Cyber Security Advisory Panel

The MAS Cyber Security Advisory Panel (CSAP) comprises leading cyber security experts and thought leaders. The panel advises on strategies for MAS and financial institutions in Singapore to sustain cyber resilience and trust in our financial system.

About the Panel

MAS Cyber Security Advisory Panel (CSAP) was formed in 2017.

It was established:

  • To provide MAS with a global perspective on the evolving technology and cyber threat landscape, and its implications for financial services.
  • As a platform to share best practices on cyber security strategies and approaches.
  • To recommend measures to enhance the cyber resilience of Singapore’s financial sector.
  • To be the sounding board on cyber initiatives that MAS intends to pursue.

Ms. Valerie Abend

Managing Director, Global Cyber Regulatory & North America Financial Services Security Lead, Accenture Security

Valerie Abend is a recognized leader with over two decades of experience spearheading financial services sector-wide and enterprise-wide security and resilience programs. As Accenture’s leader for both the North America Financial Services Security and Global Cyber Regulatory Practices, Abend advises C-suite executives on how to manage cyber risk to enable new business strategies and remain resilient in the face of rapidly evolving threats.

Previously, Abend served as the Senior Critical Infrastructure Officer for the U.S. Department of the Treasury’s Office of the Comptroller of the Currency. In this role, she conceptualized and led the U.S. Federal banking agencies’ cybersecurity and resilience strategy, reshaping the cyber supervision processes, and the agencies’ interaction with law enforcement and the intelligence community. Abend was a Managing Director at Bank of New York Mellon and has served as a senior executive at the Federal Reserve Board and as Deputy Assistant Secretary for Critical Infrastructure Protection at the Treasury Department. Earlier in her career, Abend was an Associate Director at KPMG and on the staff of two congressional commissions studying internet policy issues.

Abend has testified several times in front of Congress and is frequently quoted in media on cybersecurity issues. She is a member of the Accenture Women’s Executive Leadership forum and the firm’s CEO Council and currently serves as a member of the Monetary Authority of Singapore’s Cybersecurity Advisory Panel, as an advisor to the Board for the Financial Services Information Sharing and Analysis Center (FS-ISAC), and is a member of the Executive Women’s Forum. She also held prior positions on the White House’s Identity Theft Task Force, the Financial Services Sector Coordinating Council, the U.S. Chamber of Commerce Homeland Security Committee, and on the Board of Directors for the Internet Security Alliance.

Mr. Keith Alexander

Founder & CEO, IronNet Cybersecurity Inc

GEN Keith Alexander (Ret.), Founder, Chairman & Co-CEO of IronNet Cybersecurity, is one of the foremost authorities on cybersecurity in the world. A four-star Army general, GEN Alexander was previously the highest-ranked military official of USCYBERCOM, NSA/CSS, where he led these DoD agencies during the conflicts in Afghanistan and Iraq when attempted cyber attacks against the U.S. were on the rise.

In recognition of cyber's increasing importance, President Barack Obama and Defense Secretary Robert Gates appointed GEN Alexander as the first commander of USCYBERCOM, a newly created military institution charged with defending the nation’s security in cyberspace against sophisticated cyber threats to businesses and government operations in an increasingly interconnected world.

A leader with vision and a pragmatic approach to tackling the ever-changing cyber threat landscape, GEN Alexander built IronNet to bring this knowledge and experience to the private sector and fill in a critical gap between cyber threats and available security technology. IronNet provides best-in-class cyber defense based on complex behavioral modeling, big-data analytics and advanced computing capability.

GEN Alexander holds a B.S. from the U.S. Military Academy, an M.S. in Business Administration from Boston University and M.S. degrees in Systems Technology, Physics and National Security Strategy.

Mr. Scott Charney

Corporate Vice President, Security Policy, Microsoft Corporation

Mr. Scott Charney is Vice President for Security Policy at Microsoft, working with public and private sector organizations to develop and implement strategies to help secure the IT ecosystem. He currently serves as Vice Chair of the National Security Telecommunications Advisory Committee, as a Commissioner on the Global Commission for the Stability of Cyberspace, and as Chair of the Board of the Global Cyber Alliance. 

Prior to his current position, Mr. Charney led Microsoft’s Trustworthy Computing Group where he was responsible for enforcing Microsoft’s mandatory security engineering policies and implementing Microsoft's security strategy. Before that, Mr. Charney served as chief of the Computer Crime and Intellectual Property Section (CCIPS) at the U.S. Department of Justice (DOJ) where he was responsible for implementing DOJ’s computer crime and intellectual property initiatives. Under his direction, CCIPS investigated and prosecuted national and international hacker cases, economic espionage cases, and violations of the federal criminal copyright and trademark laws.

