ISACA China Hong Kong Chapter Annual Conference – March 22, 2018

Cloud Security Alliance Hong Kong & Macau Chapter is proud to support ISACA China Hong Kong Chapter’s Annual Conference 2018 on March 22, 2018.

Themed “Managing Risk and Security for the Technology Transformation”, the event provides a forum for inspiring collaboration and sharing of best practice on technological innovations.

This event will be an all-female speakers conference, for the first time in HK, in an effort to support the SheLeadsTech Events which is now promoted by the ISACA. The program aims to increase the representation of women in tech leadership roles and also promote female technology contributions.

Workshop 1
DATE:         March 21, 2018
TIME:          9:00 – 17:00
VENUE:      School of Continuing Education, HKBU, 26/F Wu Chung House, 213 Queen’s Road East, Wanchai

Annual Conference
DATE:         March 22, 2018
TIME:          9:00 – 17:00
VENUE:      Regal Ballroom, Regal Hong Kong Hotel, Causeway Bay

Workshop 2
DATE:         March 23, 2018
TIME:          9:00 – 12:30
VENUE:      School of Continuing Education, HKBU, 26/F Wu Chung House, 213 Queen’s Road East, Wanchai

Workshop 3
DATE:         March 23, 2018
TIME:          14:00 – 17:30
VENUE:      School of Continuing Education, HKBU, 26/F Wu Chung House, 213 Queen’s Road East, Wanchai

Details and Registration: http://www.isacaconference.hk/2018/

ISACA Annual Conference 2018

Advertisements

CSA HKM Knowledge Sharing Event – February 2018

CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

This month we have invited Mr Billy Chuang, Senior Manager, Systems Engineering of F5, to deliver a technical briefing entitled “Security Challenge in the Era of Multi-Cloud and API economy”.

The Topic

As applications move to the cloud, it is essential that organisations find new ways of securing cloud infrastructures and applications whilst ensuring consistent security polices and alignment to existing operational processes. Learn what challenges would be through flexible deployments which embed security deep within the application and how users can protect themselves against the challenges.

The Speaker

Based in Hong Kong, Billy Chuang is the Senior Manager, Systems Engineering of F5. He is responsible for technology innovation and management of business partner eco-system as well as the drive of F5’s business growth in the region.

Coming with 23 years of experience in the IT industry and extensive knowledge about traffic management, App security and ADC, he was one of the pioneers who worked on the first generation of Server Load Balancer, internet proxy and network firewall.

Billy holds a Bachelor of Science in Information Technology from National University of Ireland and is a certified Ethical Hacker (CEH).

Details

DATE: February 1, 2018 (Thursday)

TIME: 4:30 – 6:30 pm

VENUE: Room Z414, Core Z, The Hong Kong Polytechnic University, Hung Hom

REGISTRATIONhttp://csakse1802.eventbrite.hk

 

Please do not miss this opportunity to learn from the expert and connect with your peers. Participants may claim 1.5 CPE.

Hong Kong ICT Awards 2018

The Hong Kong ICT Awards aims at recognising and promoting outstanding information and communications technology (ICT) inventions and applications, thereby encouraging innovation and excellence among Hong Kong’s ICT talents and enterprises in their constant pursuit of creative and better solutions to meet business and social needs.

As a supporting organization of the Hong Kong ICT Awards 2018, Cloud Security Alliance Hong Kong & Macau Chapter encourages the active participation of our members and the general public to the eight categories under the Award.

Details of the Awards can be found at http://hkcs.org.hk/ictawards/

ICT Awards 2018

Cloud Security Alliance Announces Launch of CCSK v4

ccsk-large
The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today announced the general availability of its latest industry leading Certificate of Cloud Security Knowledge exam, version 4 (CCSK v4). The new exam has been significantly updated to reflect changes in the cloud and security landscape and features new content that aligns with this year’s earlier release of Guidance for Critical Areas of Focus in Cloud Computing 4.0.

“Since its launch, the CCSK has been recognized and widely accepted as the gold standard by a broad coalition of experts and organizations for demonstrating cloud security competency,” said Jim Reavis, CEO, CSA. “With this update, the CCSK is again proving to be the definitive resource for anyone in IT and information security who is looking to declare their understanding of key cloud security issues.”

Version four content represents more clarity, accuracy and better alignment with the recently published Guidance for Critical Areas of Focus in Cloud Computing 4.0 document, to better reflect current operational realities in cloud. Some key updates to note in the new version are reflected in the rebuilding of the introductory, infrastructure, and governance/legal/risk sections. Additionally, the materials covering data security includes an expanded coverage of Cloud Access Security Broker (CASB) technologies and business continuity/disaster recovery. Also, the Related Technologies sections now covers how IoT, mobile, serverless computing, and Big Data technologies are connected to cloud computing. A detailed list of changes between the CCSK v3 and v4 can be found at https://ccsk.cloudsecurityalliance.org/en/faq#changes.

