2ND ANNUAL

MALAYSIA

Forging Future Advantage

Days
Hours
Minutes
Seconds

EVENT OVERVIEW

Malaysia, one of the most targeted nations in the Asia-Pacific, now finds itself at the epicentre of escalating challenges as it accelerates toward its ambitious AI Nation 2030 vision. As Malaysia rapidly shapes its digital future, the cybersecurity decisions made today will determine who forges competitive advantage and who gets left exposed.

By 2027, global cybercrime costs are projected to reach USD 24 trillion, nearly three times today’s figure. Malaysia’s regulatory framework has now reached full operational strength, charting a decisive and forward-looking trajectory for the nation’s digital future. The Cyber Security Act is entering its enforcement maturity phase across eleven National Critical Information Infrastructure sectors. The Personal Data Protection (Amendment) Act (PDPA) has made Data Protection Officers, mandatory breach notification, and risk-based cross-border data transfer frameworks the new standard. Also, NACSA’s National Post-Quantum Cryptography Migration Plan outlines Malaysia’s transition to quantum-safe infrastructure through a 2027–2028 validation and pilot phase targeting government systems, financial institutions, and telco infrastructure.

As Malaysia’s MyDIGITAL Digital Trust & Data Security Strategy runs through 2030, AI sector investments reached RM13.29 billion in the first half of last year alone, and the ASEAN Digital Economy Framework Agreement targeting a 2026 conclusion will bind regional data flows, cybersecurity standards, and digital trade in ways that will shape enterprise security obligations for years to come.

The 2nd Annual FutureCISO Malaysia Conference 2026, themed “Forging Future Advantage“, brings together Malaysia’s senior cybersecurity leaders to look beyond today’s compliance requirements and build security functions that create genuine strategic advantage heading into 2027 and beyond. Critical topics to be covered this year include:

  • Governing identity in the agentic AI era
  • Preparing for autonomous adversaries
  • Elevating the CISO to digital trust architect
  • Lessons from real-world breach record
  • Building AI and cloud security architectures that hold
  • Navigating the evolving post-quantum and regulatory frontier

WHY YOU SHOULD ATTEND

The FutureCFO Conference aims to give CFOs, who also act as their company’s strategic business partner and catalyst, insights on ensuring corporate growth and successfully mitigating risks and challenges amidst the current economic and political uncertainties in their countries. The conference will also address strategies and best practices on how CFOs can reimagine finance functions and their organizations to survive and thrive in today’s fast-paced and digitally driven landscape.

This by-invitation only one-day event will gather over 120 senior finance leaders from multiple industries and offers the best opportunity to hear from the industry’s leading professionals, contribute questions from the floor, engage in incisive panel discussions that discuss real-life business cases, updates and strategies to meet the most pertinent challenges facing the finance function in 2020.

High-Level Industry Speakers

We gather 20+ industry speakers and experts from leading organizations for keynote presentations and incisive discussions so you can tap on their invaluable insights and best practices important to your finance function management and transformation.

Interactive Discussions

Be part of our interactive panel discussions that address the current hot topics, share ideas and experiences and get the answers to your pressing questions from prominent finance leaders on stage.

Networking Opportunities

Meet new business partners, engage and forge new connections with fellow finance and treasury leaders in the region, solution providers and many more at our event through luncheons, coffee breaks, one-to-one meetings and informal introductions.

Targeted In-Depth Sessions

8 hours of learning and networking opportunities packed into 10 in depth sessions. Listen to corporate-driven best practices and case studies sharing that are targeted to your profession through the personalized country-specific conferences we crafted for you - FutureCFO Conferences.

FUTURECIO & FUTURECISO CONFERENCE SERIES

2025 AGENDA

09:00

Chairman’s Welcome Remarks

Allan Tan, Group Editor-in-Chief, Cxociety

09:15

Opening Keynote

YBrs. Ts. Wan Roshaimi Wan Abdullah, Chief Technology Officer, CyberSecurity Malaysia

09:40

Keynote: The Agentic Threat Era: Preparing Malaysian CISOs for Autonomous Adversaries at Scale

By 2027, the first sustained autonomous AI attack campaigns where threat actors use agentic AI to discover, chain, and exploit vulnerabilities faster than human defenders can patch them are expected to emerge. Malaysian organisations are already encountering the precursors: AI-crafted Manglish phishing that defeats traditional filters, deepfake BEC attacks against executives, and ransomware that regenerates its own code at runtime. This maps the trajectory from today’s AI-assisted threats to tomorrow’s fully autonomous adversaries and the architectural decisions organisations must make now.

