Singapore International Cyber Week 2017 (SICW)

Singapore International Cyber Week 2017 (SICW)

18 – 21 September 2017, 

SUNTEC SINGAPORE CONVENTION & EXHIBITION CENTRE

Meet Data Terminator at Booth: M24

About the Event:

The cyberspace is a necessity, both in the personal and work space. In an increasingly digital world, how individuals, governments and companies protect their digital assets has increasingly become a hot button issue. With cybersecurity issues spanning not just technology but also legal, business, strategy and policy, companies are realising more and more, how important it is to gain a coherent understanding of a complicated and diverse topic.

The Singapore International Cyber Week 2017 is the ideal platform to discuss, network, strategise and form partnerships in the cybersecurity space. Taking place from 18th – 21stSeptember 2017, the region’s most established Cybersecurity event continues its theme, “Building a Secure and Resilient Digital Future through Partnership”, underscoring the importance of cross-border partnerships in securing the use of cyberspace. Last year’s event hosted more than 6,000 cybersecurity experts from the region and beyond, as well as 100 exhibitors and sponsors, and we expect our 2017 showing to be bigger and better.

The cornerstone conference and exhibition for the week, GovernmentWare, will see its 26th showing this year, inviting technology leaders, industry professionals, policy-makers and innovators to showcase the latest in technology, network and discuss key challenges in growing cybersecurity capabilities, cooperation with like-minded partners and other leading challenges in the cyberspace domain.

RECOMMENDED CONFERENCE SPEAKER

 

Fredrik Forslund
Vice President, Enterprise & Cloud Erasure Solutions
Blancco Technology Group
Date: 21 September 2017
Time: 1140 – 1220 hrs
Venue: Auditorium, Hall 406, Level 4

 

BIOGRAPHY

Fredrik Forslund serves as Director of Cloud & Data Center Erasure Solutions for Blancco, a division of Blancco Technology Group. Bringing over 15 years of experience, he previously founded SafeIT Security, a security software company focusing on encryption and selective data erasure. With a keen eye for streamlining corporate IT security efficiencies and maintaining compliance with data privacy legislation, he is often regarded as a trusted advisor among customers. Prior to joining Blancco, he served as a Management Consultant for McKinsey & Company. Having lived and worked in the U.S. and Europe, Forslund understands the operational, financial and cultural nuances of driving global business growth. When he’s not guiding customers through data erasure, or working with Blancco’s internal teams, he can be found speaking at industry conferences, such as Cloud Expo Europe.

TRACK
Enterprise Security and Data Protection: Trends & Technologies

PRESENTATION TITLE
Avoiding Data Breaches and Achieving Compliance Through Updated Policy and Active Data Life Cycle Management

ABSTRACT
This session will update you on regulatory trends around the world and measures you can take to achieve best practice in real life with a focus on controlling and understanding data end of life situations. Your cyber security and IT security policies needs constant attention and updating to ensure that your business does not suffer from damaging data breaches. By analyzing your data life cycle, regulations and compliance combined with existing policies- you can come out as a winner. The goals are to reduce risk exposure, reduce operational costs and to be compliant in global business environment.

 

 

You can find more information about the Event and how to attend, in its official website, here: https://www.sicw.sg/

Looking forward to meeting you at SICW this year!

Data Terminator.

 

 

INTERPOL World Event

What is the event about

Fostering Innovation for Global Security Challenges INTERPOL World is a biennial international security trade event owned by INTERPOL – the world’s largest international police organization with 190 member countries. Scheduled to be in Singapore from 14-16 April 2015, INTERPOL Worldwill be held in conjunction with the official opening of the INTERPOL Global Complex for Innovation (IGCI) on 13 April 2015 and the 22nd INTERPOL Asian Regional Conference from 15-17 April 2015.

