In a complex and hybrid world, enterprises must consider the challenges of increased real-time system complexity, the need for new cybersecurity policy and strong cultural support that is required to securely operate systems. As cyber risk has increased significantly across many organizations, the old adage of “trust, but verify” is no longer practical. The growing interest and movement toward Zero Trust architectures in the past few years has shifted this approach to the more accurate, “never trust, always verify”.
At the Cloud Security Alliance Hong Kong & Macau Summit 2022, the implications of an emerging, rich and diverse solutions landscape and the challenges to an organization’s ability to ultimately deliver a Zero Trust Architecture (ZTA) will be thoroughly discussed by expert speakers. Recommendations on how industry can improve collaboration among key stakeholder groups will also be offered to accelerate both enterprise leaders and security practitioners’ adoption of Zero Trust into their environments.
DATE: October 12, 2022 (Wednesday)
TIME: 10:00 am – 5:00 pm
FORMAT: Online event with live presentation
LANGUAGE: English / Cantonese / Mandarin (depends on speaker)
10:00 Welcome Remarks Claudius Lam, Chairman, Cloud Security Alliance Hong Kong & Macau Chapter
10:05 Opening Address – The Cloud Security Alliance Roadmap [English] Jim Reavis, Co-founder and Chief Executive Officer, Cloud Security Alliance
10:25 Modernising Security and Enabling Cloud Journey [English] Jason Pun, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), Office of the Government Chief Information Officer
10:45 Cybersecurity Strategies on Incident Response to Protect your Organization [Cantonese] Otto Lee, Deputy Head, HKCERT
11:15 Cybersecurity Laws in Macau [Cantonese] Terry Cheung, Deputy Chairman – Macau, Cloud Security Alliance Hong Kong & Macau Chapter
11:45 探索雲中零信任、零摩擦、零損失的技術落地 – Explore technology practices with zero trust, zero friction and zero loss in the cloud [Mandarin] Liso Lv, EVP – Research, Cloud Security Alliance Greater China Region
12:15 Enabling Data Privacy in the Cloud [English] Dr Meng-Chow Kang, CISSP, Member, ISC2 Advisory Council – Asia Pacific
14:00 Making Possible a Zero Trust World You Can Always Trust [Cantonese] Nick Ng, Head of Systems Engineering, Fortinet Hong Kong, Macau, Mongolia
14:30 Continuous Risk Assessment and Access Control with Zero Trust Secure Access [Cantonese] Alan Leung, Consultant, Trend Micro
15:00 CSA as a guiding STAR to Cybersecurity [English] Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance
15:30 Sangfor Hybrid Cloud – Your Cloud Transformer in Disguise [Cantonese] David Chan, Systems Engineer Director, Sangfor
16:00 Security around sophisticated Multi-cloud and Hybrid-cloud Environment [Cantonese] Matthew Wong, Senior Cloud Solution Architect, Microsoft
16:30 BeyondProd – A New Approach To Cloud Native Security [English] Ken Zhang, Head of Security Greater China, Customer Engineering, Google Cloud
The Cloud Security Alliance was commissioned by Anjuna to develop a survey and report to better understand the industry’s knowledge, attitudes, and opinions regarding sensitive data in the cloud. Anjuna financed the project and co-developed the questionnaire by participating with CSA research analysts. The survey was conducted online by CSA in April 2022 and received 452 responses from IT and security professionals from various organization sizes and locations. CSA’s research team performed the data analysis and interpretation for this report.
Goals of the Study The goal of this survey was to understand the following:
• Cloud use and data security needs • Security priorities and challenges for the next year • Approach to hosting sensitive data and workloads in the cloud • Familiarity with cloud and data security technologies
Cloud Security Alliance Hong Kong & Macau Chapter is a proud supporter of the Information Security Summit 2022.
Jointly organised by the Hong Kong Productivity Council and leading information security organisations in Hong Kong, the Summit is the flagship cyber security summit in Hong Kong, with the aim to provide participants with the latest information security trends and developments.
This year, themed “Security Transformation for the Next Normal – Evolution of Risk Management and Data Protection in a Post Pandemic World”, the 2-day Summit will focus on how the enterprises can transform their security successfully under the cyber security challenges and the escalating cyber threats for the next normal. The topic will cover emerging cyber attacks and technologies, new security defence framework and risk management methodologies.
