From incident response to red teaming, many global teams touch systems and data in China without realising the legal tripwires. In this live CIO Summit conversation, THEOS Cyber CEO Paul Jackson speaks with DLA Piper’s Carolyn Bigg about the realities of operating in China’s data and cyber landscape. Topics include why consent is foundational, why remote access counts as a cross-border transfer, volume thresholds that trigger filings or approvals, and new breach notification measures with four-hour reporting for higher-severity incidents and mandatory 30-day remediation reporting. They also cover local technical standards beyond ISO 27001, provincial CAC dynamics, operational risks such as license exposure, and the unique AI environment in China where toolsets, policy aims, and threat models differ from the West. A clear, practical primer for CISOs, legal, and operations leaders who need to plan before the crisis.

Disclaimer: This episode provides general information. It is not intended to be, and should not be used as, a substitute for taking legal advice in any specific situation. Organisations should consult counsel for guidance.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

Disclaimer: This episode discusses child sexual abuse material (CSAM) and includes references that some listeners may find distressing.

For Mick Moran, child sexual abuse material (CSAM) is not just a law enforcement issue; it is a cybersecurity blind spot. As CEO of the Irish Internet Hotline and a former INTERPOL Assistant Director, he argues that every CISO needs to know how to detect CSAM, what to do if it surfaces, and how to protect both staff and reputation.

Through wargames at the Council of Europe, Mick shows how easily organisations falter without a CSAM policy: HR rushing to dismiss, legal silenced by uncertainty, and security teams exposing staff to trauma. He connects these lessons to Asia Pacific, where remote abuse and sextortion networks highlight the urgent need for corporate readiness.

This is not a topic widely discussed in cybersecurity circles, but it is one every CISO must factor into their playbook. Detection, wargaming, reporting, and welfare cannot be ignored.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

For Group Chief Security Officer Tim McNulty, crisis management is not firefighting; it is foresight. Preparation, horizon scanning, and above all, communication are what turn chaos into resilience. His rule is simple: communicate up, communicate internally, communicate externally.

Tim also reflects on the human side of crisis leadership. He explains how the Asia Crisis and Security Group, formed in response to the 2003 tsunami, demonstrates the power of networks rooted in real-world events, proving that resilience is ultimately about people helping people. Along the way, he shares lessons from his journey through law enforcement and global finance, from breaking down silos to showing boards that security is a business enabler.

Essential listening for senior leaders who want to see how preparation, communication, and people shape true resilience.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

Why are cyber scams rapidly increasing across Asia while law enforcement, education, and industry still struggle to keep pace?

In this episode of THEOS Cybernova, Paul Jackson reconnects with Nigel Phair of Monash University to discuss the scam crisis in APAC. They explore why victims are blamed instead of supported, how underreporting skews the true scale of fraud, and what must change in policing. The conversation also delves into the future of cyber talent, the impact of AI on junior roles, and the need for more effective collaboration across government, academia, and industry.

Listen in to uncover why scams are more than just financial crime and how the fight against them must evolve.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

From the Philippines to Singapore and Hong Kong, how do companies across APAC balance cybersecurity, data privacy, and regulation in a rapidly shifting landscape?

In this episode of THEOS Cybernova, host Paul Jackson speaks with Jay Gomez, Associate Director in Cyber Advisory at BRG, about what it takes to lead in one of the world’s most diverse and fast-moving cyber regions.

Jay reflects on his journey from IT operations and BPO leadership to becoming one of the Philippines’ first Data Protection Officers and now a regional consultant. He shares candid insights on the Philippines’ tough but unevenly enforced privacy law, the exodus of top cyber talent abroad, and why SMEs are increasingly relying on fractional or virtual CISOs to stay secure.

They also discuss why trust is the bedrock of effective cyber leadership, how ISACA has shaped the IT GRC community, and why AI is more likely to enhance the work of security analysts than replace them.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

From being a ROOTCON pioneer and core member (aka GOON) to driving large-scale offensive security operations, Jayson “JV” Vallente has been at the forefront of hacking culture and capability in the Philippines and across APAC.

In this live episode from the THEOS Cyber offsite, he joins Paul Jackson to share how he built the country’s first major AppSec teams, is helping ROOTCON grow into Southeast Asia’s premier hacker conference, and why the hacker mindset is essential for staying ahead of adversaries. They explore the role of AI in offensive operations, the power of cross-team collaboration, and the discipline required to thrive as an ethical hacker in today’s threat landscape.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

Neal Ysart: From Scotland Yard to Manila - Building a Cross-Border Cyber Investigations Practice

From vice squads to digital forensics, one investigator’s journey reveals how cybercrime and response, has changed.

In this episode of THEOS Cybernova, host Paul Jackson sits down with Neal Ysart, a veteran investigator whose journey spans Scotland Yard, Big Four consulting, global law firms and now his own digital forensics and OSINT practice in Manila.

Neal reflects on four decades of tackling everything from vice and organized crime to cyber fraud and corporate misconduct. He shares why digital forensics is no longer optional, how AI is accelerating investment scams, and why the region needs to develop deeper cyber investigations expertise to match its growing offensive security capabilities.

They also explore the role of mentorship, the value of certifications and how his Coalition of Cyber Investigators is helping shape global investigation standards.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio

Nathan Reid: Inside the High-Stakes World of Digital Forensics & Incident Response

When a cyber incident strikes, every second counts. In the high-stakes world of Digital Forensics and Incident Response (DFIR), elite professionals like Nathan Reed work against the clock to uncover the truth, contain the damage, and get businesses back on their feet - often with millions on the line.

In the Season 2 opener of THEOS Cybernova, Nathan joins Paul Jackson to unpack what happens during a major incident response, why digital forensics and incident response require distinct mindsets and how speed, grit and teamwork can make or break a breach investigation.

From military signals to global cyber investigations, Nathan's path to becoming THEOS Cyber Head of DFIR is anything but ordinary.

A must-listen for anyone driving cyber resilience across the APAC region.

Production Credits:

Presented by: Paul Jackson
Studio Engineer & Editor: Roy D'Monte
Executive Producers: Paul Jackson and Ian Carless
Co-produced by: Theos Cyber and W4 Podcast Studio