INTERPOL World provides unprecedented opportunities for security manufacturers and solution-providers to interact with international police organizations, law enforcement agencies and security professionals to identify current and future challenges and offer innovative solutions. It also promotes public-private partnerships to develop and drive security initiatives for real world security situations. Heads of States, Governmental high representatives, Chiefs of Police of INTERPOL’s 190 member countries and at least 450 key decision makers from INTERPOL and law enforcement community will be invited to attend INTERPOL

Supported by Singapore Ministry of Home Affairs and managed by MP International, INTERPOL World will focus on 4 main domains, but not limited to: Cybersecurity, Border Management, Safe Cities and Supply Chain Security. The three-day event will also play host to over 250 international and local exhibitors and 8,000 trade and professional visitors.

Getting to INTERPOL World

Sands Expo and Convention Centre Marina Bay Sands 10 Bayfront Ave Singapore 018970 Located in the heart of Singapore’s central business district, Marina Bay Sands is the ultimate destination for entertainment, business and shopping. The landmark building comprises a luxury hotel, state-of-the-art convention and exhibition facilities, theatres and some of the finest shopping and dining in the region.

Direction

By Car

Car park entrance is located at Sands Expo and Convention Centre via the Bayfront Link (enter from Bayfront Avenue and turn right into covered car park). Valet parking is available at entrance driveways of Hotel Towers 1 and 3, and Casino.

Alternatively, drivers may opt for the Park and Ride scheme where a satellite car park will be operated at Marina South (located on Marina Grove). Under this Park and Ride scheme, for a fixed $10 entry fee, drivers can park their vehicles and board the Marina Bay Sands shuttle bus at the entrance of the car park to travel to the property.

By Mass Rapid Transit

The nearest MRT station is the Bayfront MRT Station (CE2 and Exit B, C, D and E).

By Bus

Bus services to Marina Bay Sands include SBS 97/97E, 106, 133, 502/502A, 518/518A; and Night-rider service: NR1 and NR6 (available on Fridays and Saturdays).

By Taxi

Taxi service is available from the taxi stand situated at the main entrance. Available 24 hours, advance bookings can be made with the taxi companies with a booking fee. Electronic road payment, city area, midnight and peak hour surcharges apply. You can book for a taxi using the following local numbers:

CityCab/Comfort Taxi 65 6552 1111
Premier Taxis 65 6363 6888
Prime Taxi 65 6778 0808
SMRT Taxis 65 6555 8888
Smart Automobile 65 6485 7777
Trans-cab 65 6555 3333
Yellow-Top Taxi 65 6293 5545

RSA Conference 2015 – Asia Pacific & Japa

22 – 24 July, 2015
Marina Bay Sands, Singapore
Visit DT-Asia Group at booths E55 & E80

Conference Tracks

  • Cloud and Data Security

    Data Security covers strategies, practices, and technologies to classify, track and protect data and will cover issues such as compliance, privacy, regulations and big data trends. Cloud Security includes data sovereignty, security architecture in the cloud, cloud security governance, risks, migration issues, and vendor Service Level Agreements (SLAs).

  • Cyber Investigation and Law Enforcement

    This track provides the latest information and practical demonstrations of techniques to address cyber investigation. It covers strategies to enable local law enforcement personnel to collaborate more closely with international police organizations as well as tap global intelligence for tackling high-tech crimes and formulate appropriate cybersecurity policies. Topics covered include identifying and addressing emerging crime threats, fraud, intellectual property theft, environmental and organized crime, analytics and incident response.

  • Governance and Risk Management

    This track provides a business-oriented view and covers the creation and implementation of risk management frameworks, standards, governance, and quantification and management of risk. Sessions will cover how to successfully communicate and enforce policies and standards in the enterprise as well as how organizations measure and calibrate risk as well as exploring people-related issues like social networking/engineering, insider threats and security awareness programs.

  • Mobile Security

    Mobile Security will focus on the policies, processes and technologies for managing employee-owned devices and BYOD programs, smartphone/tablet security and consumerization trends. In this track you’ll find in-depth sessions on mobile malware, mobile application threats, device management and emerging threats to mobile platforms and workers.

