2021 Conference Speakers
DG Tangonan is the head of the Payments and Currency Management Sector (PCMS) of the Bangko Sentral ng Pilipinas,
tasked to address the interplay between digital money and physical currency, and support the digital transformation
of the country’s financial services. He leads PCMS in maintaining the safety and integrity of the Philippine currency,
as well as ensuring a well-functioning payments and cash ecosystem that fosters long-term economic growth.
He brings with him over 28 years of experience in digital and traditional financial services, telecommunications,
technology, financial inclusion and consulting services. Deputy Governor Tangonan took his bachelor’s degree in civil
engineering from the University of the Philippines and his executive MBA from the Asian Institute of Management.
Carlo is a Consulting Partner of SyCip Gorres Velayo & Co./Ernst & Young (SGV/EY). He joined SGV in 2005 as
part of the Advisory Services practice and has received extensive training in information technology (IT) governance,
risk and controls, assurance, and information security. He has more than 15 years of experience working with
various industries, having been involved and led numerous assessments and implementations covering information
security program planning, risk assessments, incident response, compliance audits, vulnerability assessments, and
penetration testing of various technologies.
Carlo has specialized in various information security fields, particularly over security program implementation,
technical security assessments, and security risk management. Carlo has extensive experience in implementation
of Governance, Risk and Compliance Frameworks, Identity and Access Management Systems, Security Operations
and Incident Response centers, Credentials Vaulting and Monitoring systems, Distributed Denial of Service Mitigation,
Advanced Malware Detection, and Data Tokenization and Encryption Systems.
Carlo is a recipient of the 2018 SyCip Award for his contributions to the Philippine’s Cybersecurity practice. Among
which he was able to support implementation of the privacy compliance programs for over 100 organizations.
Mr. Jones Leung, Systems Engineering Manager, Zscaler South East Asia and Greater China, is responsible for
leading his team to provide consultation on network, application and security transformation required for enterprise
digital transformation. Over the past 7 years in Zscaler, he has witnessed a lot of enterprises benefiting from such
transformation, and also with his team helps them to handle challenges faced during the process. With over 20 years of
experience and broad technical knowledge, Jones has been an evangelist in the market, and has introduced a lot of
disruptive technologies to many top organizations. Prior to Zscaler, Jones held Systems Engineering Manager
position in Palo Alto Networks, and regional systems engineering position in Blue Coat Systems, Packeteer and
other leading solution providers in the region.
The acceleration of digital transformation in the face of the global COVID-19 pandemic have taken into
consideration remote living and working environments. Security teams of Governments pivoting public
services online and developing new applications like “Contact Tracing” and organisations optimizing
work from home arrangements find themselves with new attack vectors and trying to outpace
malicious adversaries. In this session, we will discuss the current challenges and best practices in
managing security in the pandemic year and pain the forward looking roadmap on potential challenges
post pandemic and the optimum approach on management.
As Cyber Security Specialist for CrowdStrike, Sanket Bhasin brings more than 14 years of experience
in IT security. Prior to CrowdStrike, Sanket was with McAfee formore than six years and
has extensive experience in helping large enterprise organizations across Southeast Asia
implement comprehensive security programs. In addition, Sanket has demonstrated and deployed security
architecture to strengthen protection for numerous customers where controls may have
been breached and sensitive information compromised. In his recent role as a Product Manager
he will be closely working with the key customers in APJ region to understand their security initiatives
and requirements, which will help him to define the road map along with the engineering team.
Raymond Estioko is the Senior Director of the Payment System Oversight Department (PSOD)
of the Bangko Sentral ng Pilipinas.
Mr. Estioko is responsible in directing the development of relevant, responsive, and timely policies and
regulations to enable the establishment of a safe, efficient, and inclusive national payment system.
In addition, he also directs the formulation of a holistic payment oversight framework,
conduct of research on innovations in the payments sector, measurement and analysis of
payments data, among others. Raymond also collaborates with stakeholders to gather feedback to
help ensure that payment services are relevant, efficient, convenient, and affordable.
Prior to becoming the Director of PSOD, Raymond was the Head of the
National Retail Payment System (NRPS) Core Team that introduced major reforms in the country’s retail
payment systems achieving effective and efficient interoperability, widens the access to payment systems,
and encourages healthy competition through wide range of innovative payments services.
Before leading the NRPS Project, Raymond served as Head of the Core Information Technology Specialist Group (CITSG)
which is responsible for the assessment and management of technology risks.
Carlos is currently the Chief Information Security Officer and Head of the Information Security Governance Department
of Rizal Commercial Banking Corporation (RCBC). He is primarily responsible for implementing and managing
the Bank’s information security program to ensure RCBC’s security posture meets the challenge of the current times.