Launched in 2010, the CCSK emerged as the industry’s first benchmark for measuring cloud security skillsets. The body of knowledge is constituted by Guidance for Critical Areas of Focus in Cloud Computing 4.0, the CSA Cloud Control Matrix (CCM) and the European Cyber Security Agency (ENISA) Cloud Computing Risk Assessment report. Information technology and security professionals interested in studying for the CCSK v4 exam can prepare through CSA’s self-study preparation kitor through their network of training partners offering instructor-led and online classes.

Approximately 86 percent of the exam questions will be related to the content of the Guidance for Critical Areas of Focus in Cloud Computing 4.0.  The CCSK v4 exam is now available for $395.  For more information or to take the exam visit https://cloudsecurityalliance.org/education/ccsk.

CSA HKM Knowledge Sharing Event – December 2017

CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

This month we have invited Dr Bradley Schatz, director of the independent digital forensics consultancy firm Schatz Forensic, to deliver a talk entitled “Live Cloud Forensics” when he will share with the audience on the new approach of live analysis and how partial physical acquisition can ba applied in the cloud environment.

THE TALK:

With businesses increasingly migrating from on-premise to cloud based, forensics in and of the cloud is an increasing challenge. To date, the majority of work in the area has been academically focused, or adaptations of traditional methodologies to the cloud environment. The cloud environment imposes new constraints and opportunities around IO, processing power, and timeliness.

In this presentation, Dr Bradley Schatz will describe how the new approach of live analysis and partial physical acquisition can be applied in the cloud environment, with practical examples of how the methodology is being used by incident responders and forensic analysts across the globe. A case study of a real court case where it has been used in Australia will be presented.

SPEAKER:
Dr Bradley Schatz, Director, Schatz Forensic

Dr Bradley Schatz is the director of the independent digital forensics consultancy Schatz Forensic. Since the completion of a PhD in Digital forensics in 2007, his principal role has been as a practitioner of digital forensics in private practice, where he has served primarily legal clients in both civil and criminal matters. His evidence has been accepted as expert opinion in a range of courts within Australia. In 2008, Dr Schatz was appointed Adjunct Associate Professor at QUT, where he occasionally lectures & supervises doctoral students.

Bradley is regularly invited to present and deliver training internationally on the subject, and holds leadership roles in the leading peer review venues of the field; the DFRWS conference and the Journal of Digital Investigation. He has remained an active researcher advancing the field, and has published 15 peer reviewed academic papers and two book chapters all in the area of digital forensics.

The practical outcomes of his research have contributed to the mainstreaming of volatile memory analysis, and led to the commercialisation of the Evimetry forensic system, which is used by police, government and corporate forensic and IR teams globally.

Please do not miss this opportunity to learn from the expert and connect with your peers.

Participants can claim 1.5 CPE.

Event Details:

TOPIC: Live Cloud Forensics

DATE: December 6, 2017 (Wednesday)

TIME: 6:30 – 8:30 pm

VENUE: Room Z414, Core Z, The Hong Kong Polytechnic University, Hung Hom

REGISTRATIONhttps://csakse1712.eventbrite.hk

中國雲安全聯盟正式成立 (C-CSA formed in China)

(2017年11月1日 = China) 在廣東惠州舉行的中國物聯網雲計算應用技術博覽會上,中國雲安全與新興技術安全創新聯盟(以下簡稱「中國雲安全聯盟」或 「 C-CSA」)聯合中國雲體系產業創新戰略聯盟(以下簡稱「中國雲體系聯盟」)共同主辦2017中國雲安全與新興技術安全創新論壇,並為中國雲安全與新興技術安全創新聯盟舉行成立揭牌儀式,參加論壇的領導有中國科協原黨組副書記、副主席張勤院士,中國產學研合作促進會執行副會長、秘書長王建華,惠州市副市長劉小軍,中國雲安全聯盟常務副理事長李雨航,以及 雲安全的政產學研各界代表。 中國雲體系聯盟和中國雲安全聯盟秘書長沈寓實主持了論壇,專家們圍繞網路空間、雲計算、物聯網等領域分享了雲計算2.0時代的新興技術安全創新。

中國產學研合作促進會執行副會長、秘書長王建華宣讀中國雲安全與新興技術安全創新聯盟成立批復函拉開論壇序幕。 王建華強調中國雲安全聯盟的成立旨在加強產學研用深度融合,整合行業內各方資源優勢,搭建創新平臺並引進國際雲安全聯盟CSA等國際最佳實踐,突破雲計算和新興技術領域瓶頸,並引導建立安全共性標準, 培養更多的具有核心競爭力的產業集群和優秀人才,為建設網路強國提供有力支撐。