  • From AI-assisted to fully autonomous adversary timelines
  • Attack paths that survive human or agentic drivers
  • Defensive controls that break autonomous kill chains
  • Building SOC capabilities for anticipation, not reaction
  • Architectural decisions that forge advantage pre-2027

10:05

Panel Discussion: The CISO as Digital Trust Architect – Leading from the Board, Not Behind It

The CISO role is undergoing its most significant redefinition in a generation. As personal liability under national’s legislation, board-level accountability for cyber governance, and the strategic weight of MyDIGITAL transformation converge, security leaders who wait to be asked are falling behind those who are shaping the agenda.

  • Translating cyber risk into P&L and reputational impact
  • Board-level cyber governance under the Cyber Security Act
  • Security as a business enabler, not a cost centre
  • Building a 2027-backwards security strategy
  • From operator to digital trust architect

Moderator:
Allan Tan, Group Editor-in-Chief, Cxociety

10:40

Morning Coffee Break & Networking

11:10

Keynote: Cyber Recovery is the New Cyber Resilience: Are You Ready to Bounce Back?

As ransomware attacks grow more targeted and Malaysia’s Cyber Security Act 2024 raises the bar on incident response obligations having a backup is no longer enough. The session examines how Malaysian CISOs can shift from a recovery-as-afterthought mindset to a clean recovery architecture that guarantees data integrity, minimises downtime, and satisfies regulatory reporting requirements when the worst happens.

  • Ransomware resilience: From backup to business continuity
  • The anatomy of a ransomware recovery failure
  • Immutability, isolation, and integrity
  • Turning recovery into a board-level conversation

11:35

Panel Discussion: Governing Machine Identities: When AI Agents Need Access

IAM is no longer just about people—it must now govern AI agents, service accounts, and automated workflows that act autonomously across enterprise environments. Malaysian organisations are discovering that traditional PAM tools and access frameworks were not built for entities that never log off. With PDPA’s new AI governance guidelines now in effect, establishing agent identity governance is no longer optional.

  • Provisioning, governing, and de-provisioning AI agent access
  • Where PAM tools break down with autonomous AI workflows
  • Managing secrets sprawl in CI/CD pipelines and agentic architectures
  • Accountability for AI security across the CISO, AI/ML, and platform teams

Moderator:
Allan Tan, Group Editor-in-Chief, Cxociety

12:10

Keynote: Closing the Vulnerability Blind Spot — Proactive Security Management for What’s Coming Next

As AI adoption accelerates across Malaysian enterprises and the MyDIGITAL transformation deepens, the gap between what organisations believe they are exposing and what they are actually exposing is widening. This session examines how leading organisations are shifting from reactive alert management to genuine proactive exposure control and what that means for building durable competitive advantage.

  • From alert fatigue to proactive posture: the architectural and operational shift required
  • Practical strategies to discover, classify, and control sensitive data flowing through AI systems at scale
  • Aligning exposure management with Malaysia’s Digital Trust & Data Security Strategy and NACSA standards
  • Measuring and communicating security posture in ways that resonate with boards, regulators, and customers

12:35

Networking Lunch

13:45

Keynote: Assume Breach, Protect the Data: Zero Trust Data Security for Malaysian Enterprises

Perimeter defences have failed. The question is no longer if attackers get in, it’s whether your data survives when they do. Drawing on real-world attack patterns seen across Asia’s frontline experience to make the case for immutable backups, air-gapped recovery vaults, and data observability as frontline security tools not just IT hygiene aligned to Malaysia’s NCII protection framework and BNM RMiT requirements.

