CISO Indonesia schedule

• Understanding the implications of the new law – overview of Indonesia’s upcoming personal data protection law, its key provisions, and the impact it has on Centratama Group
• Addressing the challenges in implementing data protection measures, including navigating the complexities of cross-border data transfers, ensuring data integrity, and managing consent processes effectively.
• Emphasising the importance of fostering a culture of data privacy within organisations – strategies to educate and empower employees to prioritise data protection
•  

 

Explore how Tanium goes beyond conventional cybersecurity with a unified approach to endpoint security and operations. This session will highlight Tanium's capabilities in real-time visibility, control, and remediation, enabling organizations to streamline their operations, improve incident response, and achieve robust protection across all endpoints.

 

• Understanding the critical role of strategic cybersecurity governance in our rapidly evolving digital landscape
• Exploring the intricacies of cyber risk management, policy implementation, and board-level decision-making
• Driving impactful cybersecurity governance that reinforces the foundation of your organization's secure digital future

 

Moderator

• Mohammad A. Soetomo, Lecturer, Swiss German University

 

Panellists

• Krisnanto Padra, Head of Information Security, AirAsia Indonesia
• Roy Dianton Leonardo, Head of IT Security, Lion Super Indo
• Budiyanto, Head of Data Governance & Data Protection Officer, Bank Jago
• Dedy Mulyadi, GM – Head of IT & Security, Centratama Group
• Ferdinand Gunadi Abadi, Regional Sales Manager, Okta

In this session, Rob Dooley, Rapid7 Asia Pacific General Manager will unpack Indonesia’s recently enacted Personal Data Protection (PDP) law, which came into full effect in October 2024.

 

Under this regulation, organisations now face stringent requirements to protect the personal data of individuals, with a significant focus on robust visibility into data handling and response to potential breaches. Rob will provide an overview of the PDP regulation’s core requirements and obligations, shedding light on the compliance implications for businesses across sectors.

 

Importantly, as organisations navigate Indonesia’s regulatory landscape, Rob will talk about how to address the two foundational pillars essential for PDP compliance: visibility and response. Through exposure management and managed extended detection and response (MXDR), you can create a cohesive, end-to-end security program:

 

• Exposure management for visibility: How do you gain unparalleled visibility across your digital assets, identifying and mitigating vulnerabilities before they become critical threats? Critical to this is a proactive approach in meeting the PDP law’s requirements for data security and breach prevention.
• Managed extended detection and response (MXDR): Through MXDR, you can leverage a robust response framework that enables rapid detection and handling of potential breaches. This helps minimise impact and ensure alignment with the PDP regulation’s incident response mandates.

 

By focusing on these two core areas, Rob will demonstrate how to achieve PDP compliance but more widely, strengthen your organisation’s resilience in today’s complex threat environment, staying secure and regulatory-ready.

• Exploring the role of artificial intelligence, quantum computing, and blockchain in shaping the future of cybersecurity
• Understanding their potential benefits and vulnerabilities
• Harnessing these technologies to enhance protection against evolving cyber threats

 

Speakers

• Sudarto Unsurlany, Head of Digitalisation, Petrosea
• Eddy Gunawan, IT Security Expert, Pertamina

• Highlighting common mistakes made by IT professionals when dealing with OT systems, using real-world examples such as blackouts caused by IT interventions in OT environments
• Discussing the unique cybersecurity challenges faced by OT systems compared to traditional IT environments.
• Analysing the evolving regulatory landscape and its impact on OT cybersecurity, and how to stay compliant while enhancing security measures for OT systems

 

 

• The rise of AI in cybercrime
• Mitigation strategies for cisos
• Preparing for AI-driven security challenges

 

Speakers: 

• Rudy Lim, Cyber Security Senior Manager, Accenture
• Kjeld Stipsen, Accenture Leadership, Accenture

As your IT environment expands your team is left with the inevitable and challenging task to reconcile and understand what exists and what doesn’t. It’s not an easy puzzle to solve.
But, it’s possible. With clear business and technical risk context the job is far easier. And to get that you need a clear Risk Based Vulnerability Management strategy.
Join Fajar and understand how it truly is possible for your team to solve the risk-based vulnerability puzzle.

• Bridging the gap between intent and actual level of security achieved, and addressing the hurdles
• Exploring methods to establish a culture of continuous security testing, including automated tools and penetration testing, to maintain a resilient application security posture
• Lessons learnt from recent experience

• Understand why Identity is the new security perimeter.
• Learn how organizations can build context around identities and data to reinforce the desired security posture, based on an Authorization Maturity Model.
• Gain practical and actionable insights on how you can address identity security challenges in your organization.

