issues.

Prior to his time at FS-ISAC, Brian worked for the Pharmaceutical Security Institute as the Senior Intelligence Analyst directly coordinating production of intelligence analysis on criminal involvement with global counterfeit pharmaceutical networks, including cyber-based networks. He served in the U.S. Department of Defense in intelligence and foreign affairs roles of increasing responsibility for 26 years, culminating as the principal intelligence officer for the Deputy Assistant Secretary of Defense with responsibility for Taiwan, China, North and South Korea, Japan and Mongolia. Brian received his Master of Arts degree in Global Affairs from George Mason University, focusing on global conflict and security. He is fluent in Mandarin, Portuguese and Spanish.

Budsakorn Teerapunyachai

Director, Information System Examination Department, Bank of Thailand


Ms Budsakorn Teerapunyachai is the Director of Information System Examination Department, Supervision Group, Bank of Thailand. She joined the Bank of Thailand since 1997.

She has extensive experience of more than 18 years in bank risk supervision. She is currently responsible for supervising the IT risk and cyber resilience of financial institutions (FIs), including commercial banks, specialised financial institutions, and e-Payment service providers. She plays an important role in developing the IT Risk Management and Cyber Resilience Frameworks for FIs as well as building cybersecurity collaborations in financial sectors, which is an important part of Thailand’s National Cybersecurity. She is also a speaker in many seminars and conferences on IT Risk Management and Cyber Resilience.

She holds a Master of Science degree in Financial Risk Management from ICMA Center, University of Reading; an MBA from Wayne State University, and a Bachelor of Science degree in Accountancy from Thammasat University.

Dr Dzaharudin Mansor

National Technology Officer, Microsoft Malaysia


Dr Dzaharudin Mansor (Dr Dzahar) is the National Technology Officer (NTO) for Microsoft Malaysia. As the NTO, Dr Dzahar drives engagement with key national technology stakeholders, which include academics, policy makers & advisors, and interest groups with the intention to build trust while contributing to national development.

Dr Dzahar joined Microsoft in 2005 and has more than 31 years of professional experience in ICT and telecommunications. He started his career as a lecturer in the Department of Computer Science, La Trobe University, and moved on to become an R&D engineer at Telecom Australia Research Laboratories in Melbourne. Upon returning to Malaysia, he joined Celcom as a R&D manager, and left the company as the Vice President for R&D, Intelligent Network and IT divisions. He subsequently worked at HP in Singapore and other technology companies in R&D, operations, business, as well as leadership positions.

He also presently holds, and has held, several associate positions including Adjunct Professor at IIUM, Councillor at PIKOM and Academic Advisor at several public and private universities. In 2010, he had the honour of leading the Business Services Economic Transformation Program (ETP) Labs, which is one of the key initiatives by the Malaysian Government to transform Malaysia into a developed nation by 2020. He is a senior member of the IEEE.

Dr Dzahar received a First-Class Honours Degree in Computer Systems Engineering from Monash University, Australia in 1985, and was subsequently awarded Australian University Graduate scholarships to complete his PhD in Computer Science at La Trobe University, Australia in 1988. He is passionate about technology and aspires to contribute towards the nation’s socio-economic progress.

Gerry Chng

Partner, ASEAN Cyber Security Leader, EY, Singapore


Gerry Chng is a Partner in Ernst & Young’s Advisory practice. He is the ASEAN Cyber Security Leader, working with Partners in the region and managing a team of over 80 security professionals in Singapore. With 20 years of Information Security experience, he has been heavily involved in providing advisory services to clients to help them better manage their information security initiatives, ranging from governance, policies and operations, risk management, and assessing the security of the technology environment.

Gerry is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems Control (CRISC) and is frequently invited to speak at major conferences and events. He established the Advanced Security Centre in Singapore to assist global clients in Asia with application security assessments. The Singapore hub is part of the global network of ASCs including New York, Houston, and London. He is also the Lead Architect for numerous RSA Archer GRC implementation projects that help clients create a risk-aware culture through proper technology enablement of risk-related processes. Gerry is a Member of the Audit Committee for the National Volunteer and Philanthropy Centre providing guidance and oversight on IT-related matters. He has a Bachelor of Engineering degree from Nanyang Technological University of Singapore.

