CYBERSEC GLOBAL

Premiere: 4/15 12:00 - 12:30

Replays: 4/15 18:00 - 18:30, 4/16 00:00 - 00:30

API attacks have become an increasingly severe issue in the Asia-Pacific region, posing major security threats to enterprises. These include shadow APIs, challenges in implementing third-party APIs, lack of API management, business logic abuse, data breaches, and a significant shortage of API security expertise.

In this session, David Holmes, Chief Technology Officer for Application Security at Imperva (a Thales subsidiary) and former Forrester cybersecurity analyst, will provide an in-depth analysis of API attack trends based on the latest attack statistics from the Imperva Threat Research Team. The discussion will cover common API vulnerabilities, business logic attacks, and emerging AI-related threats. Additionally, it will highlight global threat indices, regional differences between the Asia-Pacific and other areas, and provide localized insights into Taiwan's threat landscape.

How can enterprises develop concrete and actionable security strategies to counter these threats? This talk will outline proactive and adaptive cybersecurity measures and share the latest advancements in modern application security protection technologies.

Premiere: 4/15 12:40 - 13:10 

Replays: 4/15 18:40 - 19:10, 4/16 00:40 - 01:10

Multi-Factor Authentication (MFA) has long been considered an effective defense against account takeovers. However, with attackers developing automated tools to bypass MFA, relying solely on MFA is no longer sufficient. This session will explore the limitations of MFA and why a more comprehensive security strategy is essential to mitigate account compromise risks.

The presentation will cover the latest trends in MFA bypass attacks and analyze common techniques such as Pass-the-Cookies, push notification fatigue attacks, malware-based attacks, brute force, and adversary-in-the-middle (AiTM) attacks. To effectively counter these threats, organizations must go beyond traditional MFA and integrate technologies like artificial intelligence, machine learning, and behavioral analytics.

Additionally, implementing adaptive access controls, conducting regular security awareness training, and adopting a layered defense strategy are crucial to strengthening overall security. This session will provide insights into building a more resilient authentication framework to protect against evolving threats.

Premiere: 4/15 13:20 - 13:50 

Replays: 4/15 19:20 - 19:50, 4/16 01:20 - 01:50

Since BIMCO (The Baltic and International Maritime Council) first published its cyber security guidelines in 2016 and IMO’s (The International Maritime Organization) “Resolution MSC.428(98)” Maritime Cyber Risk Management guidelines in 2017, the maritime sector saw gradual progression of cyber safety awareness. Subsequently, OCIMF (the Oil Companies International Marine Forum) published its cyber safety chapters in its Ship Inspection Report Programme in 2018. This was followed by IACS’ (International Association of Classification Societies) technical guidelines in 2021 which stipulated all new builds in 2024 onwards to be cyber compliant.

While cyber incidents are not uncommon in the maritime sector, mostly are still within the IT on-shore and off-shore scenarios. What about the so-called moving and floating OT onboard rigs and vessels?

A live journey of this observation will be shared in this presentation in a bid to raise the awareness and to recommend the focused areas for maritime cyber going forward.

Premiere: 4/15 14:00 - 14:30 

Replays: 4/15 20:00 - 20:30, 4/16 02:00 - 02:30

1. FinTech is at the forefront of innovation, leveraging cutting-edge technologies while prioritizing operational security—an essential factor for its success. With robust security measures, FinTech can effectively guard against emerging threats. To tackle potential risks, it employs critical methodologies such as the Information Security Management System (ISMS), NIST Cybersecurity Framework, Privacy/Personal Information Management System (PIMS), and Business Continuity Management (BCM). 

2. Secure data management is crucial in navigating the risks of oversharing, third-party access, misconfigurations, and misclassifications. By implementing effective risk management strategies, organizations can proactively identify and address security challenges, ensuring that sensitive information remains protected from unauthorized access and corruption. That talk will examine (1) Secure Data Management in Digital Development, (2) Cybersecurity in FinTech, (3) Cybersecurity Development and Opportunities, and (4) Conclusion. 

3. Da-Yu Kao is an esteemed Associate Executive Vice President of the Information Security Division at Bank SinoPac in Taiwan and a dedicated part-time professor in the Information Security Master’s Program at National Chengchi University. With a solid investigative and forensic background, he has authored nearly 200 empirical papers on FinTech security and has an impressive international research portfolio. His extensive collaboration with law enforcement agencies and participation in global conferences highlight his commitment to enhancing FinTech security. 

Premiere: 4/15 14:40 - 15:10 

Replays: 4/15 20:40 - 21:10, 4/16 02:40 - 03:10

Explore how industries such as fintech, healthcare, manufacturing, retail, and critical infrastructure are leveraging OXDR, XDR, and cloud security to strengthen cyber resilience. Discover how these advanced security solutions enhance threat detection, incident response, and compliance across diverse digital ecosystems, ensuring businesses stay ahead of evolving cyber threats worldwide.