CSA HKM Knowledge Sharing Event – January 2017

CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

This month we have invited Mr Jeffrey Lau, Platform Lead of Ribose to deliver a talk entitled “Management of SaaS-specific risks”.


SaaS providers have exploded in numbers in recent years. Practically every organization today has adopted SaaS services in one way or another. However, given the ease of adoption, coupled with a consumer-driven and instant gratification mindset, organizations often onboard SaaS services without necessary precaution and scrutiny.

By nature of the cloud, SaaS services are subject to much greater threats than traditional IT. Without proper management of SaaS risks, SaaS services can easily become the weakest link in your organization, potentially endangering organization survival. In this session, we will enumerate risks and mitigation measures of adopting SaaS services from the cloud customer’s perspective to help protect your organization from SaaS-specific threats.

Presented by Jeffrey Lau, co-lead of the privacy practice at Ribose and member of CSA’s SaaS Governance workgroup, this session explains the notion of SaaS-specific risks including privacy risks, and best practices in managing them in this age of uncertainty.


Jeffrey is Ribose’s Platform Lead, responsible for service-wide improvements of the Ribose secure collaboration platform. With a decade of software engineering experience, he holds bachelors and masters degrees in Computer Science from the University of Cambridge. He is passionate in protecting individual privacy rights, particularly on the privacy impact of technology as well as methods to mitigate them through technology. Jeffrey is a part of the CSA SaaS Governance and Internet of Things working groups, serves technical committees at the OpenID Foundation and is a lead auditor in information security management systems (ISO/IEC 27001), IT service management (ISO/IEC 20000-1) as well as business continuity management systems (ISO 22301).

Please do not miss this opportunity to learn from the expert and get connected with your peers.

Participants can claim 1.5 CPE.

DATE: January 5, 2017 (Thursday)

TIME: 4:30 – 6:30 pm

VENUE: Room Z414, Core Z, The Hong Kong Polytechnic University, Hung Hom


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: