Cloud Security Singapore schedule

AI is changing how software is built, reviewed, and shipped. While it helps development teams move faster, it also introduces new risks - from AI-generated insecure code to vulnerable open-source components and limited visibility across the software lifecycle.

This session explores why modern AppSec must move closer to code creation, not wait until production or runtime. It will highlight how enterprises can prevent risk earlier, validate every change continuously, and remediate vulnerabilities before they become business exposure.

The discussion will also cover the role of governance in the AI era - and why organisations need a unified AppSec approach that combines automation, visibility, prioritisation, and developer-friendly remediation from code to cloud.

• How are organisations currently leveraging AI to enhance cloud risk management and detect emerging threats?
• What steps should security leaders take to effectively govern AI integrations across business-critical cloud platforms?
• Which skills, operating models, and cultural changes are most critical for supporting AI-enabled cloud security?
• What common readiness gaps do organisations face, and how are leading companies addressing them successfully?

Speakers
Dr. Raja Selvaraj Senior Principal Cyber Security Consultant
Cloud and Container Security Standard Chartered
Shilpa Sawant Vice President - Cyber Security Sumitomo Mitsui Banking Corporation
Shian Hui Yah Lead Enterprise Architect StarHub 

• Explore strategies for enforcing organisational security and compliance policies with third-party AI and cloud providers
• Understand the challenges of monitoring, auditing, and controlling external services in regulated environments
• Best practices for risk assessment, contractual controls, and vendor oversight
• Learn how to integrate external service governance into broader cloud security and AI governance frameworks

• How can organisations build scalable cloud landing zones and guardrails without slowing delivery?
• What does zero trust look like in cloud-native architectures, and how can it be embedded from day one?
• How can teams balance DevOps speed with consistent, policy-driven security controls? 

• How can organisations design effective incident response for multi-cloud environments?
• How can AI and automation be leveraged to detect, respond, and recover faster?
• How can teams prepare for cloud-specific breaches, misconfigurations, or insider threats?
• What lessons can be learned from high-profile cloud incidents?

Speakers
Frankie Shuai VP of Information Security Bitdeer
Alex Khaerov Director, Cloud Foundation, GT Engineering Prudential Services Singapore
Jung Chan Cloud Engineer SC Ventures

• Explore how AI can improve visibility across dynamic and multi-cloud environments
• Automate detection, alerting, and response to reduce manual workloads and accelerate remediation
• Use AI to identify anomalous behaviour, emerging threats, and misconfigurations in real time
• Understand the practical benefits and limitations of AI-powered cloud security tools 

• Explore real-world breaches caused by vulnerabilities in interconnected cloud services

• Understand strategies to assess, monitor, and mitigate third-party and supply chain risks
• Learn how to implement governance, contractual controls, and continuous monitoring for external partners
• Strengthen organisational resilience against multi-party threats while maintaining operational efficiency

• Explore strategies for protecting privileged accounts and high-risk credentials in cloud environments
• Implement just-in-time access and session monitoring for sensitive operations
• Use automation and analytics to detect misuse or anomalous privileged activity
• Align privileged access controls with compliance and risk management requirements 

• How has cloud resilience shifted from a technical concern to a board-level priority?
• How can cloud security initiatives be aligned with executive goals around continuity, risk management, and regulatory accountability?
• How do leaders translate technical security controls into outcomes executives actually care about?
• What does “resilience by design” look like in modern cloud architectures?
• How should security and technology leaders communicate cloud risk and readiness to the C-suite and board?

The Scenario: To be announced on the day

In this interactive session, participants will be presented with a real-world cloud security scenario and asked to work in small groups to assess the risk and develop a practical response strategy.

Each group will consider technical, operational, and organisational impacts before agreeing on a mitigation approach. The exercise reflects real-world decision-making under pressure, uncertainty, and competing priorities.

Groups will then share their findings with the wider audience, enabling comparison

of approaches and encouraging discussion around different risk perspectives and response strategies.

Session Format

Part 1: Group Work (30 minutes)

• Participants will break into small groups (4–6 people per group) to:

• Analyse the scenario and identify key risks or vulnerabilities

• Define immediate containment and response actions

• Consider longer-term remediation and resilience measures

• Highlight any governance, compliance, or communication challenges

• Agree on a clear group response to present back

Part 2: Group Sharing (15 minutes)

Each group will briefly present:

• Their interpretation of the core issue

• Their proposed response strategy

• Key trade-offs or challenges they identified