Gregory Sim

Executive Director and Regional Head, Information and Cyber Security, Standard Chartered Bank, Singapore


Gregory Sim is Executive Director and Regional Head of Information and Cyber Security for Standard Chartered Bank covering ASEAN and the South Asian region. Prior to that, he spent 22 years of his career in the financial services sector and was most recently the Head of Information Security for the Singapore Exchange (SGX), while his former employers include Merrill Lynch, Citigroup and CLSA.

Outside his formal appointment, Gregory is active in numerous industry-level steering committees in Singapore and abroad. He was a co-founder of the World Federation of Exchanges (WFE) Global Exchange Consortium, which was commissioned in New York to combat systemic cyber abuse in financial exchanges globally. As a recognised industry veteran, he has spoken in various international conferences, roundtable forums and panel discussions on cybersecurity. Most notably, he was invited to speak about cyber risk at the United Nations’ RIAS annual meeting in September 2017, in which he called for heightened intergovernmental cooperation in countering cybercrime.

He was recently invited to present on cyber resiliency during the ASEAN Finance Ministers and Central Bank Governors meeting in April 2018. Gregory is also the Chairman of Association of Banks in Singapore (ABS) Standing Committee on Cyber Security (SCCS), and a Subject Matter Lead for ASEAN Bankers Association’s Committee for Cooperation for Finance, Investment and Trade (COFIT).

James Allman-Talbot

Global Head of Cyber Incident Response, BAE Systems Applied Intelligence, UK


James Allman-Talbot is the Global Head of Cyber Incident Response at BAE Systems Applied Intelligence. For the past 9 years James has investigated cybercrime in both law enforcement and private sector environments, including 5 years examining digital evidence in criminal cases with the Metropolitan Police Service in London.

James leads the incident response team at BAE Systems, where he and his team respond to complex nation-state cyberattacks affecting governments and large, multi-national commercial entities. He holds a Master’s degree in Information Security from Royal Holloway, University of London, and has been referenced in books published on the topic of digital forensics.

Jason Yuen

Partner, Advisory, EY, Malaysia


Jason Yuen is a Partner at Ernst & Young Advisory Services Sdn Bhd focusing on Risk, Information Security, Privacy and Business Continuity. He has over 18 years of experience serving clients in various industries including financial services, oil & gas, energy, telecommunications, manufacturing, healthcare and the public sector.

Prior to joining EY, Jason was the Industry Advisor in the National CyberSecurity Agency under MOSTI. Jason has also held roles including as Country General Manager at a leading regional Managed Security Service Provider, National Security Leader at Microsoft (Malaysia) as well as being Director at another professional services firm.

Jason is a regular speaker in Information Security, Audit and Controls and has spoken at various events including the BankTech Asia, IIA Corporate Fraud Conference, International and Regional IIA Conferences, San Diego Secure e-City Conference, DRI International BCM Conference, Singapore TACS Conference, PIKOM Leadership Summit, Hacker Halted and the 3rd MSC Malaysia R&D Series & IP Connect.

Jayce Yeo

APAC Regional Sales Director, Digital Brand Services, CSC, Singapore


Jayce Yeo is the APAC regional director of CSC® based in Singapore. Since 2007, Jayce spearheaded the APAC corporate account management team in the Oceania, and has continued its regional expansion. Today, CSC Asia’s presence is represented by its established footprint in Australia, Greater China and Singapore. Jayce is instrumental in consulting corporations in protecting digital assets across key channels and is adept at engaging stakeholders from cross-functional disciplines such as legal, security, IT, and marketing.

