ÀÖÓ㣨Leyu£©ÌåÓý¹ÙÍø

Gerry Chng is the Head of Cyber at ÀÖÓ㣨Leyu£©ÌåÓý¹ÙÍø in Singapore, bringing over 25 years of Big Four consulting experience with a specialisation in cybersecurity and risk management. He has supported clients across Singapore and Southeast Asia in adopting technological innovations while managing critical risks such as data breaches and regulatory compliance. With a strong focus on the responsible and ethical implementation of emerging technologies such as artificial intelligence and machine learning, Gerry advises organisations on secure digital transformations that respect privacy and align with regulatory expectations. Over the course of his career, he has led the growth and operations of cybersecurity practices, covering areas such as security testing, governance, risk and compliance (GRC) implementations, operational technology, and managed security services.

Gerry contributes actively to international cybersecurity and AI governance standards. He represents Singapore at the ISO/IEC JTC 1/SC 42 committee on AI standardisation and leads national efforts to adopt ISO 42001:2023 as a Singapore standard. He also sponsors key initiatives to develop a Singapore Technical Reference on Large Language Model (LLM) security, with support from GovTech and CSA.

In addition to his professional commitments, Gerry lends his expertise to the non-profit sector, chairing the Audit & Risk Committee at the National Volunteer and Philanthropy Centre (NVPC). He also leads the AI Ethics & Governance Special Interest Group under the Singapore Computer Society, fostering a professional community dedicated to managing the risks of emerging technologies.

Gerry’s project experience spans high-impact engagements across both public and private sectors. He has led a global vulnerability management programme for several international banks, overseeing security testing for online and mobile platforms prior to launch. He has also driven a secondment engagement with a major financial institution to strengthen their security posture in response to regulatory findings, including policy redevelopment, cloud security, and data protection enhancements.

His work includes leading a Whole-of-Government benchmarking initiative to assess conformance to IM8 standards and providing policy-level recommendations for improvement. He has delivered multiple eGRC implementations within the financial services sector, deploying platforms such as Archer and ServiceNow. Additionally, he developed a trusted AI framework for a Singapore-based telecommunications firm, and served as lead trainer to a regulator on the security risks associated with AI adoption.