CSA HKM Supports HKCERT Webiner: Secure Coding Practices – OWASP Top 10 (2021)

Cloud Security Alliance Hong Kong & Macau is pleased to support the webiner “Secure Coding Practices – OWASP Top 10 (2021): What’s Changed and Implications to Application Developer”. The webiner is organised by the HKCERT and will be held on November 24, 2021.

The latest OWASP Top 10 2021 version features considerable changes by shifting to emphasise security control areas over individual vulnerabilities for improved risk management. It leads to a recategorisation of several risks and new additions. Examples are the most significant one is now the Broken Access Control, while the long-standing number one risk of “Injection” is downgraded to 3 rd position.

Wanna know more about the changes? Join this webinar NOW and learn from software security specialist from OWASP HK Chapter and security expert!

DATE: November 24, 2021 (Wednesday)
TIME: 3:00 – 4:30 pm
FORMAT: Online Webiner
LANGUAGE: Cantonese with English terminology
DETAILS AND REGISTRATION: https://bit.ly/3H750fV

CSA HKM Supports the Hong Kong International Computer Conference 2021

The Hong Kong International Computer Conference (HKICC) is an annual flagship event organised by the Hong Kong Computer Society (HKCS) since 1978 and is one of the best and most popular ICT conferences in Hong Kong. It brings together ICT professionals and experts, government leaders and business executives from local and abroad to share and discuss the latest trends of ICT innovations and developments in enhancing business opportunities and productivity.

This year the theme of the event is Emerging Technologies Shaping our Future in the Greater Bay Area and the highlighted topics include Sustainability and Smart Living / City: Good for today and tomorrow, Role of Hong Kong in the Great Bay Area, Emerging Technologies: Opportunities and Challenges; as well as Hong Kong as an International Technology and Innovation Centre.

DATE: November 17-18, 2021 (Wednesday and Thursday)
TIME: 9:30am – 5:15pm
FORMAT: Hybrid Conference
PHYSICAL VENUE: Theatre 1 & 2, Hong Kong Convention & Exhibition Centre, Wan Chai
LANGUAGE: English & Mandarin
DETAILS and REGISTRATION: http://hkicc.hkcs.org.hk/

CSA HKM Knowledge Sharing Event – November 2021

CSA Knowledge Sharing Event provides an excellent opportunity for cybersecurity professionals to discuss the latest trends and developments in IT and in the process build a close-knitted cybersecurity community in Hong Kong and Macau.

This month we have invited Mr Ken Zhang, Head of Security Hong Kong, Google Cloud, to deliver a talk on “Cloud Infrastructure Continuous Compliance”.

In the session, Ken will introduce an open and modular reference architecture to realise the cloud infrastructure continuous compliance. He will also use a simple example to take audiences through how to use the reference architecture, plus a live demo to see the reference architecture working in action in Google Cloud Platform.

Please do not miss this opportunity to learn from the expert and get connected with your peers.

Participants will claim 1 CPE.

DATE: November 18, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar

SPEAKER: Ken Zhang, Head of Security Hong Kong, Google Cloud

TOPIC: Cloud Infrastructure Continuous Compliance

THE SPEAKER:

Ken led multi-cloud security and transformation projects in Australia and the Greater China Region. He has experience helping organisations with their security and transformation journeys in banking, insurance, retail, health service and manufacturing industries. 

View the Presentation: https://youtu.be/bPEh3LwYD64

CSA HKM Supports ICT Conference 2021

The “ICT Conference 2021 – Embracing Digital Futures Under New Normal”, aims to provide a forum for the government officials, university researchers, and major industry professionals to share the views on the government policy, the latest development and applications, as well as the opportunities and threats in the future ICT era.

Cloud Security Alliance Hong Kong & Macau Chapter is pleased to support this event organised by the Institution of Engineering and Technology (IET) Hong Kong. Details of the event is as follows:

DATE: October 8, 2021, Friday
TIME: 2:00-5:30 pm
FORMAT: Online Webiner
LANGUAGE: English
FEE: Free of Charge
REGISTRATION: ictconference.hk

CSA HKM Knowledge Sharing Event – September 2021

A rise in remote employees and an increased reliance on SaaS applications create new, wider gaps in security. To put it simply, it’s more challenging to protect users at the edge — ensuring seamless connections that optimize productivity without creating performance issues that drag down user satisfaction.

Enter the secure access service edge (SASE), an architectural approach that offers an alternative to traditional data center-oriented security. SASE converges networking capabilities with cloud-native security functions to simplify deployment and streamline management in the cloud.

