CISO Philippines schedule

During this 5-minute networking session, the aim of the game is to go and meet three people you don't already know. Use the questions on the screen to guide your conversation. Have fun!

• How digital complexity is outpacing traditional visibility and control methods
• Using AI and automation to detect, prioritise, and respond to threats in real time
• Building continuous attack surface management into your security operations strategy

As technology continues to evolve at a rapid pace, the demand for robust cybersecurity and digital resilience has never been greater.

Join Fastly in this session as we explore how leading organizations are confronting today’s most pressing cybersecurity challenges, the emerging trends shaping the industry’s future, and the best practices that can help businesses stay secure in an increasingly complex digital landscape.

• The National Cybersecurity Plan 2023–2028 is redefining the CISO mandate — from technical compliance to national resilience leadership
• Boardroom expectations are shifting: CISOs must now speak the language of risk, brand, and business continuity
• How leading security executives in the Philippines are balancing immediate threats with long-term transformation goals

Moderator

Sam Jacoba Strategic Communications Lead ASEAN Japan Cybersecurity Community Alliance (AJCCA)

Panellist

Marlon Sorongon CISO Maybank Philippines

Suresh Sankaran Srinivasan Group Head – Cyber Security & Privacy Axiata

Col. Francel Padilla Spokesperson Armed Force of the Philippines

Arlene Romasanta Director IV and CIO Department of Environment and Natural Resources (DENR)

• Key principles for architecting secure, scalable environments across cloud, hybrid, and edge
• How to embed resilience and agility without compromising speed or user experience
• Real-world approaches to modernising legacy infrastructure while preparing for future threats

Panellists
Aldrine Villanueva Group ICT Head, CISO & CDPO Torre Lorenzo Development Corporation

Alexander Ramos Senior Cyber Security Advisor Department of ICT

Jomil Mission Head of Infrastructure Oona Insurance

Steffen Minkmar Head, IT Risk and IT Resilience Asian Development Bank (ADB)

Despite advancements in cyber security tools, human error remains the leading cause of breaches, with phishing attacks, insider threats, and credential misuse continuing to dominate the threat landscape. Independent research highlight 68% of cyber incidents stem from human error, reinforcing Mimecast’s human-risk research revealing that almost 10% of employees account for 80% of security incidents.

This session will explore the factors contributing to user vulnerabilities that lead to certain individuals being classed as high-risk.

You will gain insights into measuring user risk effectively and implementing tailored strategies to enhance cyber security across their organisations. My session will also highlight how a personalised and adaptive security approach can provide customised security measures for each user. By focusing on these high-risk individuals, organisations can safeguard their workforce while maintaining operational productivity.

• What is agentic AI, and how is it being deployed in enterprise settings today?
• Threat scenarios: prompt injection, goal hijacking, model manipulation
• How to enforce guardrails, oversight, and reversibility in autonomous agents

• Breaking down the core principles of Zero Trust and what it actually looks like in practice
• Common roadblocks in implementation and how leading organisations are overcoming them
• Mapping Zero Trust to Philippine enterprise and government environments

• Turning policy into practice through behaviour, incentives, and leadership modelling
• How to embed security ownership across departments, not just in IT
• Lessons from leaders driving organisation-wide change in mindset and accountability

Speakers:

Irene M. Camacho CISO Healthway Medical Network

Dr Mary Joy Abueg Vice President National ICT Confederation of the Philippines

• Introduction to AI in Identity Security: Discuss the integration of artificial intelligence and machine learning in identity governance and administration, highlighting how these technologies enhance threat detection and response.
• Overview of Saviynt's Intelligence Suite: Present Saviynt's latest AI-powered Intelligence Suite, emphasizing its capabilities in providing intelligent recommendations and analytics for identity security.
• Addressing Third-Party Access with a Converged Identity Platform: Explore how Saviynt's converged identity platform secures third-party access, mitigating risks associated with external users, contractors, and partners. Highlight features that streamline provisioning, enforce least-privilege access, and monitor third-party activities in real time.
• Case Studies and Real-World Applications: Share success stories and practical examples of organizations that have implemented AI-driven identity security solutions to strengthen their cyber resilience.
• Future Trends in Identity Security: Explore the evolving landscape of identity security, including the management of machine identities and the challenges posed by emerging technologies.

• How leading teams coordinate across security, legal, comms, and business during an active breach
• What real-world playbooks reveal about decision-making, escalation, and containment
• Turning crisis into resilience through post-incident learning and tabletop exercises

• Turning NCSP objectives into operational reality through regular simulation and testing
• Designing effective cyber exercises across departments, partners, and national sectors
• Measuring readiness, response time, and coordination under real-world pressure

• How convergence between IT and OT environments is expanding the threat landscape
• Best practices for safeguarding legacy systems while integrating modern controls
• Building resilience across critical sectors like energy, water, transport, and telecom

Speakers:

Gen Macalinao Security GRC – OT AboitizPower

As the evolving threat environment demands a shift to proactive, data-centric security, traditional perimeter defences no longer suffice. Understanding data context is critical.  

This session explores how data intelligence can empower cyber resilience, and why collaboration between data and security teams, underpinned by shared visibility, is key to staying ahead in an increasingly complex environment. 

• How leading organisations are implementing Zero Trust across hybrid and multi-cloud environments
• Breaking down real-world playbooks: identity, segmentation, continuous verification
• Overcoming resistance, complexity, and legacy system limitations on the path to Zero Trust

• Core capabilities and tools needed to shift from reactive to proactive detection
• How to prioritise hunting targets based on business risk and threat intelligence
• Integrating threat hunting with SOC workflows and incident response

• How to manage internal and public confidence after a major incident
• Communicating transparently with regulators, customers, and the board
• Turning a breach into a catalyst for stronger cyber posture and culture

Panellist

Marlon Sorongon CISO Maybank Philippines

Elizalde Duran Chief, Center for Cybersecurity & Safety National Police College

Gen Macalinao Security GRC – OT AboitizPower

Robert Sanchez Paguia Division Chief (International Cooperation on Cybercrime) & Data Protection Officer Cybercrime Investigation and Coordinating Center