Meet the speakers for STACKx Cybersecurity 2025!

26 MAR 2025

Mark your calendars! GovTech’s STACKx Cybersecurity 2025 will be held on 15 April 2025 at the Sands Expo and Convention Centre.

Early bird tickets are at 20% off the usual price, ending on 31 March.
Sign up for STACKx Cybersecurity 2025 now!

About STACKx Cybersecurity 2025

As Singapore forges toward a digitally secure future as part of its Smart Nation Vision, this event will bring together government agencies, industry leaders, and cybersecurity specialists to discuss the latest cybersecurity trends, challenges, and opportunities. This year’s theme, “Securing Tomorrow’s Digital Frontier”, will dive deep into these three key topics:

AI x Security

Harnessing artificial intelligence to detect and defend against cyber threats more effectively.

Resilient and Secure Cloud

Strengthening cloud security to enhance digital resilience and prevent cyber incidents.

CISOs of the Future

Exploring the evolving role of Chief Information Security Officers (CISOs) in leading cybersecurity strategies and risk management.

Attendees can expect to gain insights from leading experts at Google, Oracle, Amazon Web Services, Akamai Technologies and other leading companies, connect with industry players and stay ahead within the cybersecurity industry.

A sneak peak into STACKx Cybersecurity 2025

In the lead-up to STACKx Cybersecurity, we invited our esteemed speakers, Mr. Daryl Pereira and Mr. Chua Kuan Seah, for a preview of their insights.

Q1. As a CISO in cybersecurity, what is the top quality you think a CISO should possess?
From my experience, empathy is often an underrated but a top quality that a CISO should possess. A CISO cannot operate in a silo. When juxtaposing organisational objectives with technology, CISOs require a multi-faceted perspective and look within and beyond the organisation to fully understand the needs and culture of the organisation, the environment within which it operates and the opportunities and risks that lie beyond the horizon.

This implicit understanding allows them to build the mutual respect and trust required to shape security measures that align with the organisation's priorities. A heavy-handed approach will never work. Without empathy, gaining buy-in and creating the necessary collaborations that make security successful would be challenging.

Q2. What are your top priorities over the next five years, and how do you plan to address emerging threats and longer-term challenges?
As a CISO, my top priority is to encourage and guide organisations towards secure cloud adoption. Moving from on-premises systems to a cloud environment often improves security by offering simplified patching, strong encryption, consistent access controls, and more robust authentication features.

The second priority is supercharging cybersecurity with AI. Within Google, we have been developing large language models to accelerate threat detection and response by automating security operations to analyse threats more quickly and effectively. As AI is an emerging tech for 2025 and beyond, we are closely monitoring AI regulations to ensure we adopt and promote responsible, compliant AI practices.

Beyond AI and Cloud, quantum computing is another emerging technology we should look forward to. Although quantum threats have not been fully realised, we should prepare for a post-quantum world by exploring and implementing cryptographic solutions resilient to future quantum attacks.

Q3. As a panellist for the CISO plenary discussion, how do you see the responsibilities and influence of CISOs changing, especially in the Asia-Pacific region?
In the current era, the CISO role is expanding beyond purely technical expertise, demanding a balance of strong technical foundations and deep business understanding. In the Asia-Pacific region, regulatory requirements differ across countries, so knowledge of legal and compliance frameworks is paramount.

Referencing my mentor Phil Venables, who wrote this online article titled "CISO: Archeologist, Historian or Explorer", I always envision the CISO as an archaeologist and historian uncovering why specific systems or processes exist and also as an explorer looking for better, more secure ways to modernise. In this region, where digital transformation is rapid, CISOs are helping drive top-level strategy, ensuring that security aligns seamlessly with innovation and growth.

Q4. Thank you for accepting our invitation to speak at STACKx Cybersecurity. Please share what motivated you to join the event and what you hope to contribute or gain through your participation.
My motivation as a STACKx Cybersecurity speaker is partly altruistic. My life philosophy is that those who give freely often receive far more in return. We are never the smartest people in the room. There is always someone more knowledgeable within a particular field, and as individuals, we each have unique insights to offer. By sharing our expertise across the tech community, we help one another learn and grow.

During the panel, I hope to create a two-way exchange that benefits everyone by openly discussing practical insights on secure cloud adoption, AI-driven security, and ways to foster a culture where security is everyone's responsibility. In return, I look forward to gaining fresh perspectives that will influence how I approach security at Google.

Q1. Could you give us a brief introduction about your roles and responsibilities?

As Deputy Commissioner for Cybersecurity and the Deputy Chief Executive (Development) of the Cyber Security Agency of Singapore (CSA), my key responsibilities include:

Protecting critical information infrastructure and preventing and responding to cybersecurity threats and incidents under Singapore’s Cybersecurity Act.
Leading national-level cybersecurity efforts in master planning, capability development and research
Formulating and executing our international cyber tech diplomacy strategy and collaboration efforts.

Q2. Are there any lesser-known government cybersecurity efforts that the public should be more aware of?

There are two areas that people should be aware of.

First, people must be aware of the sophisticated and advanced threats targeting Singapore. Due to their sensitive nature, these threats do not often appear in the news, but their danger to our infrastructures and systems is very real. The Government works behind the scenes to prevent, detect, and respond to such threats. One example is what we are now building—the National Cyber Command Centre in Punggol Digital District.

Second, we are putting much effort into securing our local enterprises and organisations, including small and medium enterprises, under our CyberSafe programme. We are investing in tools and resources to protect our enterprises and the public, such as Cyber Essentials and Cyber Trust marks. For smaller companies, CSA also invests in CISO-as-a-service to help them get up to speed in their security posture. From a customer's perspective, companies or vendors engaged can also be demanded to meet these trust marks.

Q3. As a speaker at STACKx Cybersecurity, could you give us a sneak peek at the insights you will share for your "Singapore's National Strategy to Deal with Cybersecurity Threats" session?

During my session, I will discuss Singapore's national approach to dealing with cyber threats based on our national cyber defence approach, focusing specifically on three pillars in operations against cyber threats, policy, and regulatory levels to enforce cyber standards and technology. Cybersecurity is a collective effort and cannot be done alone. So, I will also talk about how we collaborate across the Government, industry, academia, and foreign partners to strengthen and protect our systems. Come and listen to what we do in CSA!

Q4. With the rise of AI, how do you see it reshaping cybersecurity in the next few years? And what steps should organisations and governments take to harness AI for cybersecurity effectively?

This is a million-dollar question! First, organisations and governments must understand the opportunities and risks that AI can bring. To harness AI, leaders must organise their processes, systems, and workforce to embrace AI. However, this adoption of AI must be done holistically and not in separate steps. As we organise to adopt AI, there are several areas of consideration, such as the security and safety risks of using AI, the guardrails needed to be put in place, the training required for the existing workforce and the recruitment of professionals to help us develop the strategy. The good news is that there are a lot of resources that have been designed to help organisations and governments adopt AI securely. CSA has also developed guides to help enterprises and organisations securely adopt AI, including a Companion Guide that illustrates the detailed steps organisations can take.

Q5. How do you stay updated on cybersecurity trends and best practices in an ever-evolving field? Are there any resources or habits you would recommend to aspiring cybersecurity professionals?

Cybersecurity is one of the most exciting fields in IT. It is more than IT. It is not just the science and technology that change, but also the real threat actors behind it and the tactics and techniques these threat actors employ. I have worked in cybersecurity for nearly 30 years, and there has never been a dull moment. Everyone should also set aside some protected time once a week to learn more about the field. The good (and bad) thing is that there are so many more resources these days than when I started working in this field!