  • Security Infrastructure

    This track will cover the architectural and strategic planning considerations for the deployment of security-enabled technologies, including trends in emerging technologies, network and endpoint security, vulnerability assessments, penetration testing , IDS/IPS, physical and embedded device security. In this track you’ll also find the processes, technologies and policies for identity and access management including managing digital identities, their authentication, authorization, roles, and privileges.

  • Sponsor Special Topics

    Listen to a spectrum of experts and security issues delivered and discussed by leading edge companies.

  • Threats and Threat Actors

    These sessions include discussions on the threat landscape, advanced threats, APTs, new classes of vulnerabilities, exploitation techniques, malware, reverse engineering, hacktivism and how to combat these problems. Some sessions will include live demos and code dissection.

Personal Data Protection Act

The purpose of Personal Data Protection Act is to govern the collection, use and disclosure of personal data by organisations in a manner that recognises both the right of individuals to protect their personal data and the need of organisations to collect, use or disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.
Overview

What is Personal Data?

Personal data refers to data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which the organisation has or is likely to have access. Personal data in Singapore is protected under the Personal Data Protection Act 2012 (PDPA).

What is the Personal Data Protection Act?

The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

The PDPA provides for the establishment of a national Do Not Call (DNC) Registry. The DNC Registry allows individuals to register their Singapore telephone numbers to opt out of receiving marketing phone calls, mobile text messages such as SMS or MMS, and faxes from organisations.

Objectives of the Personal Data Protection Act

Today, vast amounts of personal data are collected, used and even transferred to third party organisations for a variety of reasons. This trend is expected to grow exponentially as the processing and analysis of large amounts of personal data becomes possible with increasingly sophisticated technology.

With such a trend comes growing concerns from individuals about how their personal data is being used. Hence, a data protection regime to govern the collection, use and disclosure of personal data is necessary to address these concerns and to maintain individuals’ trust in organisations that manage data.

By regulating the flow of personal data among organisations, the PDPA also aims to strengthen and entrench Singapore’s competitiveness and position as a trusted, world-class hub for businesses.

How does the Personal Data Protection Act Work?

The PDPA will ensure a baseline standard of protection for personal data across the economy by complementing sector-specific legislative and regulatory frameworks. This means that organisations will have to comply with the PDPA as well as the common law and other relevant laws that are applied to the specific industry that they belong to, when handling personal data in their possession.

The PDPA takes into account the following concepts:

  • Consent – Organisations may collect, use or disclose personal data only with the individual’s knowledge and consent (with some exceptions);
  • Purpose – Organisations may collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure; and
  • Reasonableness – Organisations may collect, use or disclose personal data only for purposes that would be considered appropriate to a reasonable person in the given circumstances.

Application of the Personal Data Protection Act

The PDPA covers personal data stored in electronic and non-electronic forms.

The data protection provisions in the PDPA (parts III to VI) generally do not apply to:

  • Any individual acting in a personal or domestic basis.
  • Any employee acting in the course of his or her employment with an organisation.
  • Any public agency or an organisation in the course of acting on behalf of a public agency in relation to the collection, use or disclosure of the personal data. You may wish to refer to the Personal Data Protection (Statutory Bodies) Notification 2013 for the list of specified public agencies.
  • Business contact information. This refers to an individual’s name, position name or title, business telephone number, business address, business electronic mail address or business fax number and any other similar information about the individual, not provided by the individual solely for his or her personal purposes.

These rules are intended to be the baseline law which operates as part of the law of Singapore. It does not supersede existing statutes, such as the Banking Act and Insurance Act but will work in conjunction with them and the common law.

When does the Personal Data Protection Act Come into Effect?

The PDPA takes effect in phases starting with the provisions relating to the formation of the PDPC on 2 January 2013. Provisions relating to the DNC Registry came into effect on 2 January 2014 and the main data protection rules on 2 July 2014. This allows time for organisations to review and adopt internal personal data protection policies and practices, to help them comply with the PDPA.

