About DiCyFor Security Summit
With the current Cybersecurity landscape constantly evolving, security and risk leaders must become the interceptors, to secure their organisations digital systems. No longer focused solely on defence, the security organization must effectively, anticipate and manage security risks in pursuit of enterprise sustainability.
The DiCyFor Security Summit helps security practitioners and risk management leaders to continuously improve the responsiveness of security risk management & technology to achieve mission-critical objectives.
Join the summit to learn best practices and insights to bring back to your respective teams.
2025 SPEAKERS
.jpg)
.png)
EVENT HIGHLIGHTS
30+
SPEAKERS
250+
DELEGATES
10+
EXHIBITORS
∞
BUSINESS OPPORTUNITIES
Topics at a Glance
Have access to industry leaders providing key takeaways, specifically designed to help your security and risk management.
Each session has a particular area of focus to help you deliver on what matters most to you and your infosec teams.
Opening Panel Discussion: What does the cyber security climate look like for 2025?
In this insightful panel, leading cybersecurity experts will explore the rapidly evolving landscape of digital security heading into 2025. From emerging threats like advanced AI-driven attacks and quantum computing vulnerabilities to evolving defense strategies, the discussion will highlight the key trends and technologies shaping the future of cybersecurity. Experts will also examine the role of legislation, global cooperation, and the growing need for cybersecurity professionals to safeguard organizations in an increasingly interconnected world. Join us as we look ahead to the challenges and innovations that will define the cybersecurity climate of 2025.
Panellists:
Charmaine Valmonte CISO @ Aboitiz Equity Ventures
Carlos Tengkiat CISO @ RCBC
Denis Hollanda CTO @ PETNET Inc
Moderator: Albert P. Dela Cruz CISO @GoTyme Bank
Security Maturity – Measuring it, Benchmarking it, Using it
As the technology and its use get more advanced, so has the security around them. A suitable and practical quantifying mechanism is required to show and report the state and improvement of security. Is using just the most popular model the best option for you? Who determines the finishing line or milestone? Which benchmark are you measuring and comparing against? The ultimate goal of measuring, improving security lies in the ability to safeguard your assets and avoid losses, which in turn build your/your company’s reputation and confidence of your customers, partners and stakeholders. Security maturity could and should be used to your and your company’s advantage.
Jezreel Santos Head, Information Security Department & Data Protection Officer @ Sumisho Motor Finance Corporation
Strong, Stronger, Strongest: Mitigate Data Risk & Manage Sustainability with an Ironclad Data Sanitization Strategy
Data security threats and the increasing demands of technology are intensifying the challenges faced by businesses in the Philippines. At the same time, changes to the Data Privacy Act and sustainability requirements are making compliance more complicated. There’s a pressing need to build IT environments that are secure, compliant, and sustainable—but many organizations are undermining their efforts with inefficient IT asset disposal practices.
Our survey of IT leaders showed that organizations are spending millions of pesos each year on physically destroying drives in the name of data security. However, this approach often lacks both security and sustainability.
A software-based data sanitization strategy offers a solution that can protect end-of-life data and devices while providing better outcomes for the environment—thanks to the efficiency and scalability of modern software.
Join us as we discuss how to enhance your approach to asset and data disposal.
Nhorgeelen Narra Country Manager, Philippines @ Blancco
From Risk to Resilience: A Roadmap to Zero Trust
The Zero Trust approach to security has gained popularity in recent years in response
to the evolving cyber threat landscape. Do you know the origin of internet was
designed based on Trust, and fast forward internet took off in a big way with the
arrival of World wide web and browser technology. This idea of perimeter defence
served us well, and we trusted it. However, our network has become more porous,
and this defence is also less effective over time. What next? Will Zero trust be the
answer? There are questions revolving this and how can we plan for success to
achieve Zero Trust. I will share insights in this session on the ZT journey that I have
taken
Engr. Romeo M. Rosas II , CIO @ Commission on Filipinos Overseas
Security Beyond Silos with Continuous Threat Exposure Management
Security teams often struggle with fragmented tools, constant alerts, and conflicting priorities, which hinder their ability to effectively address critical threats. According to Gartner, by 2026, organizations adopting continuous threat exposure management will reduce breaches by two-thirds.
Join this session to learn how unified visibility, streamlined workflows, and automated threat management can enhance decision-making. You’ll discover best practices for improving team collaboration, optimizing security operations, aligning security objectives with business goals, and adopting a proactive, risk-based approach to cybersecurity.
Henry Ong, Senior Manager of Security Engineering, APJ @ Tenable
Beyond the Proxy: Simplifying Security Through SASE Transformation
As organizations accelerate digital transformation in the digital era, the complexity of managing a fragmented security stack increases cyber risk and operational inefficiencies. In this session, we will explore why a single, converged cloud-native security platform is essential for modern enterprises to simplify security architecture and strengthen security posture.