  • Safeguarding critical assets when the perimeter is dead
  • Zero trust meets data recovery
  • Building Zero Trust resilience in 2027
  • Aligning Zero Trust data security to Malaysian regulatory expectations

14:10

Panel Discussion: Shadow AI, Rogue Models, and the Insider Risk Nobody Is Talking About

Rapid unsanctioned AI tool adoption in Malaysian enterprises creates significant data leakage and insider risks via LLMs and rogue models. This operational panel discusses discovery, policy enforcement, behavioural monitoring, DLP for prompts, and building AI-aware culture ahead of the AI Governance Bill and Digital Trust Strategy formalisation.

  • Scale of shadow AI and unsanctioned tools creating visibility blind spots.
  • Detecting and containing data exfiltration through LLM prompts.
  • Managing rogue/third-party AI models and associated risks.
  • Developing effective AI usage policies and behavioural controls.
  • Fostering a security-aware AI culture aligned with emerging governance

Moderator:
Allan Tan, Group Editor-in-Chief, Cxociety

14:45

Fireside Chat: Data Sovereignty and Cloud Architectures Strategy for Secured Digital Future

With sovereign AI cloud investments and data centre growth, Malaysian CISOs navigate complex sovereignty, BNM, and regulatory demands. This panel addresses practical data residency, multi-cloud security, sovereign options, and architectures that balance today’s requirements with adaptability through 2027 and beyond.

  • Operationalising data sovereignty in cloud and AI environments.
  • Multi-cloud security posture management for distributed enterprises.
  • Evaluating sovereign cloud capabilities and gaps in Malaysia.
  • Aligning architectures with PDPA, Cyber Security Act, and BNM RMiT.
  • Future-proofing for ASEAN DEFA (Digital Economic Framework Agreement) and AI-driven workloads

Moderator:
Allan Tan, Group Editor-in-Chief, Cxociety

15:10

Afternoon Coffee Break

15:40

Panel Discussion: From Alerts to Action: Operationalising Risk Prioritisation

Malaysian security teams are drowning in signals. The average enterprise SOC processes thousands of alerts daily, yet the most dangerous exposures are often not the loudest ones. As attack surfaces expand across cloud, OT, and agentic AI environments, the ability to cut through noise and act on what genuinely matters has become one of the defining operational competencies separating resilient organisations from reactive ones.

  • Moving from CVSS scores to business-context risk scoring
  • Practical exposure management under real-world constraints
  • Communicating risk decisions to boards and audit committees
  • Aligning threat intelligence to remediation capacity
  • Closing the gap between what you know and what you can fix

Moderator:
Allan Tan, Group Editor-in-Chief, Cxociety

16:15

Fireside Chat: The Human Factor — Why Social Engineering Is Still Winning against Malaysia’s Best-Defended Organisations

An unscripted conversation on why phishing, vishing, and manipulation-driven social engineering continue to bypass even the most sophisticated security investments in Malaysian enterprises and what CISOs are doing differently to address the one vulnerability no technology can fully patch: people. No matter how advanced your security tools are firewalls, EDR, SIEM, zero trust architecture none of them can fully eliminate the risk that comes from human behaviour.

  • Human risk as a security metric
  • The illusion of the aware employee
  • How social engineering attacks are exploiting fundamental human cognitive biases
  • Successfully deploying Human‑Centric cybersecurity design in 2027

Moderator:
Allan Tan, Group Editor-in-Chief, Cxociety

16:40

Chairman’s Closing Remarks

16:45

End of Conference

2025 SPEAKERS

Speaking Opportunities:

WHY SPONSOR

We will help you GENERATE quality business leads.
We will help you INCREASE your regional profile.
We will help you CREATE new business opportunities.

  • Get cost-effective marketing exposure and branding to your target audience, culminating in face-to-face meetings with your prospects.
  • Position and profile yourself as an industry leader.
  • Increase your brand recognition.
  • Create new partnerships and alliances.
  • Develop relationships through new virtual networking opportunities.
  • Showcase new products and services to a targeted audience of decision makers.
  • Get direct and exclusive access to Key decision-makers

Sponsorship Opportunities:

2025 SPONSORS

DIAMOND SPONSOR

GOLD SPONSOR

SILVER SPONSOR

PARTNER SPONSORS

LUNCHEON SPONSOR

BUSINESS CONNECT SPONSORS

SUPPORTING ORGANISATION

SUPPORTING MEDIA

VENUE

Share this event: