MAR. 19 – 21

Taipei International Convention Center
Taipei World Trade Center Hall 1, 2F

Mar. 19(Tue)
10:05 - 10:10
Opening Remark
  • 3月19日
  • 10:05
  • TICC 3F Plenary Hall

Keynote Speaker

President Tsai
12:10 - 13:15
Visit the Booth | Interaction

Technology Briefing

13:15 - 13:45
Identify the entry point for hackers
  • Mar. 19
  • 13:15
  • 201 AF

Vulnerability – one of the major entry points of hacker. "Vulnerability Management" has been in place for a lot of organization for decades, but why there are still security breaches? Does the vulnerability management approach we are using today really effective?

From servers, end point to mobile workforce, security team now also need to manage modern type of assets, such as Cloud, containers and IoT, amount of vulnerabilities they need to manage is growing exponentially, how should we react to all of these?

Based on vulnerability data with third-party vulnerability, threat data and analyzes them together with the advanced data science algorithm developed by Tenable Research. The data science algorithm analyzes over 100,000 vulnerabilities using machine learning to anticipate the probability of a vulnerability being leveraged by threat actors and differentiate between real and theoretical risks. And we found that in 2017, public exploits were available for 7 % of all vulnerabilities, meaning that 93 % of all vulnerabilities posed only theoretical risk.

Through CyberSec 2019, we like to share our research results with you, together with various vulnerability management model, we hope that various organization can build an effective vulnerability management model and catch those most important 7 % vulnerabilities.

  • Vulnerability Management
  • Compliance
  • Threat Intelligence


Disney Cheng (Disney Hok Fai Cheng)
Solution Architect – APAC, Tenable Inc.
The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense
  • Mar. 19
  • 13:15
  • TICC 3F Plenary Hall

The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense 

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. A fundamentally new approach to cyber defense is needed to detect and investigate these threats that are already inside the network - before they turn into a full-blown crisis. 

Based on unsupervised machine learning and probabilistic mathematics developed by specialists from the University of Cambridge, new ‘immune system’ technologies are capable of learning the ‘self’ of an organization. By analyzing every network, device, and user, and modeling them as they go about their day-to-day activity, the Enterprise Immune System can establish a highly accurate understanding of normal behavior. It can therefore spot abnormal activity as it emerges, and even take precise, measured actions to automatically curb the threat. 

Rules and signatures are not keeping pace with today’s rapidly evolving cyber attacks. The Enterprise Immune System represents a fundamental step-change in automated cyber defense,  is relied upon by organizations around the world, and can cover up to millions of devices.  

In this session, learn: 
•    How new machine learning and mathematics are automating advanced cyber defense 
•    Why 100% network visibility allows you to detect threats as they happen, or before they happen
•    How smart prioritization and visualization of threats allows for better resource allocation and lower risk 
•    Real-world examples of unknown threats detected by ‘immune system’ technology

  • Network Security
  • Threat Intelligence
  • Incident Response


Tingyi Wang
Cyber Security Account Manager, Darktrace
14:05 - 14:35
14:55 - 15:25
Cyber Threat Intelligence Sharing and Blocking
  • Mar. 19
  • 14:55
  • 201 DE

Looking back at 2018, the ceaseless global information leaking incidents had happened to large internet service providers, international financial institutions, big airlines and government institutions, etc. These companies have one thing in common: the scale of their investment in information protection is larger than regular corporates and institutions and they are mostly already equipped with layered infosec devices such as next-generation firewall (NGFW), intrusion prevention system (IPS), web application firewall, antivirus wall, and Anti-APT. Yet unfortunately, tragedies of personal information leakage still happened. 

It is as if no matter how you strengthen your defense with high-end infosec devices, hackers are still able to intrude your place.  

Passive surveillance mechanism, which serves like front ramparts, is not sufficient to ward off intrusions from hackers. So experts have proposed a new idea: to block threats before they’re still in development. And the key for this lies in “Threat Intelligence Blocking”, which utilizes accurate information of global threats. It’s like being protected by many satellites and ground radars. Through building a densely woven information reporting network, when a missile (infosec threat) is present, it will be detected and terminated way before it reaches your domain. This not only lessens the burden of domestic inspection, but also greatly improves protection.  

In this presentation, the NETSCOUT Arbor security expert will 
-    give you a detail analysis about the underlying security problems you are now facing 
-    introduce the best solution which can block both inbound and outbound malicious traffic
-    show you how the unique intelligence can help to detect advanced threats

  • DDoS
  • Hackers & Threats
  • Advanced Threat Protection


Tony Teo
SE Director, APAC, NETSCOUT Arbor
16:15 - 16:45
17:05 - 17:35
Mar. 20(Wed)
12:00 - 13:10
Visit the Booth | Interaction

Technology Briefing

13:10 - 13:40
Cyber Insurance - what do you need to know?
  • Mar. 20
  • 13:10
  • 102

Successful business model throughout Asia focus on evolving technologies, such as cloud computing, social media and big data analytics to increase sales, maximize efficiency and reduce expenses. Meanwhile, the array of threats to cyber security continues to grow and evolve. The legal exposure, reputational harm and business interruptions that may wreak havoc on an organization’s bottom line. In the U.S., cyber insurance is a hot topic and almost 90% of high tech companies already adopted cyber insurance. Quantifying and transferring the financial loss of cyber impact is essential to enterprises; therefore, most consider cyber insurance is a part of internal cyber security governance.