Development of the Personal Data Protection Act

In the development of this law, references were made to the data protection regimes of key jurisdictions that have established comprehensive data protection laws, including the EU, UK, Canada, Hong Kong, Australia and New Zealand, as well as the OECD Guidelines on the Protection of Privacy and Transborder Flow of Personal Data, and the APEC Privacy Framework. These references are helpful for the formulation of a regime for Singapore that is relevant to the needs of individuals and organisations, and takes into account international best practices on data protection.

Three public consultations were conducted since 2011 to seek feedback on the proposed data protection regime. The public consultation sought the public’s views on topics including the coverage of the proposed law, the proposed data management rules and transitional arrangements for organisations to comply with the new law. For more information on the public consultations, please visit the MCI website.

What can we do for you to cope with Personal Data Protection Act?

  •  Degauss onsite using NSA evaluated degaussers which is capable of erasing both longitudinal and perpendicular magnetic disk storage devices with coercivity of up to 5,000 Oersteds
  •  Shredded/crushed onsite by built-for-purpose HDD and SSD shredder/crusher to break it into smaller pieces

Cyber Intelligence Asia 2014

Singapore, Singapore
11th March 2014 – 14th March 2014

Grand Copthorne Waterfront Hotel

392 Havelock Road, Singapore 169663

Tel: +65 6733 0880

After the successful launch of our Cyber Intelligence conferences and exhibitions our Asia show is moving to Singapore. With many governments in Asia looking to share knowledge and gain a better understanding of how to combat cyber attacks in the region, this is the must attend event in Asia to gain the knowledge and meet with the key policy and strategy makers in the regional governments and law enforcement agencies.

With more sophisticated and harder to trace cyber breaches taking place, governments are finding it harder to keep up to date with the hackers, and are continuing to look towards cooperate with the private sector to be one step ahead of the criminals.

Taking place in Singapore, which as a nation has one of the best critical infrastructures in place. Furthermore, Singapore is where many information security firms locate in Asia allowing attendees to opportunity to meet with many global private sector companies to discuss the latest technologies on offer.

Cyber Security is becoming a faster and a more sophisticated market and Cyber Intelligence Asia 2014 will allow attendees to analyse the latest defences on offer with regards to Malware, Data Loss Protection, Password Security, Critical Infrastructure, Digital Forensics, Data Recovery and Data Retrieving.

Cyber Intelligence Asia attracts a global attendance to network and discuss the latest solutions and systems in the market place that is targeted to law enforcement agencies and government’s in the region.

23rd GovernmentWare (GovWare) 2014

Join Us at the Premium Infocomm Security Conference Established in Asia!

September 23-25, 2014 – Suntec Singapore Int. Convention & Exhibition Center – Join us at Booths G28A, G27 and H27A

The Ministry of Home Affairs, Singapore, is proud to present the 23rd GovernmentWare (GovWare) conference & exhibition event. This annual event will be held from 23 to 25 September 2014 at the Suntec Singapore International Convention & Exhibition Centre.

The theme of this year’s conference is: “Strengthening The Cyber Security Ecosystem”.

An effective cyber security ecosystem requires not only the continual development of efficient cyber defence processes and technologies, but also a close collaboration between the public and private sectors. The effectiveness and resilience of this ecosystem, however, can be hampered by the cyber threats in today’s connected cyber world.

As cyber attacks become increasingly sophisticated, complex and difficult to detect, advanced cyber solutions that enable seamless security processes are essential. It is also no longer feasible for a single entity to rely on its own capabilities to defend against such cyber attacks. There is a crucial need for the various entities in the cyber ecosystem to work together to tackle the challenge.

