-
Main Conference
-
08:20
Register; grab a coffee. Mix, mingle and say hello to peers old and new.
-
09:00
Welcome remarks by Corinium & Chair’s opening remarks
-
09:10
SPEED NETWORKING – Making new connections!
During this 5-minute networking session, the aim of the game is to go and meet three people you don't already know. Use the questions on the screen to guide your conversation. Have fun!
-
09:15
Opening Keynote
AI, Autonomy, and the New Cyber Battleground: What CISOs Must Prepare ForYaron Slutzky - CISO - Agoda
- Understanding the shift to AI-powered threats and autonomous attacks
- How AI can strengthen real-time threat detection and incident response
- What CISOs must prioritise to stay resilient in 2026 and beyond
-
09:40
Secure by Design: Building Resilient, Digital-Native Security Architectures
- Key principles for architecting secure, scalable environments across cloud, hybrid, and edge
- How to embed resilience and agility without compromising speed or user experience
- Real-world approaches to modernising legacy infrastructure while preparing for future threats
-
10:05
C-Suite Panel
Achieving Meaningful Outcomes from Cyber InitiativesClosing the gap between vision and execution remains one of the biggest hurdles for today’s cyber leaders. From aligning stakeholders to building realistic delivery pathways and identifying the indicators that truly matter, this session focuses on making cyber programs tangible, achievable, and outcome-driven.
- What typically derails the journey from cyber strategy to delivery, and how can leaders navigate around these barriers?
- How can you secure organisation-wide commitment so programs move beyond intention and into action?
- When cyber uplift actually takes hold, what are the critical enablers that create meaningful, long-term impact?
Moderator:
Mar Apuhin CISO GT Capital Holdings
Panellists:Glenn William S. Alcala CISO Reyes Tacandong & Co
Chistian Oliver Dy CIO AC Logistics
Irene M. Camacho CISO Healthway Medical Network
Yaron Slutzky CISO Agoda
-
10:40
Morning coffee & networking
-
11:10
Panel Discussion
Cyber Risk in a Borderless World: Managing Geopolitics, AI Threats & Critical InfrastructureCyber risk is increasingly shaped by geopolitical tensions, state-sponsored attacks, and AI-enabled threats. This panel brings together cyber leaders to examine how organisations are strengthening resilience against interconnected risks that span cyber, infrastructure, and national security.
What you’ll gain:
- How geopolitical tensions are driving state-sponsored cyber attacks
- Managing rising AI-enabled threats (fraud, deepfakes, automated attacks)
- Protecting critical infrastructure and essential services from disruption
- Strengthening cyber resilience beyond traditional IT boundaries
- Aligning cyber strategy with enterprise risk and business continuity
Moderator:
Jeia Tirante Head of Non-Financial Risk ING Hubs Philippines
Panellists:
Devendra Pratap Singh CIO Atlantic, Gulf & Pacific Company
Steffen Minkmar Deputy CISO Asian Development Bank (ADB)
Marlon Sorongon CISO Maybank Philippines
Mark Anthony Santiago Head of IT Risk Management UnionDigital Bank
-
11:45
Resilience Planning: From Incident Response to Cyber Insurance
- Senior representative - Fastly
- Building effective incident response plans tailored to today’s threat landscape
- Using tabletop exercises to validate readiness and improve cross-functional coordination
- Exploring the role of cyber insurance as part of a broader resilience strategy
-
12:10
Building GenAI Applications Securely: Practical Strategies for Modern Enterprises
Jed Kenley Chua - CISO - Asia United Bank
- Design secure GenAI architectures with isolation, controlled data access, and safe integrations (APIs, RAG, vector DBs)
- Protect sensitive data through minimization, encryption, governance, and alignment with Philippines data protection policy
- Mitigate GenAI‑specific threats such as prompt injection, model poisoning, and hallucination risks with monitoring and AI governance
-
12:35
Data Termination: The Final Defense in a Robust Cybersecurity Strategy
- Senior representative - Blancco
There’s a key defense that organizations often overlook: eradicating data permanently and decisively—and as soon as it’s no longer needed.
Drawing on industry research, best practices, and case studies, we’ll explore why enterprises must address end-of-life data more efficiently and precisely than ever before. We’ll also look at how to target regulated data within traditional endpoints (including remote workplaces), live environments (onsite or in the cloud) and decommissioned IT assets (loose drives and devices).
Session takeaways include:
- How to securely remove sensitive remotely home and on-prem
- The drawbacks of physical destruction for end-of-life assets
- Why reformatting, data deletion, and other data destruction methods are unacceptable approaches
- Best practices for automation and integration, whether to target live data or protect decommissioned assets against unauthorized data access
-
13:00
Lunch & networking
-
TRACK A: CYBER SECURITY UPLIFT
-
14:00
Global Spin-Off and Zero Trust Rollout under Budget Constraints.