He served three years as chair of the G8 Subgroup on High-Tech Crime, was vice chair of the Organization of Economic Cooperation and Development (OECD) Group of Experts on Security and Privacy, led the U.S. Delegation to the OECD on Cryptography Policy, and was co-chair of the Center for Strategic and International Studies Commission on Cybersecurity for the 44th Presidency. 

Mr. Charney graduated from the Syracuse University College of Law with honors and received his undergraduate degree from the State University of New York at Binghamton.

Mr. Kang Meng-Chow

Head, Security Assurance, Asia Pacific, Japan, and China Region, Amazon Web Services

Meng-Chow has been a practicing information security professional for more than 25 years with field experience spanning from technical to management in the various information security and risk management roles, including the Singapore government, major multi-national financial institutions, and global security and technology providers.

Meng-Chow's research and part of his experience in the field have been published in his book, “Responsive Security – Be ready to be secure”, by CRC Press in Oct 2013. His contributions to the information security industry and community have also been marked by numerous industry awards

As leader of the security assurance team in AWS Asia Pacific, Japan, and China region, Meng-Chow and his team work with customers to identify and address related concerns and needs in cloud computing security. Meng-Chow has been active in the information security community, and was a Director of the (ISC)2 Board from Jan 2015 to Dec 2017. He was also recipient of the (ISC)2 James Wade Service Award in 2014.

Meng-Chow has also been contributing to both local and international security standardization efforts since 1998, in which he has held several committee and working group chair and editorial positions in the Singapore national standards body, ITU-T SG17, and ISO/IEC JTC 1 SC 27. Meng-Chow is also co-Chair of the Asia Regional Information Security Exchange (RAISE) Forum, which he co-founded with a group of security experts in 2004. Besides contributing to the industry and community, Meng-Chow continues to conduct research and teach information security as an Associate Professor (Adjunct) with the School of Computer Science & Engineering at Nanyang Technology University, Singapore.

Meng-Chow received his MSc degree in Information Security from the Royal Holloway and Bedford New College, University of London, and completed his PhD in Information Security Risk Management at the Southern Cross University, Australia. He has also been a Certified Information Systems Security Professional (CISSP) since 1998.

Mr. David Koh

Commissioner of Cybersecurity & Chief Executive, Cyber Security Agency of Singapore

Mr. David Koh is concurrently the Commissioner of Cybersecurity, Chief Executive of the Cyber Security Agency (CSA) of Singapore; and the Deputy Secretary (Special Projects) and Defence Cyber Chief of the Ministry of Defence (MINDEF).

As a Commissioner, he has the legal authority to investigate cyber threats and incidents to ensure that essential services are not disrupted in the event of a cyber-attack. Concurrently, as Chief Executive of CSA, he leads Singapore’s efforts to provide dedicated and centralised oversight of national cyber security functions. These include enforcing the cybersecurity legislation, strategy and policy development, cyber security operations, ecosystem development, public outreach and international engagement.

As the Deputy Secretary (Special Projects) and Defence Cyber Chief of MINDEF, he is responsible for leading and coordinating cyber defence policy, capability development, and operations for Singapore’s defence cluster. This includes MINDEF, the Singapore Armed Forces (SAF), the defence technology community, defence industry partners, and MINDEF-related organisations. Mr. Koh also sits on the Boards of the Government Technology Agency (GovTech), Defence Science and Technology Agency (DSTA) and DSO National Laboratories (DSO), the Monetary Authority of Singapore (MAS) Cyber Security Advisory Panel as well as the Public Utilities Board (PUB)’s Board Risk Management Committee.

Prior to his current appointments, Mr. Koh served in the SAF and has held various command and staff appointments in MINDEF and the SAF. He was most recently the Deputy Secretary (Technology), overseeing acquisition, technology and logistics issues for MINDEF and the SAF.

Mr. Koh is the recipient of the first Billington CyberSecurity International Leadership Award. He has also been awarded the Public Administration Medal – Gold, the Public Administration Medal – Silver (Military), the Public Administration Medal – Bronze (Military), and the Commendation Medal (Military).

Mr. Koh has a Master’s degree in Public Administration from Harvard University, USA; and a Bachelor’s degree in Electrical and Electronics Engineering from King’s College, London, UK.

