CSAHKM Additional Sharing on Log4j on 17 December 2021

Log4j exploit is definitely the hottest topic over this week. Many of the IT company or IT support person said it is the Log4j week. We definitely do not want to be inert or reactive about this hot topic, but we should also not be over reactive by the incident.

So on top of our scheduled regular monthly knowledge sharing session event on this week 17 Dec 2021, CSA (HK & Macau Chapter) consider that it would be a good time that we squeeze 20 minutes from our sharing session and seize this time to pull in a panel to talk about this Log4j exploit attack method, defense mechanism, solutions by cloud service provider for cloud users and current trend detected about the attack in the wild and next step that we could do.

So we will have the following speakers in the panel this friday 17 Dec 2021. You just need join in the event by registering at the same knowledge sharing session link, https://csahkmkse2112.eventbrite.hk

Samuel NG (ASTRI and CSA HKM Vice Chairman of Programs & Research) will cover the attack method of Log4j exploits.

Otto LEE (HKCERT and CSA HKM Vice Chairman – Secretarial & Treasurer) will highlight the alerts and updates about the Log4j vulnerability.

Pike WONG (Data Voyager) will cover the observed current and changes of attack pattern of Log4j related attack in this week.

Vincent IP (PISA, Hon. Secretary & Treasurer) will share the mitigation solutions that corporate and SME can use to reduce the attack currently.

Harry PUN (Microsoft and Deputy Chairman) will give us some input and advises how cloud service provider did to manage the incident and what solutions they provide to cloud user.

Also join our organisation CSA HKM for more benefits and more event in the coming year. You can have discount in our CCSK, CCAK and CCSP training.

DATE: December 17, 2021 (Friday)

TIME: (New time) 13:15 – 13:45 pm

VENUE: Webinar

View the presentation: https://youtu.be/FuFB13MgXX4

(start from 00:47:46)

CSA HKM Knowledge Sharing Event – December 2021

It is coming to the end of 2021 and it is time for CSA HKM to organise the last knowledge sharing event for this year. Instead of technical hardcore topics, CSA HKM would like to hold a legal and compliance event hosted by our Macau Chapter.

The Macau Cyber Security Law was legislated since December 2019. In the past 2 years, how is this law affecting the security posture of Macau? How are the related organizations reacted to this law? In this seminar, Terry Cheung, Deputy Chairman – Macau of CSA HKM, will highlight the requirements of the law and the related guideline and review the work that the related organizations, the governing bodies have been contributed for compliance and the reduction of security risks and the privacy requirements will also be discussed. 

Participants will claim 1 CPE.

DATE: December 17, 2021 (Friday)

TIME: 12:30 – 01:15 pm (Updated)

VENUE: Webinar

SPEAKER: Mr. Terry CHEUNG, President of the ISACA Macao Chapter, the Deputy Chairman of Macau of CSA HKM Chapter and Managing Director of TopSOC Information Security Limited

TOPIC: Macau CyberSecurity in Action

LANGUAGE: Cantonese

THE SPEAKER:

Terry has been in IT and Information Security sectors for over 25 years. He has been working in various industries including banking, government, telecommunications, hospitality and gaming and cyber security consultancy. He has experiences in security policy development, forming new security team, design and deploy various security systems including two tiers DDoS protection service, central logging system and SIEM, ISO27001 implementation, etc. Heparticipated in the development and implementation of many systems including core banking systems, converged billing systems, ERP, HR, CRM, Call Center system, gaming and hospitality systems, etc. In the past few years, he has provided security professional services related to the Macau Cyber Security Law.

Apart from work, Terry is also the founder of the Information Systems Audit and Control Association (ISACA) Macao Chapter and the Cloud Security Alliance (CSA) Hong Kong & Macau Chapter. Currently, he is serving as the President of the ISACA Macao Chapter and the Deputy Chain of Macau of CSA HKM. He is working as the Managing Director of TopSOC Information Security Limited.

Terry holds professional qualifications such as CISP CISI CISSP CCSP CISM CISA CDPSE CITP CEng ACA MVP.