Jimmy Sng

Partner, Cybersecurity, PwC Singapore


Jimmy Sng is a partner within the Digital Trust practice in Singapore, focusing on cybersecurity and technology risk. He previously led the cybersecurity consulting practice for Southeast Asia. Jimmy focuses on cybersecurity, technology risk management, identity access management, threat intelligence and security solutions. Jimmy is active in the development of cybersecurity communities. He has previously served on the Board of Directors for ISACA (2005–2007) and was an executive committee member for AISP (2008–2016).

Among Jimmy’s notable experience includes being the lead cybersecurity investigator for a notable bank breach in Singapore and working with the MAS and CID to help them understand causes of the breach; leading the cybersecurity programme for one of the largest banks in Singapore from 2011 to date; handling security governance and testing of the Bank’s full portfolio of network and application assets; and leading security strategy and framework development for several bank groups and payment gateways in Singapore and in Southeast Asia.

Joseph Fisher

Head of Security Testing, BAE Systems Applied Intelligence, UK


Joseph Fisher is Head of Security Testing at BAE Systems Applied Intelligence, and is responsible for the global delivery and maintaining penetration testing and security labs services. He builds new customer relationships by providing technical account management support, including presales and guidance, and delivers and develops a range of technical security testing services, including Goal Based Testing, Red Teaming, Infrastructure Penetration Testing, Web Application Security Testing, Technical Security Auditing and Wireless Penetration Testing.

Joseph has a background in the IT industry stretching back to 1987, with experience supporting and providing technical support in a number of different areas including:
Checkpoint / ISS-IBM / Sourcefire / F5 and other various products
Windows application snapping
Windows server and desktop administration
AIX and Solaris administration
Network administration
IBM and ICL mainframes.

Kevin Lau

Head of International Risk Management, Ant Financial, China


Kevin is the Head of International Risk Management for Ant Financial (Alipay). He is a payment industry veteran with 16 years of broad payment risk management experience; namely risk innovations, risk policies, fraud analytics, data security, brand protection and risk solutions. Before joining Alipay, Kevin was the lead for UnionPay International Risk and prior to that, he was the Vice President for Visa Risk Services.

Kok Tin Gan

Partner, Cyber Security & Privacy, PwC Hong Kong


Kok Tin is a Partner in PwC’s Cyber Security & Privacy practice with over 14 years of experience. He is also the founder of PwC’s Darklab and is currently the Vice Chairman of ITSMf HK Chapter. Kok Tin’s key areas of expertise and experience include cybersecurity strategy, framework, IT governance, IT security framework, application and data security, IT risk, security management, security / technology architecture and ethical hacking.

Kok Tin is extremely well-versed with a number of security technology solutions (such as identity, data loss prevention, firewall, security analytics, etc.), attack / cybercrime scenarios, payment security, and security assessment framework (such as PCI-DSS, PA-DSS, ISO 27001:2005/2013, CoBIT, OWASP, OWASP Mobile etc.), relevant technology regulatory guidelines (e.g. HKMA, SFC, MAS, AMCM’s guidelines and other guidelines in the Asia-Pacific region), using both automated and manual penetration testing techniques, source code security review tools, and risk management procedures pertaining to security assessment. Kok Tin has led > 300 small-to-large-sized security assessments / transformation engagements and worked across different continents, including, Asia, America, Europe and Africa. Kok Tin is a TED talk speaker and he also founded a company during the early days of his career.

Lee Trinh

Programme Manager, MarkMonitor, Singapore


With over 10 years in the Brand Protection industry, Lee Trinh has collaborated with over hundreds of different corporate clients in developing strategy and implementing technology in infringement protection.

Having been with MarkMonitor for nearly 7 years, Lee has successfully launched over 40 different client programmes identifying and removing over hundreds of thousands of infringing content across the Internet.

Today, Lee works closely with both the MarkMonitor Product Management and Client Service & Operations team globally to refine and develop a service better meeting the needs of the clients in the Asia-Pacific region.