Ms. Cheri McGuire

Group Chief Information Security Officer, Standard Chartered Bank

Ms. McGuire serves as Group Chief Information Security Officer at Standard Chartered Bank. Joining in June of 2016 and based in London, she is responsible for information and cyber security risk management, governance, policy, training and awareness, third party security risk, assurance testing and red teaming, exercises, regulatory engagement, and industry partnerships.

In this role, she regularly briefs the Board of Directors, executive team, and regulators on the cyber security risk posture of the Bank. In addition, she successfully established a new cyber risk management function for Standard Chartered, and developed a comprehensive, multi-year transformation and remediation program that was approved by the Board.

With nearly 30 years of industry and government experience, she serves on the Board of Directors for Entrust Datacard Corporation, and on the Executive Advisory Board of Tenable, a cyber risk management and vulnerability assessment company. In 2017, the Monetary Authority of Singapore appointed her to its first International Cyber Security Advisory Panel. She also serves on the Europol Advisory Group on Financial Services, The George Washington University Center for Cyber and Homeland Security Board, and the UK Cyber Defence Alliance Board. Ms. McGuire is a frequent presenter on cyber risk management and resilience, information sharing, and cybercrime, and has testified numerous times as an invited expert witness before the US Congress. Previously, Ms. McGuire served on the World Economic Forum Global Future Council on Cybersecurity, the National Cyber Security Alliance board, and the Industry Executive Subcommittee of the President’s National Security Telecommunications Advisory Committee. From 2010 to 2012, she served as Chair of the US IT Sector Coordinating Council – one of 16 critical sectors identified by the President and the US Department of Homeland Security (DHS) to partner with the government on critical infrastructure protection (CIP) and cyber security.

Prior to her current role, she served for six years as Vice President of Global Government Affairs and Cybersecurity Policy at Symantec. Ms. McGuire was responsible for the security vendor’s global public policy agenda, and government regulatory and partnership strategy, that included cyber security, CIP, cybercrime, data integrity, and privacy. Previously, she was Director for Critical Infrastructure and Cybersecurity in Microsoft’s Trustworthy Computing Group. Prior to this, she served in numerous positions at DHS, including as head of the National Cyber Security Division/US Computer Emergency Readiness Team (US-CERT). In this capacity, she provided leadership for DHS on the Comprehensive National Cybersecurity Initiative (CNCI) released by the President in January 2008, led the implementation of the 2008 National Cyber Exercise – Cyber Storm II to ensure operational readiness, contributed to a government-wide software supply chain integrity initiative, and was Head of US Delegation for bilateral cybersecurity talks with Japan. Prior to DHS, she served as a program manager for Booz Allen Hamilton for nearly five years specializing in government telecom and computer security agencies, as a manager for a telecom engineering firm that was acquired by Exelon Infrastructure Services, and as a Congressional staffer for seven years.

She holds an MBA from The George Washington University and a BA from the University of California, Riverside. 

Mr. Udi Mokady

Chairman & Chief Executive Officer, CyberArk

Udi Mokady is the Chairman and CEO of CyberArk, and a pioneer in establishing the Privileged Account Security software market. Since co-founding the company in 1999, Mokady has entrenched CyberArk as the market leader. During his tenure at CyberArk, Mokady has also served as CyberArk’s chief strategist and visionary, overseeing global expansion, management, execution and corporate development.

Since assuming the position of CEO in 2005, Mokady’s leadership and direction has been instrumental in guiding CyberArk to achieve record growth, while accelerating overall market adoption for privileged access security solutions to protect against an evolving advanced threat landscape. Mokady was elected Chairman of the Board in 2016.

Prior to his role as CEO, Mokady served as CyberArk’s COO between 1999 and 2005. During this time, Mokady established CyberArk’s US headquarters in Newton, Massachusetts and successfully transitioned the company to a market leadership position in Privileged Access Security by helping organizations to recognize the connection between privileged access and advanced internal and external security threats. Mokady also orchestrated the company’s market expansion in the US, Europe, and Asia by elevating awareness of privilege-related security and compliance risks while successfully implementing and managing channel development, international sales operations and marketing for CyberArk’s award winning information security products. Prior to CyberArk, Mokady specialized in legal management and business development for international high-tech companies. He previously served as the general counsel at Tadiran Spectralink, a highly specialized producer of secure wireless communications systems.