To provide cyber total solutions, Aon align with Stroz Friedberg and Gotham Digital Science help your organization seek and shield cyber security risk and recover from the cyber incident. 12 significant cyber claims out of global top 20 cyber incidents response experience, Aon’s professionals assist to reduce risk and help you negotiate cyber coverage in what is a complex and developing area of insurance. In APAC, Aon client portfolio also cover hotels, aviation, financial institutions and high-tech companies, and have experience to assist client to handle cyber claims. Aon as market pioneer, we will share:

1.Cyber insurance global market trend.
2.Why international enterprise buy cyber insurance?
3.What should you do while facing a cyber incident? Claim practice sharing.
4.How to customize risk management plan by using Aon Cyber Solutions. 

  • Cyber Insurance
  • Risk Management
  • Cyber Resilience
  • Cyber Criminal


Ling Yu
Director, Financial Services & Professions Group, Aon Taiwan Ltd
14:00 - 14:30
Isolation: It's Not Always a Bad Thing
  • Mar. 20
  • 14:00
  • 201 DE

The internet offers a lot of benefits: You can buy almost anything on Amazon and reconnect with old friends and family members through social media.
But, as we all know, the web provides significant security challenges. The threat of phishing, ransomware and other malicious attacks from uncategorized URLs, websites and email is ever-present. 
In order to mitigate these risks, threat isolation strategies have become an innovative way to help agencies fight the efforts of bad actors. These technologies can help agencies keep systems secure, protecting devices, networks and the growing number of web-connected technologies, which have dramatically expanded the traditional boundary.
As background, threat isolation executes web sessions away from endpoints, sending only safe rendering information to users’ browsers thereby preventing any website delivered zero-day malware from reaching devices. It is an emerging technology nowadays, we will discuss how these technologies have evolved and, more importantly, how they can be brought into today’s security environment.
The session will share:
•    The benefits of an isolation strategy and its role in an integrated cyber defense platform
•    How to give privileged users extra protection from web-based threats
•    How threat isolation reduces the inherent risk of messaging and web applications to give IT administrators greater control

  • Web Security
  • Network Security
  • Phishing


Dragon Chang
Principal System Engineer, Symantec Taiwan


Albert Tsao
Principal System Engineer, Symantec Taiwan
14:50 - 15:20
16:10 - 16:40
After the WannaCry crisis, how can the network security strategies remain the same?
  • Mar. 20
  • 16:10
  • 201 BC

In the past two years, many well-known multi-national companies and important organizations have been hit hard by WannaCry. Undoubtedly, the victim units are already equipped with considerable information security defense forces. This makes us wonder whether the current security defense strategies need to be reviewed. 

Tracing to its source, the two points should be the key: 

1.Inability to protect end points from malware infection. 

The malware can reach a PC through a TLS/SSL file download link, which is an encrypted phishing URL. Alternatively, it can be an internal attack that takes place when an infected device connects to intranet or through USB injection.

2.Inability to detect the spreading of malware:

Spreading behavior, usually called lateral movement, cannot be detected by the security devices. It is because the place where spreading occurs is just the dark side of the network which is not monitored.

For the challenges above, should we have to modify our network security strategies?

Zenya has the solution to implement a practical strategy. To provide pervasive visibility to enlighten the dark zones by using PacketX so that help security devices to detect malware spreading. Moreover, we need to protect the network without checking content which is usually encrypted while decryption cannot work all the time. Thus, Zenya suggests to use PacketX and Silicom to build the most efficient zero-downtime perimeter defense that can block the millions of threaten IPs/domains provided by ISACs or intelligence vendors.

  • Network Security
  • Threat Intelligence
  • Network Visibility


Bryan Huang
Co-Funder, Zenya Technology Co., Ltd.


Tony Wang
CTO, PacketX Technology
Mar. 21(Thu)

Technology Briefing

Mar. 21
Visit the Booth | Interaction
Mar. 21
Mar. 21
Mar. 21
Mar. 21
Mar. 21
Using Secure File Transfer To Protect Creative Assets
  • Mar. 21
  • 16:10
  • 201 DE

Simpler Sharing for Secure Collaboration:
Broaden the adoption of MOVEit across your end-users to extend its security, management control and traceability features to collaboration and ad hoc file sharing of sensitive data. Let users create their own secure shared folders for collaboration with anyone.
Users can extend MOVEit file transfer capabilities to anyone while administrators maintain full control over permissions and audit logs. A simple user interface is provided to manage permissions for any folder user. This gives MOVEit customers a simple, secure and cost-effective way to reduce the potential for unauthorized disclosure of sensitive data that is inherent in ‘shadow IT’ implementations of cloud-based file sharing systems, EFSS systems or email.

Flexible Deployment and Access Options:
A broad range of client options support mobile, web and Outlook access. A free MOVEit Client is also available for simple drag & drop desktop transfers from Windows or MacOS devices. MOVEit Transfer’s flexible architecture supports scalability or availability demands with a web farm implementation. Domain-based or username-based mutli-tenancy configurations are also supported. User access can be securely controlled via Multi-Factor authentication.  MOVEit Transfer also supports Secure Folder Sharing, making it simple for internal and external users to securely and easily collaborate while maintaining a complete audit trail.

•    Simple and secure collaboration between internal and external end-users
•    Low administrative overhead with user self-service
•    Full logging and audit trail of all sharing activities
•    Superior security compared to consumer-grade EFSS and email

  • Data Security
  • Governance Risk Compliance


Ethan Lin
Ipswitch’s Greater China Region (GCR) Technical Director, Ipswitch
Mar. 21