Join our September Knowledge Sharing Event to learn how to cut the complexity, reduce risk exposure, and improve performance with a single cloud-delivered service that deploys easily and scales with your business.

Please do not miss this opportunity to learn from the expert and get connected with your peers.

Participants will claim 1 CPE.

DATE: September 23, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar

SPEAKER: Ricky Mok, Cisco

TOPIC: Streamline cloud security and embrace SASE

THE SPEAKER:

Expert in cyber threat intelligence, highly experienced in identifying cyber threat risks in the complex ICT Infrastructure. With over 15 years of networking and information security experience, I am competent in cybersecurity solution design and consultation of security projects in various industries across the Asia Pacific region. Specialties include Infrastructure transformation, Network Security, Cloud Security, SecOps, Hybrid IT Security & Risk Management, Predictive Analytics, and Security Operation Centre design and build.

View the Presentation: https://youtu.be/mVEpr406UTU

Presentation File: https://drive.google.com/file/d/1FmLH3o06ERugBGcnWq5il_trV6q4Xza2/view?usp=sharing

CSA HKM Supports Cybersec Infohub Annual Professional Workshop 2021

Cloud Security Alliance Hong Kong & Macau Chapter will support the Cybersec Infohub Annual Professional Workshop 2021 organised by the Office of the Government Chief Information Officer (OGCIO) and the Hong Kong Intenet Registration Corporation Limited on September 17.

Participants will gain insights from attending experts on how cyber security strategy and mindset support business continuity and help create business value in the new norm.

DATE: September 17, 2021, Friday
TIME: 2:30-4:30 pm
FORMAT: Live Broadcast
LANGUAGE: Cantonese
AGENDA:
Presentation 1 – Build Your Own Cyber Security Strategy for Your Business
Presentation 2 – Challenges of Digital Transformation in the Post-epidemic Era
Panel Discussion – The Importance of Cyber Security Mindset in the New Norm

REGISTRATION: https://forms.office.com/r/1NLNRDPh6n

CSA HKM Supports BSI Privacy Control Seminar

Cloud Security Alliance Hong Kong & Macau Chapter is supporting BSI in the organisation of a seminar on privacy control.

Given the dynamic environment in which we operate, the need for guidance on how organizations should manage and process data to reduce the risk to privacy information is getting more important.

Please join the seminar on August 4 to learn:
• Hot news of privacy breaches
• Highlight of privacy trend
• How to implement privacy control to compliance with the privacy acts across the globe
• Demonstrating compliance and building trust with privacy information management system

DATE: August 4, 2021, Wednesday
TIME: 2:30 – 4:00 pm
VENUE: 23/F, Cambridge House, TaiKoo Place, 979 King’s Road, Island East, Hong Kong
MEDIUM: Cantonese
DETAILS: https://page.bsigroup.com/l/73472/2021-04-28/zj6zp4?_ga=2.40865057.262037903.1625453284-1280419738.1615774271

CSA HKM Knowledge Sharing Event – August 2021

DevOps, DevSecOps, CI/CD Pipeline are definitely hot topics within the Cloud Computing industry. In the forthcoming knowledge sharing session, we will address issues on DevOps and CI/CD security protection, this time from the perspective of a security vendor.

In our August event, Cloud Security Alliance Hong Kong & Macau Chapter has invited Kev Hau from CheckPoint Software Technologies Ltd to talk about Modern Cloud Application Security.

Protecting applications has always been challenging. As applications grow in number, size and complexity. Cloud application are made up of multiple layers – from the cloud infrastructure, to the DevOps pipelines, the microservices (containers, serverless functions and virtual machines), the application layer and the APIs.

Today, application developers are directly provisioning applications to the cloud by using cloud platforms like AWS, Google and Azure without any additional assistance from IT or platform teams. Developers release and update software on demand in the cloud using continuous integration and continuous deployment (CI/CD) for rapid software releases and updates. In addition, modern applications are more open and connected with an increased number of APIs, which further expands the attack surface where legacy application security approach is ineffective.

To protection the modern cloud application, we need a new approach – shifting security responsibilities to those creating software, the developers, and it shifts it to the beginning of the process when the developers are provisioning infrastructure.

Please do not miss this opportunity to learn from the expert and get connected with your peers.

Participants will claim 1 CPE.

DATE: 19 Aug, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar

SPEAKER: Kev Hau, Head of Security Engineering, Hong Kong and Taiwan, Check Point Software Technologies

TOPIC: Modern Cloud Application Security

THE SPEAKER:

Kev Hau is the Head of Security Engineering, Hong Kong and Taiwan at Check Point Software Technologies and the Cyber Security Evangelist, a member of the CTO office. Kev has over 10 years of experience in cyber security industry. 

