With years of overseas and local experience in managing technology risk, Mr Ho Wai Khin specialises in information security and business continuity. 

In his current position, Mr Hoi has extensive exposure to the management of risk/audit/security programmes to meet legal, human resources, audit, IT, risk management and information security requirements. This involves constant innovation of ideas to implement value-added security programmes to support the client's organisational objectives and building a robust security framework that goes beyond regulatory compliance. 

His global experiences include assisting organisations in audits for IT due diligence, Sarbanes Oxley 404 IT General Computer Control, and IT diagnostics for mergers & acquisitions. Mr Hoi has also supported clients in ISO 27001 certification projects, cloud technology, bring your own device (BYOD), as well as compliance with Singapore's Personal Data Protection Act (PDPA) and internal and external IT audit requirement.

Presentation Synopsis
Attack on Your Supply Chain!
Supply chain attack or value-chain or third-party attack, occurs when someone gain access to your internal system through an external partner or 3rd party service provider with access to your systems and data. This changes the attack surface as attackers are exploiting the weaker controls implemented at the external partner or 3rd party service providers premises.

The risks associated with a supply chain attack is getting more attention, due to new types of attacks, growing public awareness of the threats, and increased oversight from regulators. Meanwhile, attackers have more resources and tools at their disposal than ever before, creating a perfect storm.