View the presentation: https://youtu.be/FuFB13MgXX4

CSA HKM Supports 3rd CXO Forum

The Cloud Security Alliance Hong Kong & Macau Chapter is pleased to support the 3rd CXO Forum organised by Kornerstone.

More than a year into the COVID era, there are too many businesses scorched by the impact of business + customer isolation. With the dying down of infection numbers and the advent of vaccines, the business community is ready to be reborn, rising out of the ashes. Can your business be the same?

With multiple themes include “Meeting Growth Challenges in a Digital Age”, “Think like a Technology Company – Innovation and Transformation”, “Reinvent the Organisational Model”, “Data-centric Business Strategies” and “Success in the Customer Experience Economy”, the speakers at the event will bring you all the insights for your success, or survival.

DATE: December 2, 2021 (Thursday)
TIME: 9:00 am – 12:30 pm
FORMAT: Physical event
VENUE: 7/F Cordis, Hong Kong, 555 Shanghai Street, Mongkok
DETAILS AND REGISTRATION: https://www.cxoforum.hk/

CSA HKM Supports HKCERT Webiner: Secure Coding Practices – OWASP Top 10 (2021)

Cloud Security Alliance Hong Kong & Macau is pleased to support the webiner “Secure Coding Practices – OWASP Top 10 (2021): What’s Changed and Implications to Application Developer”. The webiner is organised by the HKCERT and will be held on November 24, 2021.

The latest OWASP Top 10 2021 version features considerable changes by shifting to emphasise security control areas over individual vulnerabilities for improved risk management. It leads to a recategorisation of several risks and new additions. Examples are the most significant one is now the Broken Access Control, while the long-standing number one risk of “Injection” is downgraded to 3 rd position.

Wanna know more about the changes? Join this webinar NOW and learn from software security specialist from OWASP HK Chapter and security expert!

DATE: November 24, 2021 (Wednesday)
TIME: 3:00 – 4:30 pm
FORMAT: Online Webiner
LANGUAGE: Cantonese with English terminology
DETAILS AND REGISTRATION: https://bit.ly/3H750fV

CSA HKM Supports the Hong Kong International Computer Conference 2021

The Hong Kong International Computer Conference (HKICC) is an annual flagship event organised by the Hong Kong Computer Society (HKCS) since 1978 and is one of the best and most popular ICT conferences in Hong Kong. It brings together ICT professionals and experts, government leaders and business executives from local and abroad to share and discuss the latest trends of ICT innovations and developments in enhancing business opportunities and productivity.

This year the theme of the event is Emerging Technologies Shaping our Future in the Greater Bay Area and the highlighted topics include Sustainability and Smart Living / City: Good for today and tomorrow, Role of Hong Kong in the Great Bay Area, Emerging Technologies: Opportunities and Challenges; as well as Hong Kong as an International Technology and Innovation Centre.

DATE: November 17-18, 2021 (Wednesday and Thursday)
TIME: 9:30am – 5:15pm
FORMAT: Hybrid Conference
PHYSICAL VENUE: Theatre 1 & 2, Hong Kong Convention & Exhibition Centre, Wan Chai
LANGUAGE: English & Mandarin
DETAILS and REGISTRATION: http://hkicc.hkcs.org.hk/

CSA HKM Knowledge Sharing Event – November 2021

CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

This month we have invited Mr Ken Zhang, Head of Security Hong Kong, Google Cloud, to deliver a talk on “Cloud Infrastructure Continuous Compliance”.

In the session, Ken will introduce an open and modular reference architecture to realise the cloud infrastructure continuous compliance. He will also use a simple example to take audiences through how to use the reference architecture, plus a live demo to see the reference architecture working in action in Google Cloud Platform.

Please do not miss this opportunity to learn from the expert and get connected with your peers.

Participants will claim 1 CPE.

DATE: November 18, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar

SPEAKER: Ken Zhang, Head of Security Hong Kong, Google Cloud

TOPIC: Cloud Infrastructure Continuous Compliance

THE SPEAKER:

Ken led multi-cloud security and transformation projects in Australia and the Greater China Region. He has experience helping organisations with their security and transformation journeys in banking, insurance, retail, health service and manufacturing industries. 

