Program Catalog
Browse sessions and workshops using the filtering options below.
For the first time ever, ISACA is bringing you three days of worldwide IS/IT knowledge in three different regions.
All the world-class audit, governance, privacy, cybersecurity and emerging technology content you have come to expect. The tools to become a digital trust champion. The knowledge to position your organization as a digital trust thought leader. Together in one event.
Asia Pacific Oceania | Hosted in UTC +10
8:45–9:15 Conference Kickoff (optional)
9:30–10:45 Opening Keynote
11:00–13:15 Concurrent Sessions
13:15–13:45 Lunch
13:45–14:45 Concurrent Sessions
15:00–16:00 Closing General Session Panel
Browse sessions and workshops using the filtering options below.
Join us each morning at 8:45 am (to the specific region) before our Keynote takes the stage for a special Conference Kickoff that will leave you with an understanding of the following:
Access this event from the Main Stage or Networking Lounge and don’t miss out on this opportunity to ask all your questions ahead of time. This session will not offer CPE and is not required.
Audit in the Age of Disruption/Auditing Emerging Technologies
Audit has been around for ages now, with one exception being the evolving dynamics of what is being audited and how quickly the landscape is changing. Auditors no longer have the luxury of coming in to conduct audits after the fact or for that matter, even human audits may become ineffective considering the quantum of data that is generated and the speed at which things change.
Things get even more complicated when you add the opacity or lack of visibility into the inner workings of what is being audited that is a reality when it comes to auditing things like Artificial intelligence(AI) and machine learning(ML), quantum computing and whatever is emerging out there. Shift left thinking is required to better leverage audits from a strategic perspective and use the power of audits to better integrate emerging technologies into the enterprise landscape rather than to use audits to correct or fix things. This means, audit as a process will need to engage much earlier in the pipeline of technology adoption. There is also an urgent need to change the terms of this engagement. The session will present ideas on how to leverage audit as a tool for effective integration of emerging technologies into the enterprise. Audit paradigms such as audit independence and line of defense thinking will be relooked at to understand what changes may be required in the context of emerging technologies and the disruption they bring. We will explore shifts required across areas such people, organizational structures and enterprise strategies related to emerging technologies and audit and their intersection.
After completing this session, the participant will be able to:
Operational Technology (OT) has been with us for a long time, deeply rooted in our everyday lives. As you sleep and work, whether at home or in the office, the heating, ventilation, and air-conditioning are OT. The elevators and escalators you use to ascend or descend buildings and train platforms are OT. Your automobile, the bus you took, the train you took is OT. The traffic lights and signaling systems, the power that generates almost every piece of equipment around us operate using OT. OT equipment wasn’t built with the intent to operate in Industry 4.0. It was insecure by design because security relies heavily on such legacy equipment operating in enclosed networks, without exposing themselves to hacking from the outside world. I will share the nuances of an increasingly complex cyber-physical world, the pivotal importance of cyber resilience, and what we can all do to tip the asymmetry of complex attacks by our collective defenses.
After completing this session, the participant will be able to:
Enterprises, Business and Governments around the world are aware of the potential benefits and risks of AI. There is a growing consensus that regulations are needed to ensure that AI is used responsibly. This powerful technology has the potential to be a great boon to society, but it also has the potential to be a curse.
Where data accuracy, protection, and control come together, Privacy issues sit at the forefront of online activity, business actions, and government decisions. This is largely in response to the breaches, scandals, and personal data leaks that have eroded confidence in technology and information systems. Trust and Security plays a vital in the future of AI.
After completing this session, the participant will be able to:
In this age of emerging technology and digital transformation a mature, effective, and efficient risk management program is needed more than ever. The question is what are the components of a risk program and who is responsible for risk? Who is responsible to identify, assess, and respond to risk? This session will cover the basic components of risk and the relevant stakeholders who should be involved in the building and maintenance of the program.
After completing this session, the participant will be able to:
This session explores how individuals measure privacy and how and why this has changed over time, the privacy perceived role of government; the good, bad and ugly of corporate privacy practices; how we can qualitatively and quantitatively value privacy; and the role ethics and digital trust frameworks in enhancing privacy.
After completing this session, the participant will be able to:
In the dynamic landscape of technological advancements, Artificial Intelligence (AI) has emerged as a powerful tool with vast business potential.
This talk emphasizes the establishment of an effective AI governance framework that integrates cybersecurity principles and digital trust mechanisms. It delves into the key components of a secure AI governance framework, including Responsible AI policy, responsible AI risk assessment, privacy protection, AI project life cycle management, data governance and security. The talk also explores how security teams can actively contribute to the development and implementation of AI governance policies to ensure the secure deployment and operation of AI technologies.
After completing this session, the participant will be able to:
Explore how to govern Generative AI, striking a balance between innovation and responsiblity. Delve into ethical principle, data privacy, legal compliance and engagement.
After completing this session, the participant will be able to:
AI is shaping our future! It is shaping how we work and what the world of work will be like in the future, particularly in the technology and security spaces. Further, we live in a time when people believe that digitisation is the great leveler of opportunity for all. But this is not the truth at all. Wholesale digitisation and the rollout of AI come with its own risks and costs that we must be aware of.
We find ourselves in a world where the future is being shaped by technology, which could contribute to transforming social norms, such as giving a voice to the voiceless, which is laudable. We also find in that world that there is a perpetuation of algorithmic biases based on race and gender, which is something we all should be concerned about.
Jo Stewart-Rattray, who returned from the United Nations earlier this year, has brought a deeper learning and understanding of how we can all work together in security, technology and privacy to overcome some of these biases and create safe spaces for individuals to interact. This is an exciting topic with interesting light bulb moments filled with startling stats. Jo herself, as a committed technologist and security professional, found some of the learnings she came away with to be confronting.
After completing this session, the participant will be able to:
On August 12, the world’s largest democracy passed its landmark comprehensive privacy law. That country is India, and its law is the Digital Personal Data Protection Act. India is also the most significant country in the world for business process outsourcing. So, what does the DPDPA mean for international businesses, and how does it measure up with other data laws globally? What are the similarities and differences in obligations? What do the terms “data fiduciary” and “significant data fiduciary” mean? How does the law deal with cross-border transfers of data? In this session, we will examine India’s new privacy regime and discuss its impact on enterprises with operations in or that involve India.
After completing this session, the participant will be able to:
Benefits and Risks of AI Panel Discussion – Asia/Pacific
What are the benefits and risks of AI? Is it dangerous? Are there biases? Close out the day with an AI panel discussion. The discussions will cover these and other questions regarding this emerging technology. Join us in Asia-Pac on Tuesday, 21 Feb from 15:00 - 16:00 (UTC+10)!