Lim Tong Lee

Deputy Director, Technology Risk Supervision Division, Monetary Authority of Singapore


Lim Tong Lee is a Deputy Director with the Technology Risk Supervision Division in the Monetary Authority of Singapore (MAS). He leads the cyber and policy teams within the Division to oversee MAS’ IT supervisory policies and methodologies, shape the cyber security strategy and drive critical information infrastructure protection initiatives for the financial sector. As part of his work, Tong Lee is also involved in overseeing projects and initiatives on cyber-related collaboration with other overseas financial regulators, government agencies, and the financial industry in Singapore.

Prior to MAS, Tong Lee has held stints with the Defence Science and Technology Agency (DSTA) and the Institute for Infocomm Research (I2R) in Singapore. He has over 13 years of professional experience in information security, cybersecurity and IT risk management, and holds a Master’s and a Bachelor’s degree with first class honours in computer engineering, as well as several professional qualifications (CISA, CISM, CISSP, CEH, GCIH).

Mary Jo Schrade

Assistant General Counsel, Regional Director, Microsoft Digital Crimes Unit Asia, Microsoft, Singapore


Mary Jo Schrade is an Assistant General Counsel at Microsoft Operations Pte Ltd. She is the Regional Director of Microsoft’s Digital Crimes Unit (DCU) Asia and is based at Microsoft’s Cyber Security Center in Singapore. She oversees the initiatives, programmes and strategies related to Microsoft Asia’s efforts to prevent or disrupt organised cybercrime, piracy and online tech support scams through public–private partnerships, coordinating enforcement, and conducting outreach relating to Microsoft’s digital trust commitments to its customers. Prior to joining Microsoft in 2000, Ms Schrade was a litigation attorney at Holland & Knight LLP in Atlanta, Georgia.

Megat Mohammad Faisal

Partner, Executive Director, Risk Advisory, Deloitte, Malaysia


Megat Mohammad Faisal is a Partner/Executive Director at Deloitte’s Risk Advisory practice and leads the Cyber Risk Services. He has over 16 years of experience in providing cybersecurity, internal audit, IT audit, IT security, operational & business process assessment and advisory services. In addition, He also specialises in IT project advisory and governance. He managed numerous projects for clients in the financial services and government-linked companies. He has provided various services to clients in various industries, including banking and insurance, oil & gas, telecommunication, services and manufacturing industries.

Megat holds a Bachelor of Commerce in Accounting degree from the University of Queensland. He is also an Approva Certified Professional (ACP) for Governance, Risk & Compliance. He passed the BCLE 2000 Qualifying Exam and is trained on the RSA Archer GRC Platform and IBM OpenPages GRC Platform.

Mirza Asrar Baig

Chief Executive Officer & Founder, CTM360, Bahrain


Mirza Asrar Baig is a serial entrepreneur and visionary business-builder who is the founder and CEO of CTM360, a Cyber Threat Management company (Bahrain), and IT Matrix, an Information Security company (Saudi Arabia).

He is a Computer Science graduate from King Fahd University of Petroleum and Minerals (KFUPM – Dhahran, Saudi Arabia). With a passion for GCC-based research and innovation, he has been serving the Information Security / Cybersecurity requirements of the GCC Financial Sector for over 20 years. During this time, he has also contributed to the region via numerous speaking events, providing insight on current and emerging threats specific to GCC-based organisations.

In 2006, Mirza initiated the PCI compliance programme for the Saudi Financial sector that eventually resulted with every acquirer in Saudi being PCI-certified by end of 2011. Furthermore, with his vision of a Cyber Threat Management centre in GCC, he has initiated multiple R&D initiatives and regional collaboration efforts that have resulted in a spin-off, CTM360, based in Bahrain.

His team developed a very comprehensive Cyber Threat Management System that currently services 25 of the top 50 GCC banks. CTM360 manages in excess of 30,000 unique cyber incidents. In addition to banks, CTM360 also caters to 3 of the largest Oil & Gas/petrochemical producers, 2 Skytrax #1-rated “Five Star” Airlines, 2 of the region’s largest sovereign wealth funds, leading healthcare clinics, retailers and conglomerates.