In Check Point, he works closely with all the Check Point partners and customers through his team of security experts by providing consultation and advice on how to deal with the cyber threat. He is also the leadership point of contact between partners, strategic customers and channels, as well as
Check Point’s product research and development team.

Kev holds a Bachelor of Science in Computer Science from Brunel University.

View the Presentation: https://youtu.be/aPU4yeME8O8

Presentation File: https://bit.ly/37Wk28b

CSA HKM Knowledge Sharing Event – June 2021

Cloud Computing is already considered to be part of the “New Normal” solution. In our last event, our speaker from Cloud Product Vendor Palo Alto Networks introduced the concept on automate multi-cloud and container security environments. If you missed the previous event, you can go back to our previous event recordings and listen to the talk as well.

In the next Knowledge Sharing Event, we will look into another direction of Cloud aspects – Cloud Transformation.

The world has moved into a new paradigm, especially since COVID-19. In a post‑pandemic world, people are the new perimeter. Transformation is everywhere : Workspaces, Clouds, Threats and networks. How can we take advantage of the IT changes and new usages to improve security and cost efficiency? And how to find the right approach to build long‑term security strategies for change?

To help you better understand the topic, Cloud Security Alliance Hong Kong & Macau Chapter invited Security Solution Director of Orange Cyberdefense – Mr. Kevin Liu to bring us to the Intelligence-led security for Cloud Transformation. In this session, Kevin will share Orange Cyberdefense’s intelligence-led approach to help our customer to face the new reality of users and applications to the cloud, in the cloud and for the cloud..

Participants will claim 1 CPE.

DATE: 17 June, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar (in Cantonese)

SPEAKER: Kevin Liu, Security Solution Director, Orange Cyberdefense

TOPIC: Intelligence-led security for Cloud Transformation

THE SPEAKER:

Kevin Liu is a Security Solution Director for Orange Cyberdefense, a security business unit for Orange Group. He has more than 20 years’ experience in providing advisory and solution consultation in cybersecurity, infrastructure and cloud for large companies across Asia Pacific region. He is a speaker and demonstrator for major industry events in the region including HK ISS, APAC O2O digital resilience workshop and RSA Conference APAC. Kevin worked for many different major IT vendors including Microsoft, RSA Security, Symantec and Hewlett-Packard. Kevin is CISSP, CEH and ITIL certified.

VIEW THE PRESENTATION: https://youtu.be/pDz8WKkWpNs

PRESENTATION FILE: https://bit.ly/3h51kPz

CSA HKM Knowledge Sharing Event – May 2021

In April, we covered the Data Security in Cloud at our Knowledge Sharing Event. In the coming Knowledge Sharing Event in May, we will come back to cloud and container security again.

Developers and DevOps teams are building and deploying code at an increasing pace. Containers and other cloud native technologies enable digital transformation. In order to secure these growing cloud native environments, enterprises need to integrate security into the software development lifecycle and protect running applications

This time we invited Palo Alto Networks cloud security architect – Felix Cheng to bring us to their Prisma Cloud solution through in-depth technical knowledge sharing. He will look into the container solution from a technical view covering how to configure, implement necessary rules and analyze incidents through collected logs.

He will share:

  1. The best practices for container security to protect running containers in production as well as secure containers across the full application life
  2. Provide unified visibility & secure Cloud Native Workload
  3. Deliver an integrated set of capabilities to respond to threats and protect cloud-native applications.
  4. Automate the remediation of vulnerabilities and misconfigurations consistently across the entire build-deploy-run lifecycle.
  5. Demo 

Participants will claim 1 CPE.

DATE: 20 May, 2021 (Thursday)

TIME: 12:30 – 01:30 pm

VENUE: Webinar (in Cantonese)

SPEAKER: Felix CHENG, Cloud Security Architect of Palo Alto Networks

TOPIC: Automate your multi-cloud and container security environments with Prisma Cloud

THE SPEAKER:

Felix Cheng is the Cloud Security Architect for Hong Kong and Taiwan at Palo Alto Networks. He designed and deployed mission critical infrastructure for service providers, airports and casinos.  Over the last few years, he focused on software solutions such as application performance monitoring and analytics, cloud services and cyber security solutions.  In his spare time, he developed a simple mobile app that helped Wi-Fi engineers to perform quick site surveys.

VIEW THE PRESENTATION: https://youtu.be/iybIcVl0OHM