Discover how Cato SASE goes beyond the proxy by integrating networking and security into a single converged, cloud-native solution. Unlike proxy-based approaches that create blind spots and latency, Cato’s SASE architecture provides direct and secure access to applications, ensuring consistent protection and visibility across all traffic and users — no matter where they are.
Join us to learn how CIOs and CISOs can drive efficiency, improve ROI, and elevate their IT security strategy through a future-proof transformation that moves beyond the limitations of the proxy.
Lin Huang SE Team Lead, APAC @ Cato Networks
Panel Discussion: Cybersecurity and Risk Culture
Cover more ground with existing resources: Aligned with the current moody business outlook and tight security budgets, how do we develop the right risk culture within our organisations to operate in this tough environment.
Panellists:
Ericho Victorino CISO @ Petnet Inc.
Mark Frogoso FVP & CISO @ East West Banking Corporation
Marlon Sorongon CISO @ Maybank Philippines
Marlon Umali CISO @ City Savings Bank
Moderator: Anthony Garcia ICT Director @ Asian Institute of Management
Simplifying Security Through Platformization
All around us, digital transformation continues to accelerate. As we look back, the past few years have shown us how quickly changes happen — from industry dynamics to macroeconomics, all, in the midst of an increasingly fraught geopolitical environment. CISOs and security leaders are increasingly pressured to do more with less. Discover why consolidation is imperative for organizations as they embark on their cyber transformation journey, to simplify their security stack and reduce cyber risk.
Jonathan Pineda CISO @ Government Service Insurance System
Silent Sigma: Unraveling Iranian APT’s 0-Day Warfare and Covert C2
In a recent DFIR (Digital Forensics and Incident Response) investigation within critical information infrastructure in the Philippines, we encountered a sophisticated attack by an Iranian threat actor group involving 0-day malware, despite the presence of multiple security solutions. This case underscores several key lessons about why traditional detection methods failed and highlights the critical importance of behavior-based analysis in detecting emerging threats like 0-day malware, particularly through tools like Yara and Sigma rules. One of the key observations was the evolution of 0-day malware, utilizing web-based persistence techniques that bypass conventional security measures. This shift in attack strategies challenges traditional defenses and calls for more advanced detection mechanisms. Additionally, the investigation revealed how secure Command and Control (C2) servers were tracked, leading to the discovery of multiple weaponized 0-day exploits and malware strains. By analyzing artifacts from the attack, we were able to uncover further compromises, demonstrating the necessity of proactive, behavior-driven approaches in modern cyber defense. These findings emphasize the importance of adapting security strategies to detect and mitigate zero-day exploits and the evolving tactics of advanced threat actors. The integration of behavior-based analysis tools, such as Yara and Sigma rules, plays a crucial role in staying ahead of these ever-evolving threats.
Christopher Dio Chavez Chief Hacking and Defense Officer @ RADAR CyberField
2025 Sponsors
Reduce risk. Increase efficiency. Be sustainable . Blancco Technology Group, a carbon-neutral supplier, provides organizations with secure, compliant, and automated solutions that accelerate the transition to the circular economy. With more than 25 years of responding to customer needs and 40+ patented or patent-pending ideas, Blancco is the industry standard in data erasure and mobile lifecycle solutions. Our dedication to technological innovation empowers top-tier enterprises, IT asset disposition (ITAD) vendors, and mobile industry stakeholders to protect end-of-life data against unauthorized access, comply with data protection requirements, extend the useable life of IT assets, accelerate operations, and enhance the mobile customer experience. Read more about us at www.blancco.com.
Cato provides the world’s leading single-vendor SASE platform. Cato creates a seamless and elegant customer experience that effortlessly enables threat prevention, data protection, and timely incident detection and response. Using Cato, businesses
easily replace costly and rigid legacy infrastructure with a modern, zero-trust SASE architecture based on SD-WAN, a purpose-built global cloud network, and an embedded cloud-native security stack to secure and optimize their global hybrid
workforce and mission-critical applications and data on premises and in the cloud. With Cato, any organization can reap the full benefits of digital transformation and move at the speed of business. CatoNetworks.com @CatoNetworks.
Promon is a Norwegian firm specialising in App Hardening, with our solutions focusing largely on Runtime Application Self-Protection (RASP). The company works with a variety of global Tier 1 clients, counting customers in industries such as finance, gaming, health and the public sector. Promon’s technology originates from the internationally recognized research environments at SINTEF and the University of Oslo. Promon’s patented deep protection technology Promon SHIELDTM, has protected apps and applications used by more than1Billion users. Promon AS is a Norwegian limited company registered in 2006, with offices in Hong Kong, Germany, the UK, the US and India.
Tenable is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for approximately 44,000 customers around the globe. Learn more at tenable.com.
Venue
Grand Hyatt Manila, 8th Avenue corner 35th Street, Bonifacio Global City, Taguig City, Manila
