speaker-photo

Donavan Cheah

Senior Cybersecurity Consultant - Thales
Donavan is a Physics graduate turned into cybersecurity consultant with eight years of experience in technical domains (offensive security), architectural domains (threat modelling, security architecture) and business domains (governance, risk and compliance). He understands how multiple businesses and operations run, such as government, aviation, transportation, defence and financial sectors. He excels at identifying key cybersecurity solutions to enable companies to compliance with regulations, cybersecurity confidence and cost-effectiveness (3 Cs) to ensure companies optimise their cyber maturity. He has contributed to the open-source cybersecurity community, such as his series of deliberately vulnerable machines on Vulnhub from 2018 to 2021. He has also conducted talks on both technical and strategic cybersecurity topics at multiple conferences and venues regionally (Mystikcon, Vulncon, Division 0), as well as to non-cybersecurity audiences. He has also conducted career talks to inspire younger students at both the middle school and university levels to consider cybersecurity as a meaningful career option. In Thales, he has also led a team to create a fully-functional, made in Singapore cybersecurity gamification experience, "Defend the Breach" (DTB), in a short span of three months, where players role-play CISO roles to make difficult cybersecurity decisions, taking into account both cyber and non-cyber factors such as the overall health of the business, manpower and operational requirements. Recently, Donavan was also appointed a member of the advisory board at VULNCON 2024 to provide technical thought leadership. He also moderated a panel with fellow CISO/VP-level cybersecurity executives on the future of cybersecurity. His views on cybersecurity have also been quoted in the book "The Pentester Blueprint" written by Phillip L. Wylie and Kim Crawley, as well as his course reviews being quoted by Offensive Security. He also contributes to the ISC2's Unified Body of Knowledge (UBK) project as a member of the Technical Advisory Panel Workshop. Additionally, he has also written articles on ISACA on topics such as post-quantum cryptography as well as how topics such as geopolitics and economics are related to cybersecurity. Donavan also possesses multiple certifications ranging from Offensive Security certifications (OSCE3, OSCP), ISC2 (CISSP), ISACA (CRISC) and is currently pursuing his Masters in Cybersecurity at Georgia Tech (OMSCY).
10.00 - 06.00 PM Workshop

Saturday 22nd Feb

Threat Modelling 101