• Identifying vulnerabilities in both internal applications and customer-facing systems to strengthen overall security.
• Introducing the risk metrics framework: A unique, self-developed strategic framework for comprehensive vulnerability assessment, inspired by MITRE and OWASP standards.
• New Generation Threat Modelling with AI

• The rise of AI is leading to an untenable state of complexity and tool sprawl. With the surge in API usage, security and complexity have become critical issues.
• Mitigate risk and improve digital resiliency by continuously defending critical business logic behind APIs - from code, through testing, into production.
• Reduce complexity and tool sprawl by consistently protecting the entire API estate.

Moderator

• Didik Achmadi, Senior Technical Success Manager, SNYK

 

Panellists

• Justinus Okky Munindra Permana, Enterprise Architecture Head, BFI Finance Indonesia
• Yusuf Herbiono, Site Reliability Engineer (SRE) Head, BFI Finance Indonesia

• Exploring how AI is transforming the cybersecurity landscape in Indonesia what opportunities AI offers for detecting and mitigating threats, and the potential risks posed by AI-driven cyberattacks
• Discussing the evolving regulatory environment for AI and cybersecurity in Indonesia, including how organizations can stay compliant with emerging data protection laws while adopting cutting-edge AI technologies
• Examining the ethical implications of AI in cybersecurity and governance and ensuring AI systems are transparent, secure, and aligned with regulatory standards

 

Speakers:

• Indra Adillah, Head of ICT, AirAsia Indonesia
• Raditio Ghifiardi, VP - Head of IT Security Strategy & Architecture, Indosat Ooredoo Hutchinson

Legacy IGA solutions are not built to address today’s identity explosion, the proliferation of machine and human identities both internal and external to the organisation have dramatically expanded the attack surface. Organisations are looking for a better way to manage their identity estate and most importantly manage who has access to what and is it secure. The regulators are recognising that Zero Trust is underpinned with a comprehensive identity strategy and starting to enforce full identity lifecycle management and privilege access management.  Join Saviynt to discover how organisations can implement a single platform to manage your full identity landscape to facilitate Digital Transformation.

 Discussion points:

• Centralise identity management across cloud, on-premises, and hybrid environments
• Streamlines decision making with machine learning and AI to automate processes
  Manage external supply chain effectively through delegated sponsorship. 
• Reduces risk by integrating with GRC platforms

 

Attend the session to learn how you can transform your legacy system into a modern, cloud-native IGA program that meets current security and compliance objectives.

 

 

• Addressing the limitations of AI in cybersecurity, including challenges related to false positives, biases in algorithms, and the need for continuous training and adaptation
• Exploring how AI is transforming cybersecurity from reactive to proactive, enabling real-time threat detection and response
• Highlighting real-world case studies of AI successfully mitigating advanced persistent threats (APTs), zero-day vulnerabilities, and insider threats
  
  

There are three major ways into your computing estate, and the one that should be 100% under control, but is NOT, is remediation of exploitable vulnerabilities. Learn exactly why it has spiraled out of control and practical ways to both measure vulnerability cyber risk and get it under control quickly. This session looks at the latest threat intelligence with expert analysis as to how it impacts you, and will give you pragmatic ways to pull stakeholders together, effectively prioritize vulnerability risks, protect your estate and prove measurable cyber risk reduction to your C-Suite and Board.

• Addressing the cybersecurity skills gap and strategies to bridge the shortage of skilled professionals
• cultivating a strong cybersecurity culture and fostering culture where security is ingrained in everyday practices
• Allocating resources for cybersecurity initiatives to ensure robust measures and responses
  
  

Moderator

• Goutama Bachtiar, International Advisory Board for C|CISO & C|PENT, EC-Council

 

Moderator

• Goutama Bachtiar, International Advisory Board for C|CISO & C|PENT, EC-Council

 

Panellists

• Yohannes Glen, SVP Head of Enterprise Security, Indosat Ooredoo Hutchison
• Willy Saputra, SVP – IT, Digital Banking & Analytics Audit Head, Bank BTPN
• Mashrek Reza Siddique, Head of IT, Unilever Oleochemical Indonesia
• Ivan Prasetyo, VP of Information Security Strategy, Project, and Initiatives, UOB
• Achmad Arif, General Manager, Q2 Technologies