Mokady received the 2018 Asper Award for Global Entrepreneurship from Brandeis University and a 2017 SC Media Reboot Award as a cyber security influencer. He was named the 2014 Ernst & Young Entrepreneur of the Year for the Technology Security category in New England. Mokady is a member of the Monetary Authority of Singapore (MAS) Cyber Security Advisory Panel and was a member of the Demisto Board of Directors prior to its acquisition by Palo Alto Networks in March 2019.

Mr. John Nai

Chief Information Security Officer, Paypal

John Nai joined PayPal in 2012 and as Chief Information Security Officer is responsible for oversight of Information Security across all of PayPal’s business units. John’s primary areas of focus are: security strategy, risk management, security assurance, threat intelligence, critical incident management, and M&A.

John also participates in broad-based efforts across the technology organization to improve the design and build products, ensure industry-leading performance and push the boundaries of innovation through new and emerging technologies.

John’s prior experience includes 20 years at Charles Schwab building and managing highly available and secure Trading systems and platforms.

Mr. Erik Ploegmakers

Managing Director, Fox-IT, NCC Group

Mr. Erik Ploegmakers leads Fox-IT, one of Europe’s oldest and largest Cybersecurity firms. The company specializes in threat intelligence, incident response and (financial fraud) detection. As a trusted partner for government and financial organizations, Fox-IT focusses on securing data up to state secret level. Previously he was managing director of KPN’s security division in the Netherlands, prior to which Mr. Ploegmakers was leading PwC’s cybersecurity consulting practice in Amsterdam.

Mr. Ploegmakers joined Fox-IT in the early years as part of the Digital Forensics team. With a master’s degree in criminal law and eLaw he had strong focus on the material and business impact of digital crime. In 2007, he became responsible for the lawful interception division, which was acquired by NetScout Systems Inc. After guiding the acquisition, Mr. Ploegmakers joined PwC in Amsterdam and built an advisory practice around cybersecurity and risk assurance.

Within KPN Mr. Ploegmakers was in charge of the security service division, leading 700 professionals including security operations, identity management and secure communications. In 2018, Mr. Ploegmakers returned to Fox-IT as CEO. Fox-IT was founded in 1999 and specializes in high end cybersecurity services and cryptography. Its core business is helping clients detect and respond to potential security breaches or fraudulent transactions. Besides this, it builds and supports high tech crypto equipment to secure classified data up to the highest level of security.

Mr. Ploegmakers is part of the Executive Committee of NCC Group plc, which acquired Fox-IT in 2015. He is a trusted advisor of the Dutch Ministry of Defense and part of the Digital Government Council. As a founder of the Hague Security Delta, Mr. Ploegmakers currently is part of its Board of Advisors. In 2017, Mr. Ploegmakers was nominated Young Captain of the Year.


Mr. Jason Witty

Head of Cybersecurity & Technology Controls and Global Information Security Officer, JPMorgan Chase

Jason Witty is the Head of Cybersecurity & Technology Controls and Global Chief Information Security Officer for JPMorgan Chase with responsibility for the firm’s cybersecurity, technology controls and resiliency programs. He is a member of the firm’s Global Technology Operating Committee.

In his prior role as Chief Information Security Officer (CISO) at U.S. Bancorp, Jason provided singular accountability for all information security controls in the company. He also had responsibility for enterprise-wide customer authentication products as well as internet and DDA channel fraud. Jason led multiple classified and unclassified sector-wide initiatives to upgrade the security posture for U.S. Critical National Infrastructure, including overseeing creation of industry-wide products for destructive malware best practices and utilization of clearances within the financial sector.

Previously, Jason was the Senior Vice President and Cyber Threat Prevention Services Executive at Bank of America. He was responsible for a team of information security professionals spanning eight countries who provided global information security risk prevention and deterrence services. With more than 20 years of experience on information risk management, Jason is an award-winning CISO and a certified Information Systems Security Management Professional (ISSMP). He is a delivery and execution-oriented leader with a unique blend of executive leadership, management and technical skills, and extensive background in risk management. He possesses broad and deep technical expertise used to address business challenges efficiently and effectively and is a strong motivator that uses outstanding communication and negotiation skills to solve business and IT security challenges.

Jason also serves as the Chair of the Financial Services and Information Sharing and Analysis Center (FS-ISAC) as well as previously served as the Sector Chief for Financial Services in FBI Chicago’s Infragard program.

He has a Bachelor’s degree in Electrical Engineering Technology from Old Dominion University.