Month: July 2024

CSA HKM Knowledge Sharing Event – July 2024 – Discussion Forum

It’s an exciting month for cybersecurity professionals in Hong Kong. Earlier this month, the HKSAR Government initiated a public consultation on a proposed legislative framework to enhance the protection of computer systems for critical infrastructure (CI) in Hong Kong.

The framework, outlined in the document [https://www.legco.gov.hk/yr2024/english/panels/se/papers/se20240702cb2-930-3-e.pdf], aims to establish a set of statutory obligations and security measures for operators of critical infrastructures. This is in response to the growing reliance of essential services on computer systems and the increasing threat of cyberattacks that could disrupt Hong Kong’s economy, public safety, and national security. By introducing this new legislation, the government seeks to strengthen the cybersecurity posture of Hong Kong’s critical infrastructure, ensuring the reliable and uninterrupted provision of vital services to the community

Last Friday, July 19, we encountered another massive incident – massive failure of Microsoft Windows with CrowdStrike Falcon Agent (EDR) installed. How should we proceed and how should we react to this? Should we reconsider before installing EDR to the computer systems in Critical Infrastructure environment.

Cloud Security Alliance Hong Kong & Macau Chapter considered that it is time that we should gather our brain and mindset together to determine what should we prepare for the CyberSecurity Law? How should we make use of the framework to enhance the security posture of Hong Kong Critical Infrastructure?

CSA HKM arrange an online forum on July 26, 2024 (Friday) during our knowledge sharing session at 12:30 – 13:30. We have invited our council member and some other practitioners to give their comments. We also wish to gather the comments from you as well.

DETAILS:

DATE: July 26, 2024 (Friday)

TIME: 12:30 – 13:30 pm

FORMAT: Online Zoom Session.

TOPIC: How should “WE” make the CyberSecurity Framework to enhance the Critical Infrastructure protection?

LANGUAGE: English
PANELIST:
– Terry Cheung, Kevin Liu, Otto Lee, Ricci Ieong [Board Members of Cloud Security Alliance (HK & Macau)]
– Wilson Tang [Vice Chairman of HKCNSA]
– Billy Fung [Deputy Director of Financial Services Committee, HKCNSA]
– Representatives from some Cloud Service Providers

LISTEN to the FORUM: https://www.youtube.com/watch?v=rrbtnIoSkWg

This discussion forum is organized by Cloud Security Alliance HK & Macau Chapter (CSA HKM) and supported by Hong Kong China Network Security Association (HKCNSA) and Information Security and Forensics Society (ISFS).

CCSK v5 Now Available


CSA is thrilled to announce the release of the Certificate of Cloud Security Knowledge (CCSK) v5, the mark of the modern cybersecurity professional. This latest version of our vendor-neutral cloud security training is designed to help you demonstrate mastery of essential and up-to-date cloud security knowledge.

CCSK v5 builds upon the strong foundation of CCSK v4, offering substantial updates that provide a detailed understanding of modern cloud components and state-of-the-art security best practices. Key enhancements include:

  • Increased and Refined Focus Areas: Expanded coverage on Cloud Workloads, Serverless/FaaS, Application Security, CI/CD, DevSecOps, and Automation.
  • Strengthening Core Areas: Improved content across Governance,
    Auditing, Compliance, Organizational Security, IAM, and Incident Response.
  • New Additions: Integration of Artificial Intelligence
    (AI) and Generative AI, Zero Trust strategy, and explicit references to Data Lakes.

With CCSK v5, you gain access to the groundbreaking CCSK Orb chatbot, an interactive tool designed to help you master the body of knowledge and provide ongoing assistance in your daily challenges managing the roadblocks of a cloud security professional. This certificate remains the benchmark for cloud security expertise, equipping you to tackle both current and emerging security threats.

Explore CCSK v5