View the Presentation: https://youtu.be/bPEh3LwYD64

CSA HKM Supports ICT Conference 2021

The “ICT Conference 2021 – Embracing Digital Futures Under New Normal”, aims to provide a forum for the government officials, university researchers, and major industry professionals to share the views on the government policy, the latest development and applications, as well as the opportunities and threats in the future ICT era.

Cloud Security Alliance Hong Kong & Macau Chapter is pleased to support this event organised by the Institution of Engineering and Technology (IET) Hong Kong. Details of the event is as follows:

DATE: October 8, 2021, Friday
TIME: 2:00-5:30 pm
FORMAT: Online Webiner
LANGUAGE: English
FEE: Free of Charge
REGISTRATION: ictconference.hk

CSA HKM Knowledge Sharing Event – September 2021

A rise in remote employees and an increased reliance on SaaS applications create new, wider gaps in security. To put it simply, it’s more challenging to protect users at the edge — ensuring seamless connections that optimize productivity without creating performance issues that drag down user satisfaction.

Enter the secure access service edge (SASE), an architectural approach that offers an alternative to traditional data center-oriented security. SASE converges networking capabilities with cloud-native security functions to simplify deployment and streamline management in the cloud.

Join our September Knowledge Sharing Event to learn how to cut the complexity, reduce risk exposure, and improve performance with a single cloud-delivered service that deploys easily and scales with your business.

Please do not miss this opportunity to learn from the expert and get connected with your peers.

Participants will claim 1 CPE.

DATE: September 23, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar

SPEAKER: Ricky Mok, Cisco

TOPIC: Streamline cloud security and embrace SASE

THE SPEAKER:

Expert in cyber threat intelligence, highly experienced in identifying cyber threat risks in the complex ICT Infrastructure. With over 15 years of networking and information security experience, I am competent in cybersecurity solution design and consultation of security projects in various industries across the Asia Pacific region. Specialties include Infrastructure transformation, Network Security, Cloud Security, SecOps, Hybrid IT Security & Risk Management, Predictive Analytics, and Security Operation Centre design and build.

View the Presentation: https://youtu.be/mVEpr406UTU

Presentation File: https://drive.google.com/file/d/1FmLH3o06ERugBGcnWq5il_trV6q4Xza2/view?usp=sharing

CSA HKM Supports Cybersec Infohub Annual Professional Workshop 2021

Cloud Security Alliance Hong Kong & Macau Chapter will support the Cybersec Infohub Annual Professional Workshop 2021 organised by the Office of the Government Chief Information Officer (OGCIO) and the Hong Kong Intenet Registration Corporation Limited on September 17.

Participants will gain insights from attending experts on how cyber security strategy and mindset support business continuity and help create business value in the new norm.

DATE: September 17, 2021, Friday
TIME: 2:30-4:30 pm
FORMAT: Live Broadcast
LANGUAGE: Cantonese
AGENDA:
Presentation 1 – Build Your Own Cyber Security Strategy for Your Business
Presentation 2 – Challenges of Digital Transformation in the Post-epidemic Era
Panel Discussion – The Importance of Cyber Security Mindset in the New Norm

REGISTRATION: https://forms.office.com/r/1NLNRDPh6n

CSA HKM Supports BSI Privacy Control Seminar

Cloud Security Alliance Hong Kong & Macau Chapter is supporting BSI in the organisation of a seminar on privacy control.

Given the dynamic environment in which we operate, the need for guidance on how organizations should manage and process data to reduce the risk to privacy information is getting more important.

Please join the seminar on August 4 to learn:
• Hot news of privacy breaches
• Highlight of privacy trend
• How to implement privacy control to compliance with the privacy acts across the globe
• Demonstrating compliance and building trust with privacy information management system

DATE: August 4, 2021, Wednesday
TIME: 2:30 – 4:00 pm
VENUE: 23/F, Cambridge House, TaiKoo Place, 979 King’s Road, Island East, Hong Kong
MEDIUM: Cantonese
DETAILS: https://page.bsigroup.com/l/73472/2021-04-28/zj6zp4?_ga=2.40865057.262037903.1625453284-1280419738.1615774271