Event Overview
Southeast Asia’s digital economy is projected to reach $1 trillion by 2030, positioning the region as a critical global hub for digital innovation and economic growth. This unprecedented transformation has made the region a prime target for sophisticated cyberthreats. In 2024, Southeast Asia experienced more than 135,274 ransomware attacks, according to recent intelligence. With 67% of all regional cyber incidents occurring in a single year, this marks the highest concentration of cybersecurity challenges ever recorded in ASEAN markets.
The South East Asia Summit 2025 brings together the region’s most influential cybersecurity executives, thought leaders and innovators to address the complex challenges shaping Southeast Asia’s digital landscape. This premier virtual summit, centered around the theme “From Strategic Vision to Operational Excellence: Leading Cybersecurity in Southeast Asia’s Digital Future,” focuses on bridging the gap between cybersecurity strategy and practical implementation across ASEAN’s diverse regulatory and business environments.
The summit will provide actionable insights into emerging threats, including AI-powered attacks, quantum computing risks, supply chain vulnerabilities and the evolving geopolitical cyber warfare landscape affecting Southeast Asian enterprises. Participants will gain strategic frameworks for building cyber-resilient organizations while using cybersecurity investments to drive innovation, market expansion and stakeholder trust.
Andre Shori
Charmaine Valmonte
David Gee
G Saravanan
Jon Lau
Lim Shih Hsien
Atif Najam
Abid Adam
Arlene Romasanta
Speakers
Thought Leaders on Stage Leading Deep-Dive Discussions
Industry leaders from various sectors in the technology domain share their experience on how the role of chief technology officers (CTOs) has become indispensable across organizations. They discuss unique strategies and techniques applied in businesses, making technology an intrinsic part of their organizational DNA. Additionally, these thought leaders delve into how they have redefined leadership to enhance the organization’s resilience and share their insights on artificial intelligence, sustainability, and the future of internet.
Highlight Topics
- OT Security
- SOC as a Service: Advanced Threat Detection
- Geopolitical Impact on Supply Chain Operations
- AI-Driven Attacks: Are Enterprises Ready for a Counterstrike?
- Data Localization: Cybersecurity Implications
- AI in the Cloud: Security Risks
Agenda
9:00 AM SGT onward
Registration and Exhibition Browsing
9:55 AM - 10:00 AM SGT
Welcome and Opening Remarks
10:00 am - 10:20 AM SGT
Keynote: Changing Cybersecurity Regulations: Enterprise Readiness for Compliance
Southeast Asia faces a pivotal regulatory shift in 2025 as ambitious cybersecurity frameworks and rapid digital transformation drive a new era of compliance.
Regional harmonization under the ASEAN Cybersecurity Cooperation Strategy 2021–2025 is accelerating alongside sophisticated national data protection and cybersecurity laws that require comprehensive enterprise readiness.
This evolution presents both the greatest compliance challenge and a significant competitive opportunity in the region’s history. Organizations must navigate enhanced obligations – from Singapore’s strengthened PDPA and Malaysia’s new Cyber Security Act to Thailand’s extraterritorial enforcement and Vietnam’s forthcoming data protection law – while transforming compliance into a strategic enabler of business growth and resilience.
This session will cover:
- Future-proofing for regulatory evolution and digital economy integration;
- Enterprise risk assessment and penalty mitigation strategies;
- Regional regulatory convergence analysis and strategic implications.
Abid Adam
Group Chief Risk & Compliance Officer, Axiata
Sandra Pesic
Information Security and Data Privacy Officer, Federal Reserve Bank of Chicago
10:20 am - 10:40 aM SGT
Plenary: Redefining Cybersecurity Leadership in the AI Era
The cybersecurity leadership paradigm is undergoing a fundamental transformation as AI reshapes both attack vectors and defense strategies across Southeast Asia.
As adversaries deploy AI that learns, adapts, and coordinates faster than traditional defenses can respond, the modern CISO role demands evolution from tactical guardian to strategic architect of cyber resilience. The plenary session will dissect the evolution of the CISO role, moving beyond traditional risk frameworks to embrace a new mandate focused on building AI-driven trust, fostering resilient organizational cultures, and articulating the strategic value of AI-centric security to the board
CISOs play a crucial role in advancing cyber readiness and building organizational resilience. But how are they shifting from response to resilience?
This session will discuss:
- The Leadership Shift: From Technical Expert to Strategic Resilience Architect;
- Redefining leadership in the face of adversity;
- Building resiliency against growing incidents and navigating through AI complexities;
- Developing proactive threat intelligence capabilities and cross-functional crisis response teams;
- Reskilling Security Teams for AI-Native Operations.
David Gee
Chairman, Leadership Collective Australia
Sandra Pesic
Information Security and Data Privacy Officer, Federal Reserve Bank of Chicago
10:40 am - 11:20 am SGT
Fireside Chat: OT Security: Building Strategic Cyber Defenses
Operational technology environments underpin critical infrastructure and industrial processes across Southeast Asia - from manufacturing floors and energy grids to water utilities and transportation networks.
As the region accelerates digital transformation and Industry 4.0 adoption, OT environments face a rapidly expanding and sophisticated threat landscape, requiring cybersecurity leadership that transcends traditional IT approaches.
This fireside chat will explore how leading cybersecurity executives are elevating OT security from a technical challenge into a strategic imperative – aligning governance frameworks, regulatory compliance and risk management to build resilient, mission-critical defenses against nation-state actors, ransomware campaigns and supply chain compromises.
This session will cover:
- Unified IT-OT cybersecurity strategies;
- Network segmentation and access control;
- Incident response and crisis management for OT.