Accordingly, the Government, the academia and industry partners have been urged to develop a close partnership which will enable such initiatives and measures as the sharing information, the development of innovative cyber solutions, the training of the next generation of cyber security professionals and the establishment of local operational or research facilities. These and other collaborative efforts of all stakeholders will aid in the shaping of a cyber security ecosystem that is both robust and vibrant.

Come join us at GovWare 2014 as we explore how we can work together to enhance the resilience of our cyber security ecosystem to create a safer cyber space for all.

Banking Vietnam Event – May 20th, 2014

Banking Vietnam, organized by State Bank of Vietnam, Vietnam Banks Association and IDG Vietnam is the largest and most influential annual banking conference and expo in Vietnam. On behalf of organizers, we are pleased to invite you to participate in Banking Vietnam 2014 on 20-22 May 2014 at Melia Hotel, Hanoi to enjoy the latest excitements in Banking trends and IT solutions.

With the 17th organization, Banking Vietnam is the most prestigious annual banking conference and exposition in Vietnam. With the participation and strong supports from the State Bank of Vietnam’s government leaders, Banking Vietnam has gained enormous interest and been marked as the “must-attend” conferences by bankers’ community in Vietnam.

This year, featuring the theme “Innovative Banking: Building Trust and Customer Engagement” , the 17th Banking Vietnam 2014 hopes to bring in the latest insights that enable audience to stay on top of current development, update technology solutions to enjoy higher satisfaction and loyalty from customers while  improving scalability and agility in banking system.

Together with the conference, the exhibition will excite you with the showcase of newest technologies and products within the banking field and brings unique access to 400 CIOs, CSOs, IT Directors – Key decision makers for IT Purchasing.

Speaker – Mike Tan – Founder and Director of DT Asia group

Mike graduated from University of Alberta, Canada in 1989 with a degree in Computer Engineering. He did R&D work for his university and the Singapore Defence Science Organization before working the next 15 years for technology giants Hewlett-Packard and Dell. Since 2007, Mike has founded various business start-ups. DT Asia was created as a value added distribution for best-in-class information leakage protection service and solutions for government and financial institutions across Asia. DT technology partners include leading-edge security companies from USA, Israel, Hungary, Finland and South Korea .

Topic – How Top Government Organizations and Global Technology Companies Fight Advanced Cyber Threats

Governmentware 2013

Dear Valuable Customers,

Data Terminator (DT) is an Information Leakage Protection Specialist in providing solution and services that secure data at rest, data in motion as well as data in use.

DT’s new and innovative products and services include:

SSH CryptoAuditor provides control, monitor and audit of privilege user access to mission critical servers and other network devices. It deploy transparently and independently from the Client/Server environment, while minimizing the impact on network architecture.

Enterprise Fraud Management (EFM) is an enterprise solution to enforce corporate security policies by detecting security breaches and exceptions.

NSA certified Equipment and Services for all Data End of Life management

ISO Certified professional services for All-in-One asset declassification
For more details, please visit https://data-terminator.com

 

Secure Shell key mismanagement poses big risk to your data

Nearly every major network environment today – including governments, large enterprises and financial institutions – uses a version of the Secure Shell data-in-transit protocol, to protect data as it moves throughout the network and allow for administrators to manage systems remotely.

Secure Shell works by creating an encryption key pair – one key for the user’s machine, and the other key for the server – while encrypting the data that is transmitted between those two keys. Organisations use Secure Shell to encrypt everything from logins to financial data, health records and other personally-identifiable information. While Secure Shell keys protect highly sensitive information, organisations have been astonishingly indifferent at managing the creation, location and access of Secure Shell keys giving access to critical assets.

Many organisations are unable to control the creation quantity and location of keys in the network; they are leaving themselves open to security breaches and noncompliance with international regulations including Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley Act (SOX), as well as Singapore standard such as Monetary Authority of Singapore (MAS). Organisations may also be infringing upon other security policies, including those mandated by their customers.