惠州市副市長劉小軍表示,惠州一直以來致力於打造世界手機之都,橫向融合縱向升級,推動智慧終端機產業發展。 資訊安全網路安全雲安全必不可缺,近些年來惠州重點支援物聯網、雲計算等資訊產業,惠州市對中國雲安全聯盟的專業性和權威性高度認可。

中國科協原黨組副書記、副主席張勤院士指出,去年 11月國家出臺了《網路安全法》,確立了國家網路空間安全發展戰略等重要內容,明確了網路空間治理的規則以及國際參與,將網路安全上升為國家安全的高度。 科技部等國家部委也出臺相應政策,大力推動雲安全與新興技術安全領域發展,科技部連續兩年組織實施國家重點研發計畫「網路空間安全」重點專項。 習近平同志在十九大報告中指出,創新是引領發展的第一動力。 此次舉辦中國雲安全與新興技術安全創新論壇,圍繞著物聯網、雲計算、大資料等新興技術及其優秀應用實踐進行分享,就雲計算和新興技術領域新的安全解決方案共同探討交流,對於加快科技成果轉化為生產力,實施創新驅動發展戰略, 建設技術創新體系,推動社會經濟發展具有重大的現實意義。 會上特別會上特別祝賀中國雲安全聯盟正式成立和大會取得成功。

李雨航常務副理事長受在京參加院士大會的方濱興理事長委託做了題為「 CSA2.0」的揭幕主題演講,強調安全已成為網路強國的命脈,新興技術如大資料、物聯網、人工智慧等的安全,是雲安全的延伸,中國雲安全聯盟將在中國政府認可下規範運作,貫徹國家網路主權自主可控的方針政策, 充分發揮聯盟各成員的主人翁精神,與國際雲安全聯盟CSA等國際組織緊密對接,把先進安全實踐經驗帶到中國並完成當地語系化改進。 早在2010年,CSA就在中國開展起志願工作。 2014年在政產學研7家中國戰略合作夥伴的支援下,CSA大中華區落地中國並實現半職業化,此次中國雲安全聯盟的成立,是CSA2.0 時代的起航,標誌著CSA在中國職業化,邁向在華新階段。

論壇由沈寓實秘書長主持,國家資訊中心安全管理處處長邵國安、武漢大學教授陳晶、普華永道風險及控制服務部合夥人李睿、安恒資訊副總裁劉志樂、中科院雲計算中心電子政務事業部主任孫傲冰、平安科技技網路安全研究所所長王曉箴 、創元網路技術股份有限公司總經理張少華、安信科技總經理陳林、北京益安線上科技股份有限公司總監李岩共9位行業實戰專家就各自所擅長的領域進行了分享。

中國產學研促進會已經支援成立了包括中國雲體系聯盟、中國雲安全聯盟在內的上百個各領域的聯盟,並獲得党和國家領導人習近平、李克強、栗戰書、汪洋、王滬甯、趙樂際、韓正、劉延東、路甬祥等極大的關懷和支援。 新成立的中國雲安全聯盟,將在促進會的指導下,力爭成為國際雲安全聯盟和其它國際安全性群組織在華的管理和運營機構。

C-CSA formed in China

圖片說明:(左起)C-CSA秘書長沈寓實,惠州市政府副秘書長鄒平生,C-CSA常務副理事長李雨航,促進會執行秘書長王建華,中國科協原副主席張勤,惠州市副市長劉小軍,工信部信通院雲安全主任栗蔚, C-CSA分會會長劉志樂

詳細資料:www.c-csa.cn

The EU GDPR: Hong Kong’s Road to Compliance Workshop – November 6, 2017

 

CSA HKM is proud to support a one-day workshop on “The EU GDPR: Hong Kong’s Road to Compliance” on November 6.

The workshop, which is hosted by the Internet Society Hong Kong, will map out the key changes to the EU data protection regime and their implications for key stakeholders in Hong Kong, notably regulatory authorities and organizations that handle personal data. Through a combination of panel and interactive discussions, it will provide more clarity on the applications of the GDPR for businesses, and guidance to help public and private entities adopt an action plan for compliance in preparation for the GDPR’s implementation in May 2018.

Date:    November 6, 2017 (Monday)
Time:   09:00 – 17:00
Venue: Ching Room, Sheraton Hotel, Hong Kong
Detailshttps://www.isoc.hk/2017/11/the-eu-gdpr-hong-kongs-road-to-compliance-part-of-the-isoc-online-privacy-workshop-series/
Registration: https://goo.gl/vdrwQ6

EU GDPR 171106