Jon David Frilles - Regional Lead - Network Services - Kenvue
- Navigating IT/OT convergence in legacy-heavy, regulated environments
- Lessons from Kenvue’s global spin-off and scaling security across 14 markets
- Embedding Zero Trust and cybersecurity into fast-paced transformation under budget constraints
-
14:25
AI-Powered Cyber security as an Innovation Enabler
- Senior representative - Abnormal Security
- Showcasing how AI-driven cyber security enhances business resilience, operational efficiency, and customer trust
- Translating AI-powered security insights and threat intelligence into business-relevant outcomes for executive stakeholders
- Aligning AI-led security investments with enterprise-wide digital transformation and innovation strategies
-
14:50
Fireside Chat
Zero Trust in Action: From Strategy to Real-World Implementation- How leading organisations are implementing Zero Trust across hybrid and multi-cloud environments
- Breaking down real-world playbooks: identity, segmentation, continuous verification
- Overcoming resistance, complexity, and legacy system limitations on the path to Zero Trust
Speakers:
Leonardo Sacamos Jr CIO FAST Logistics Group
Arnaldo Torrevillas IS Risk and Compliance Philippines Airlines
-
15:15
Cyber Leadership: What Should We Be Preparing For?
- AI-driven threats, deepfakes, and cyber-enabled misinformation are forcing organisations to rethink governance, trust, and human oversight in security operations
- As critical infrastructure and digital ecosystems become more connected, cyber leaders must strengthen resilience across cloud, OT, third-party, and legacy environments
- The role of the CISO is evolving from technical operator to strategic business leader responsible for resilience, workforce readiness, and navigating constant disruption
-
TRACK B: EMERGING RISKS
-
14:00
Architecting Compliance: Embedding GRC into Security Architecture
Marjorie Gavin - Cybersecurity Compliance Head - PJ Lhuillier Group of Companies
- Designing security architectures that account for compliance from the ground up
- Mapping risk appetite to architecture decisions for better resilience
- Avoiding “bolt-on compliance” by embedding controls directly into systems and workflows
- Balancing employee and customer experience with regulatory requirements in architecture choices
- Case studies: how organisations align security-by-design with regulatory compliance
-
14:25
Cloud Security in the Age of Digital Warfare
Exploring how cyberwarfare-style threats are reshaping cloud security, and what CISOs must do to build resilient, threat-informed cloud environments using CSA-aligned frameworks.
-
14:50
Fireside Chat
When Downtime Becomes a Cyber Weapon: Securing Critical Infrastructure in a Connected Era- Understanding the unique cyber risk profile of critical infrastructure – why IT/OT convergence, legacy systems, and national dependency make these environments high-impact targets
- Building operational resilience where safety, uptime, and security intersect – rethinking incident response, recovery, and decision-making when cyber incidents can disrupt essential services
- Strengthening ecosystem collaboration – how operators, regulators, and technology partners can work together to uplift resilience across Philippines’s critical infrastructure landscape
Speakers:
Gen Macalinao Security GRC – OT AboitizPower
Gabriel Tuason Head, Information Security Energy Development Corporation
-
15:15
You Can’t Ban Your Way Out of Shadow AI
Shadow AI is not just a governance problem or a technology problem. It is a secure behaviour problem. Employees turn to unsanctioned AI when approved paths feel slower, harder, or less useful. This session explores what that reveals about security culture, when people hide risk versus surface it, and how leaders can make secure AI use the easier choice in the flow of work.
-
15:40
Afternoon coffee & networking
-
16:10
Advancing Responsible Innovation While Protecting and Empowering
Arvan Bautista - Director Information Security - Manulife
- How can organisations drive responsible innovation while embedding safeguards that protect people and systems?
- What practical steps ensure AI-enabled security tools remain fair, transparent, and free from harmful bias?
- How can privacy and data rights be built into security frameworks without slowing down innovation cycles?
- Where must leaders take clear accountability as new technologies introduce emerging risks and ethical considerations?
-
16:35
Panel Discussion
Humans vs Machines? Rethinking Cybersecurity in the Age of AIAI is reshaping cybersecurity on both sides of the battlefield. It is powering more sophisticated attacks while enabling smarter defences. But where do humans fit in? This session unpacks how organisations are redefining the “human-in-the-loop” to stay resilient in an AI-driven threat landscape.
What you’ll gain:
- How AI is transforming threat detection, response, and fraud prevention
- Insights into AI-enabled attacks (deepfakes, automation, advanced phishing)
- Where human expertise still outperforms AI in cyber defence
- Strategies to upskill cyber teams for an AI-augmented future
- How to address talent anxiety and job displacement concerns
Moderator:
Ricson Singson Que IT Security Manager De La Salle – College of St Benilde
Panellists:
Wendel Calaguas CIO ATRAM Group
Enrique Ibañez CIO Liberty Commercial Center
-
17:10
Closing Remarks by the Chair
-
17:15
CISO Philippines Networking & Drinks Reception
-
18:00
Close of CISO Philippines 2025
Not Found