Attacking key-based access network
Having thousands to millions of these keys is common for the majority of enterprises, governments and financial institutions worldwide. However, most of them are still using manual processes for generating, configuring and deploying the Secure Shell keys. Over time, this results in the uncontrolled proliferation of authentication keys, with little to no visibility into what each key does. A malicious actor, that gains access to a private key, can mimic an authorized user and access sensitive information with impunity.

Network breaches are commonplace as attacks become more prevalent and sophisticated. Implementing Secure Shell keys as an attack vector in a virus is fairly simple, requiring only a few hundred lines of code. Once a virus gains successful entry, it can use improperly managed Secure Shell keys to spread from server to server.

In fact, key-based access networks are so tightly woven that it is highly likely that a successful attack will infect virtually all servers within an organisation, particularly if the virus also uses other attack vectors to elevate privileges to “root” after breaching a server. With so many keys being distributed, odds are the virus will corrupt nearly all servers in a matter of seconds to minutes, including disaster recovery and backup machines that are usually also managed using such keys.

Under the worst circumstances, a virus using numerous attack vectors could spread Internet-wide, quickly and, merged with destruction technologies, could destroy immense amounts of data.

Time to take pivotal steps

Taking the steps to address Secure Shell key mismanagement will require proper support and endorsement within the organisation itself. The core of the remediation project is comprised of multiple steps:

– Automating key setups and key removals; eliminating manual work, human errors, and reducing the number of administrators from several hundred to virtually none.
– Managing what commands can be executed using the key and where the key execution can happen.
– Requiring proper processes for all key setups and other key operations.
– Monitoring the environment in order to establish which keys are actually used and removing keys that are no longer in use.
– Rotating keys, i.e., changing every authorised key (and corresponding identity keys) regularly, so that any compromised (copied) keys cease to work.
– Identifying all current trust-relationships (who has access to what).

Going forward

Today a considerable portion of the global financial institutes, Fortune 500 and many major government agencies continue to operate out of compliance, and are unknowingly facing major security threats from hackers or rogue employees. Best practices, such as the ones identified above, will position organisations to prepare for security threats and new compliance mandates before they occur.

In addition to IT involvement, executive management needs to step-in to protect the company from neglecting any compliance regulations that could bring about liability; and make it a priority to ensure that SSH user keys are properly managed in their organisations.

Tommi Lampila is Vice President, APAC, SSH Communications Security.

Save The Date Event: Coverging Threats and Reducing Risks across business units

The converging world of fraud, internal audit, operational risk and compliance require a unified and robust solution as well as “out of the box” thinking.

Learn how the Intellinx holistic approach will help you mitigate fraud and manage risk: protecting your assets, your customers and your reputation.

SAVE THE DATE
Discussion & Networking Cocktail
Brought to you by:
August 16, Friday, 2013
17:00 to 19:00
Venue: St. Regis Singapore
Diplomat Room
29 Tanglin Road, Singapore 247911
Agenda
Time Activity Speaker
1630 – 1700 Pre event Networking and Refreshment
1700 – 1730 Industry Update and Sharing Mr Philip Chong
Executive Director
Risk Consulting
Deloitte Singapore
1730 – 1815 A New Paradigm to Fraud and Operation Risk Ms Anat Doron
VP Business Development
INTELLINX
1815 – 1845 Dialogue and Exchange
1845 – 1930 Cocktail and Networking
RSVP Button Please RSVP by email: marketing@dtasiagroup.com

Data Terminator is a trusted brand in Data Leakage and End-of-Life Data Protection. Our processes are ISO 9001:2008 and ISO 14001: 2004 certified. Our aim is to provide our Customers effective and efficient Data Security Solutions to meet their demands for Information Security. Read more..

Contact us

  • Office: 21 Bukit Batok Crescent , #13-72, WCEGA Tower (S) 658065.
  • Phone: (65) 64 63 9212
  • enquiry@data-terminator.com
  • Working Days/Hours:
    Mon – Friday / 9:00 AM – 6:00 PM