Mohamed Anwer Mohamed Yusoff

Head, Cyber Security Industry Engagement & Collaboration, CyberSecurity Malaysia


Mohamed Anwer graduated with a degree in Bachelor of Science in Aeronautical Engineering from Embry-Riddle Aeronautical University, Daytona Beach, Florida and did postgraduate studies at Universiti Teknologi Malaysia in the area of artificial intelligence in aircraft design. He has more than 20 years of extensive experience in the Malaysian ICT industry, and his skill-sets encompass Supply Chain Management, Business Process Re-engineering, and in the last 5 years in the area of information security.

He is currently the Head of Cyber Security Industry Engagement & Collaboration at CyberSecurity Malaysia and passionately believes that the cornerstone of cyberspace security strategy is and will remain a public-private partnership and only by acting together can we build a more secure future in cyberspace.


Senior Analyst, Indonesia Financial Services Authority


Pardiyono majored in accounting and following his graduation from the University of Indonesia in 1999, worked for Deloitte as Information Systems Auditor for 5 years, with his latest position being ERS (Enterprise Risk Services) Supervisor. He was engaged to perform information systems audit, Sarbanes Oxley compliance, and co-sourcing services to distinguished industries.

In 2005, he joined Bank Indonesia (Indonesia Central Bank) and later, OJK (Indonesia Financial Services Authority), as Bank IS Audit Specialist for about 12 years. In June 2016, Pardiyono was assigned to the OJK Integrated Supervision Department, his responsibilities of which include conducting and developing level 3 Supervision toward Financial Conglomerates in Indonesia. He is also involved in the development of the integrated supervision roadmap 2017–2019, integrated supervision application systems, coordination of the discussion of state-owned enterprise holding across government agencies, and the development of OJK’s fintech office and regulations.

He has a wife, two daughters, and a bicycle.

Rob McMillan

Research Director, Gartner, Australia


Rob McMillan joined Gartner after almost 9 years in information security at the Commonwealth Bank of Australia, where he was Executive Manager of Business Information Security Support. In this position, he was responsible for developing and implementing security policies and standards, operating the bank’s threat intelligence capability, implementing the security awareness programme, rolling out security infrastructure technologies, and a range of other issues. During this time, he was also a key participant in broader industry initiatives.

Prior to this, Mr McMillan was co-founder and general manager of AusCERT, responsible for the strategic direction and overall operational management of its core business. He had also spent 4 years with CERT in the U.S.

Robert Poh

Director, Asia, Financial Services Information Sharing and Analysis Center (FS-ISAC), Singapore


Robert Poh, is a Certified Information Security Manager (CISM) and CITPM (Senior), and serves as Director, Asia, Financial Services Information Sharing and Analysis Center (FS-ISAC), based in Singapore. He is responsible for facilitating relationships with members and partner organisations in the region, providing face-to-face opportunities for other members, and helping member organisations build and develop the FS-ISAC threat intelligence exchange community in Asia Pacific to advance effective sharing of cyberthreat intelligence that enhances the resilience and security of the financial industry, adding value to the membership.

Prior to FS-ISAC, Robert was the Director of Security Services, and worked with all public healthcare institutions to transform healthcare in Singapore, which has more than 25,000 users. He was responsible for the security strategies, policies and standards on the protection of valuable and sensitive information assets within these healthcare institutions, and was part of the national Electronic Medical Record Exchange and national Electronic Health Record projects. Before this, he was Head, Information Security of a healthcare group and Group Head, Data Security of a banking group, and part of the National Cashcard Project.

Tan Cheng Yeong

Partner, Digital Trust & Security Leader, PwC Malaysia


Tan Cheng Yeong is currently leading the Technology Risk Assurance practice in PwC Malaysia with a specialist team of over 100 individuals, helping clients on a wide spectrum of technology risks such as IT transformation projects, business applications, data management & analytics, privacy, cybersecurity, software licensing, and IT audits.