6-7 September 2022
09:00 – 18:00
4th Floor, Hong Kong Convention and Exhibition Centre
With an exploding set of cloud infrastructure services and an increasing number of stakeholders involved in infrastructure and security decisions, the cloud has formed the perfect storm for security. In the ever-evolving threat landscape, organisations need capabilities in place to help detect and respond rapidly to threats that may breach defenses. Today, many organizations use multiple, separate security layers to detect threats across their email, endpoints, servers, cloud infrastructure, and networks, leading to siloed threat information and an overload of uncorrelated alerts.
In the Knowledge Sharing Event organised by Cloud Security Alliance Hong Kong & Macau Chapter on August 11, our guest speaker, Alan Leung from Trend Micro will introduce ways to broaden an organisation’s scope of detection and response across endpoint, email, networks, servers, and cloud workloads; as well as collecting and analyzing diverse data quickly empowers teams to understand, mitigate, and respond to risk.
Please do not miss this opportunity to learn from the expert and get connected with your peers.
Participants will claim 1 CPE.
DATE: August 11, 2022 (Thursday) TIME: 12:30 – 01:30 pm FORMAT: Webinar (in Cantonese) TOPIC: Enhanced Visibility to Mitigate Risks on Cloud Workload SPEAKER: Alan Leung, Consultant, Trend Micro
As more organizations are moving their server workloads to the cloud to enjoy the many advantages of hybrid cloud computing, they also face more risks and threats. Organizations must ensure compliance requirements are met, and that they have unified security and visibility across all workloads such as physical servers, virtual, cloud, or containers. Join this session to understand the crucial elements of a comprehensive detection and protection and how to leverage enhanced visibility to complement the protection.
THE SPEAKER: Alan is a Consultant at Trend Micro – a Global leader in Cyber Security solutions. He provides Security advise and Technical consultation to Enterprise Customers.
Prior to joining Trend Micro, Alan was a Technology Consultant with more than 10 years of IT experience. He has strong technical background in datacenter, cloud and network security.
He also obtained the CCIE and a number of certificates in cyber security from a number of vendors.
Prepared by the SaaS Governance Working Group under Cloud Security Alliance, the SaaS Governance Best Practices for Cloud Customers report provides a baseline set of SaaS governance best practices to help organizations leverage the full potential of SaaS environments. With the global SaaS industry estimated to reach 441 billion dollars* by 2027, a critical question grows: can organizations shift how they handle cybersecurity?
Adopting SaaS applications and solutions requires updated protocols for protecting data. This new publication provides guidance and defines three components for a cohesive strategy toward SaaS governance and security.
Organizations that fail to adopt an updated security governance mindset may experience:
Breaches that disclose sensitive data
Damaged customer trust
Learn how to implement practices that protect sensitive data throughout the entire SaaS lifecycle – evaluation, adoption, usage, and termination.
In collaboration with Google Cloud, CSA released the new survey report Measuring Risk and Risk Governance to provide a deeper understanding of public cloud adoption and risk management practices within the enterprise.
The goal of this research is to assess the maturity of public cloud and risk management within enterprises. Among the survey’s key findings:
There is no consistency of data classification across the use of cloud platforms and services — only 21% of users are utilizing cloud service data classification.
More than half (52%) of organizations reported that they did not evaluate the risk of their cloud services being used after procurement as product features or business environments changed.
This study shines a light on the opportunity enterprises can take to manage and measure their risk, and will hopefully lead to improved risk management practices.
“Increasingly, cloud is becoming … more of a means to manage risks. Continuously evaluating your risk status allows enterprises to properly configure and maximize the effectiveness of [your] security solutions, which in turn, protects their assets and improves business productivity,” said Phil Venables, Chief Information Security Officer and Vice President of Google Cloud.
This study confirms that IT modernization into the cloud is the best path toward viable risk management.
Cloud Security Alliance’s Top Threats reports have traditionally aimed to raise awareness of threats, risks, and vulnerabilities in the cloud. Such issues are often the result of the shared, on-demand nature of cloud computing.
In this sixth installment, CSA surveyed 703 industry experts on security issues in the cloud industry. This year the respondents identified eleven salient threats, risks, and vulnerabilities in their cloud environments. The Top Threats Working Group used the survey results and its expertise to create the 2022 Top Cloud Threats report – the ‘Pandemic Eleven’.
Cloud Security Alliance Hong Kong & Macau Chapter is elated to be an Association Partner of Digital Practice Summit Asia, part of AF Show Asia series taking place LIVE on June 15!
Digital Practice Summit Asia is the online technology event of the year for accountants in practice. With 20+ LIVE sessions across 2 Channels, it’ll offer the audience the greatest insights to help growing the accounting practice post pandemic in 2022 and beyond.