Andre Shori
APAC Cybersecurity VP and CISO, Schneider Electric
Lim Shih Hsien
Executive Vice President, IT OT & Cyber, Seatrium Limited
Justin Ong
APAC CISO and Chief Privacy Officer, Panasonic Asia Pacific Pte.Ltd
11:20 AM - 11:50 AM SGT
Panel: Securing the Digital Nation: Bridging the Security and Technology Gap
As Southeast Asia accelerates its digital transformation, nation-states face unprecedented complexity in securing cloud infrastructures, telecommunications networks, operational technology systems, and AI-driven services—all while defending against sophisticated, cross-border cyber threats.
The government’s experience in building a cohesive national cybersecurity strategy offers critical insights for regional leaders navigating similar challenges. This session will share practical frameworks for building national-scale cyber resilience, coordinating cross-sector responses, and fostering ecosystems that enable both security and innovation in an increasingly interconnected regional landscape.
This session will discuss:
- Architecting Resilience for Critical Information Infrastructure (CII);
- Bridging the technology and security gap;
- Fostering collaboration between government, industry, and academia to co-create security solutions;
- Building the technology architecture for better defences;
- Redefining security leadership in the AI era.
Carolyn Bigg
Partner and Global Co-Chair of the Data, Privacy and Cyber Group, DLA Piper, Singapore
Sunari Dandeniya
Chief Information Security Officer, Commercial Bank of Ceylon PL
11:50 AM - 12:30 PM SGT
Panel - Supply Chain Insecurities: Establishing the Right Security Posture
Southeast Asia's position as the global manufacturing hub and digital economy powerhouse has created an intricate web of supply chain interdependencies that present both unprecedented opportunities and existential cybersecurity risks.
In the SEA region, 97% of regional companies are small and medium-sized enterprises that often lack robust security infrastructure, even as the region serves as a critical node in global supply chains.
This panel will bring together leading practitioners who have navigated the complex realities of securing supply chains across ASEAN’s diverse regulatory and operational landscape, where traditional perimeter-based security models have proven inadequate against sophisticated threat actors exploiting trusted vendor relationships.
This session will cover:
- Multi-tier vendor risk assessment and continuous monitoring;
- Zero-trust architecture implementation for supply chain access;
- AI and automation in supply chain security operations.
Jenny Tan
President, ISACA-Singapore Chapter
John Lee
Managing Director-Asia Pacific, GRF
Steven Sim Kok Leong
Chair, Executive Committee, OT-ISAC
12:30 PM - 12:50 PM SGT
Exclusive: Building Cybersecurity resilience: A CISOs Journey
In Southeast Asia’s increasingly volatile threat landscape, resilience is the defining trait of effective cybersecurity leadership.
Cyberattacks, regulatory change, and business transformation are relentless forces—and it is the CISO’s ability to anticipate, absorb, and adapt that determines organizational survival.
It is critical to understand how the CISOs are building the required resiliency by navigating major incidents, forging business trust, and leading the human and technological transformation necessary for today’s high-stakes risk environment.
This session will include:
- Defining Resilience Beyond Recovery;
- Building a resilient defense architecture across platforms;
- Regulation vs. Resilience: Where is the challenge?
- Adaptive risk Management in dynamic environments;
- Navigating through disruptive technologies.
Charmaine Valmonte
FVP & Chief Information Security Officer | Data Protection Officer, Aboitiz Group
12:50 PM - 1:30 PM SGT
Panel: AI-Powered BFSI: The Security Promise
As Southeast Asia’s banking and financial sector races to harness artificial intelligence for instant payments, lending, and digital finance, AI has become both the engine of transformation and a vector for complex new threats.
Yet, this AI-powered transformation comes with a dual promise: unprecedented efficiency and innovation, alongside a formidable new frontier of security risks. This panel assembles leading CISOs and security executives from Southeast Asia’s BFSI landscape to explore the tangible security dividends of AI adoption, including enhanced identity governance, automated compliance, and resilient ecosystems that balance innovation with trust.
This session will discuss:
- Securing the AI Development Lifecycle;
- AI Governance and Compliance in a Multi-Jurisdictional Region;
- Architecting the AI-Native Security Operations Center.
Jon Lau
CISO, A*STAR - Agency for Science, Technology and Research
Sujit Christy
Secretary/Immediate past president, ISC2- Colombo Chapter, Sri Lanka, President, Circulo de CISO
1:30 PM - 2:00 PM SGT
Spotlight: The Coming Quantum Storm: Why Cyber Leaders Must Act Now
As quantum machines edge closer to cracking widely used encryption standards like RSA and ECC, attackers are already launching "harvest now, decrypt later" campaigns, banking encrypted information to unlock once quantum power arrives.
Waiting is not an option: leaders must act today to accelerate post-quantum readiness, future-proof cryptography, and champion new approaches to cyber governance before the quantum storm hits. This session clarifies the technical landscape, regulatory imperatives, and urgent CISO actions essential for building quantum-resilient enterprises throughout Southeast Asia.
The session will discuss:
- “Harvest Now, Decrypt Later”: The Evolving Risk Model;
- Vulnerabilities of RSA, ECC, and other foundational protocols;
- Accelerating Post-Quantum Readiness: Practical Steps for the CISO.
Dr. Jassim Haji
Executive Advisor for AI & Data Science, NAIRDC
Mahesh Chandran
Director AI, Fujitsu Research
2:00 PM SGT onward
Closing Remarks
The Summit Experience
CPE Credits
ISMG Summits offer Continuing Professional Education Credits. Learn informative and engaging content created specifically for security professionals.