Why the clean source principle is key to a successful zero trust strategy

Steven Sim has more than 25 years’ experience in cybersecurity with large end-user enterprises and critical infrastructure. He has undertaken a global CISO role and driven award-winning security governance and management initiatives. He leads cybersecurity across a multinational firm with operations in 42 countries. He oversees Governance, Technology Management and Incident Response as well as Cyber Security Masterplan Office. He also leads Group Cybersecurity Centre of Expertise, Technology Scanning and Cybersecurity Practice Forum to franchise best practices to business units, driven cyber initiatives, developed standards, managed threats, identified 0day vulnerabilities and promoted awareness. Always keen to give back to community, he helmed the ISACA Singapore Chapter (which won ISACA Global Outstanding Chapter Achievement in 2022) as President (from 2021 to 2022) as well as at OT-ISAC (since 2021), as Chair of the Executive Committee, and held a Masters in Computing, CCISO, CGEIT, CRISC, CISM, CISA, CDPSE, CISSP as well as technical certifications GICSP, GREM, GCIH and GPPA. He is an APMG-accredited trainer for ISACA's core certifications and member of Geneva Dialogue for Responsible Behaviours in Cyberspace Technical Community, Working Group on Technical Reference for Securing the Cyber-Physical Systems for Buildings, SANS CISO Network, SANS Offensive Operations Community, Frost & Sullivan Growth Innovation Leadership Council, Microsoft APAC CISO Council, Cybereason Cyber Defense Council, Fortinet Executive Cyber Exchange (ECE), etc. He is also part of ISACA’s Information Security Advisory Group and the Emerging Trends Working Group. He regularly shares his thoughts on cyber risk and security, lectures on an adjunct basis at National University of Singapore Institute of System (on Enterprise Security Architecture), Nanyang Technological University (on Cybersecurity), and other institutes of higher learning, speaks on panels and keynote sessions of both international and local conferences and published several articles. He has been a topic leader for various forums including ISACA’s Emerging Technology and Governance. He was also part of industry consultation for MCI’s Digital Economy Blueprint and CSA’s Singapore OT Cybersecurity Masterplan 2nd Edition and was involved in the reviews of various ISACA CISA, CRISC and CGEIT manuals. Key areas of expertise and experience lie with Cybersecurity Governance, Risk Optimisation, Compliance, Security Engineering, Security Assessment, Incident Management, Training, Awareness. Planned and oversee deployment of cybersecurity solutions enabling business for large IT enterprises and critical OT infrastructure with focus on Internet of LogisticsTM, CP 4.0TM, Supply Chain 4.0, Cyber-Physical or Phygital Systems as well as Emerging Technology. He was recognised with a few awards including #1 CSO in IDG’s CSO30 ASEAN Awards (2021), CSO50 Program, ISACA Chapter Achievement, ISACA Outstanding Chapter Leader, Tech Talent Builder, Skillsfuture Fellow, Global Cyber Security Thought Leaders (IFSEC), Global Cybersecurity Leader, Top 10 Cyber Security Influencers, Top 10 CISOs of the year, Top 29 Highly Influential CISOs, Top 100 Global CISOs, Professional (Leaders) Finalist in Singapore’s Cybersecurity Awards 2018, etc. Reach out to him for: Advisory board member, adjunct lecturer, speaking opportunities, technical reviews, mentorship, thought leader, author, award judge.