Prior to joining RCBC, Carlos was already a seasoned information security (InfoSec) and financial technology (FinTech)
professional with over 24 years’ experience in the fields of information technology (IT), payment card industry, and
financial services. He was the Information Security Officer of Bastion Payments Systems Corporation (BPS) and held
other posts such as Chief Operating Officer and Head of Special Projects. While working for BPS, Carlos was primarily
involved in the development of the company’s payment system infrastructure. During his stint with BPS, Carlos was
also the lead in ensuring the company’s attainment of a PCI DSS certification in 2006.
Carlos is truly passionate with his craft. Other than InfoSec and FinTech, he possesses a strong understanding and
deep appreciation of the various domains of IT such as systems architecture, software engineering, network design,
implementation and operations, IT security, IT governance and risk management.
He served the University of Santo Tomas as a faculty member for 13 years and was also a concurrent assistant director
of the Santo Tomas e-Service Providers (STEPS) for some years. Carlos earned a Bachelor of Science in
Computer Science degree from Chiang Kai Shek College and is a Certified Information Security Manager (CISM),
Certified Payment-Card Industry Security Implementer (CPISI) and a Certified Data Protection Solutions Engineer (CDPSE).
He is a member of ISACA and Information Security Officers Group (ISOG).
Jallain graduated cum laude with a degree of Bachelor of Science in Accountancy from the
Philippine School of Business Administration – Quezon City and is a Certified Public Accountant,
a Certified Information Systems Auditor and has been Certified in Risk & Information Systems Control.
With 14 years of extensive, professional experience in the field of IT audit, SOC or attestation,
cybersecurity, data privacy, ERP implementation, robotics process automation, data & analytics and
IT project management, Jallain has been an active resource speaker on various technology topics for
industry conferences and seminars for organizations such as the ManagementAssociation of the Philippines (MAP),
Financial Executives Institute of the Philippines (FINEX), Actuarial Society of the Philippines (ASP),
Nordic Chamber of Commerce of the Philippines, University of the Philippines – Diliman
Technology Management Center (UPD-TMC), Philippine Institute of Certified Public Accountants (PICPA),
Microsoft Philippines, and ISACA, to name a few.
Mr. Lokos is an accomplished professional with local and international track record in ICT.
With over 30 years of experience in ICT (IS&T). With strong business acumen, he can provide
many insights that can help organizations better understand and manage the many challenges
they face today and those into the future. From providing Whole of IT Outsourcing (remember those
big mainframes and the green screens) to basic PC advice. He has experienced the many new
concepts introduced over the many years.
The talk explores various strategies that can help an institution to not just enhance its resiliency,
but also manage expectations by discovering new ways of establishing recovery commitments.
With over 10 years of experience in IT operations, Mr. Andaya was the BSP’s technical authority
on various mission-critical systems, encompassing various fields such as SWIFT, RTGS, DB2, AIX and PKI.
After he transitioned to a career in Business Continuity Management, Mr. Andaya was able to leverage his
deep understanding of Central Bank IT Operations to spearhead innovations with the BSP’s
Business Continuity Management System.
Ms. Boquiren is the Data Protection Officer of San Miguel Corporation.
She is also an officer of the National Privacy Commission Executive Data Privacy Council and President of NPC Retail and Manufacturing Sector Data Privacy Council.
As many organizations undergo digital transformation and as new ways of working are being introduced, Agile
continues to be the most prevalent software development methodology that is adopted. However, conventional
information security management has not yet catch up with the rapid pace of its adoption. This session aims to
provide an overview of Agile software development and practical ways as to how security can be integrated to the process.
Mr. Rainier (Rain) Vergara is a highly experienced Information Security Leader and have been working in the field of
information security management and cyber risk since 2003.
He currently works as Head of Product Security at Altia, the leading global provider of intelligence and
investigation software, where he is responsible for pushing forward the security practices as the firm migrate its portfolio
of products to the cloud, while additionally catering for ongoing and existing on-premises deployments, as well as leading
the DevSecOps function to drive security automation within its cloud environment and development pipelines.
Prior to joining Altia, he served as Risk & Security Manager at SD Worx in the UK and Ireland, a leading provider of HR
and Payroll Software and Services in Europe, where for over more than 8 years he is responsible for ensuring the
company’s Internet-facing products and solutions are secure and customer’s data are adequately protected. He has
also held the roles of Head of IT Security & Compliance at Inspiro and Senior Security Analyst for
Lawson Software (now part of Infor).
A committed lifelong learner, Rain holds the following professional qualifications and certifications: Certified Information
Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems
Control (CRISC) from ISACA and Certified ScrumMaster (CSM) and Certified Scrum Product Owner (CSPO) from
the Scrum Alliance.