With over 20 years of experience, Cheng Yeong is a Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT). He is also a member of SIRIM Technical Committee on Information Security. He brings extensive experience in his dealings with complex systems & processes across various industries, including Financial Services, Telecommunications, Energy, Oil & Gas, Utilities, Media & Entertainment, Logistics & Aviation, Industrial products, FMCG and Services.

Thomas Beretti

Member of Secretariat, Basel Committee on Banking Supervision, Bank for International Settlements, Switzerland


Thomas Beretti joined the Basel Committee on Banking Supervision Secretariat in May 2017. He currently supports the financial technologies network that issued the Sound Practices on implications of fintech for banks and bank supervisors earlier this year. Thomas also supports the Operational Resilience Working Group charged with assessing the range of cyber resilience practices, and the Macroprudential Supervision Group in charge of the yearly G-SIB assessment.

Before joining the BCBS secretariat, Thomas was a prudential policy expert successively at the French Prudential Supervision and Resolution Authority (ACPR) and the European Central Bank’s Single Supervisory Mechanism (SSM), where he was involved, among other topics, in the design of the leverage ratio and the BCBS Guidelines on step-in risk. Thomas is a French national and holds a Master of Public Affairs degree, with majors in economic policies, international relations and public law.

Wo Swee Teck

Vice President – Regional Sales, SecureMetric Technology, Malaysia


Behind the beguiling goatee lies a firm believer in balancing mobile security with impeccable user experience. With over 15 years’ experience in the areas of Fintech and IT security, Wo Swee Teck is the current Vice President of Regional Sales for SecureMetric Technology, the leading PKI system enabler in ASEAN. Mr Wo started his career in one of the largest Fintech companies in Malaysia and moved on to helm key business development positions in mobile marketing, digital authentication, banking and mobile operator industries. His passion in everything mobile started almost 10 years ago, leading business development activities for mobile authentications and security services for a renowned Digital Certificate Authority in Malaysia.

Zainal Abidin Maarif

Technology Risk Specialist, Specialist Risk Unit, Bank Negara Malaysia


Zainal Abidin Maarif has been with BNM for more than 30 years, of which more than 20 years of service were dedicated to IT supervision since the inception of the function within the Supervision Sector in 1990.

Since the formation of the Specialist Risk Unit in 2010, he was appointed as Risk Specialist, where he leads and manages the Technology Risk Specialist team. The key function of the team is to undertake horizontal risk surveillance on financial institutions (FI) under the purview of BNM on technology risks, with the strategic outcome to ensure the safety and soundness of financial sector in implementing and adopting of technology, and to mitigate any emerging technology risks.

Zainal led the development of several prudential guidelines related to IT and cybersecurity for issuance to the financial industry and represents BNM at national level committees on development of cyber security policies and information security standards, as well as the annual international meeting of IT Supervisory Group (a group comprising IT supervisors from the central banks of 22 countries).

Besides holding an MBA (Finance) and a Bachelor of Accounting degree, Zainal is a Certified Information Systems Auditor (CISA) and a Certified in Risk and Information Systems Control (CRISC) – a globally-recognised professional certification for Information Technology Audit professionals sponsored by Information Systems Audit and Control Association (ISACA). He is also a member of ISACA, Malaysia Chapter.

*More speakers to be confirmed.


Sasana Kijang, Bank Negara Malaysia
2 Jalan Dato’ Onn
50480 Kuala Lumpur

Kindly refer to Google Maps here for directions to the venue. Ample parking is available on LG4 and LG5 at Sasana Kijang at RM5.00 per entry (flat rate).


Registration Fees

AICB Member Rate   RM1,200 nett
Non-Member Rate   RM1,500 nett
International Delegate   USD450 nett

*The Global Banking Discourse Series is STF claimable — AICB Members are entitled to 10 CPD Hours


Please complete the registration form and submit it via mail, fax or email to:

Wisma IBI, 5 Jalan Semantan, Damansara Heights
50490 Kuala Lumpur

For further enquiries, please contact:
+603 2095 6833 (Atiqah: Ext. 123/Katherine: Ext. 224)
Fax: +603 2095 2322