The Cloud Security Alliance Hong Kong & Macau Chapter is excited to support #PwC ‘s annual #HackaDay #cybersecurity conference on 24 November! Find out more from the event official website https://www.pwchk.com/en/events/hackaday-2022-conference.html?icid=con-sp-csa!
* This event is by invitation only and seats are limited.
After announcing our first local class on Certificate of Cloud Auditing Knowledge (CCAK) class in Hong Kong, we received more official supports from VTC that more of our CCAK class are now officially accepted RTTP approved training programs (That is, 66% off from the listed price of the course).
In the coming 2 months, we will have 4 available CCAK classes that available for interested parties at different pace. 2 days, 3 days and weekly evening classes are available for different participants to take the class online.
In order to catch this training opportunity for yourself or your company offered by Cloud Security Alliance (HK & Macau) chapter and Hatter Company Limited, you can check the list of courses within the schedule CCAK class schedule.
If you are interested in registering the class, you can register in the RTTP web site or in Hatter Company CCAK class site.
More cloud security and audit class will be available soon.
Happy Learning.
In a complex and hybrid world, enterprises must consider the challenges of increased real-time system complexity, the need for new cybersecurity policy and strong cultural support that is required to securely operate systems. As cyber risk has increased significantly across many organizations, the old adage of “trust, but verify” is no longer practical. The growing interest and movement toward Zero Trust architectures in the past few years has shifted this approach to the more accurate, “never trust, always verify”.
At the Cloud Security Alliance Hong Kong & Macau Summit 2022, the implications of an emerging, rich and diverse solutions landscape and the challenges to an organization’s ability to ultimately deliver a Zero Trust Architecture (ZTA) will be thoroughly discussed by expert speakers. Recommendations on how industry can improve collaboration among key stakeholder groups will also be offered to accelerate both enterprise leaders and security practitioners’ adoption of Zero Trust into their environments.
DATE: October 12, 2022 (Wednesday)
TIME: 10:00 am – 5:00 pm
FORMAT: Online event with live presentation
LANGUAGE: English / Cantonese / Mandarin (depends on speaker)
AGENDA:
10:00 Welcome Remarks
Claudius Lam, Chairman, Cloud Security Alliance Hong Kong & Macau Chapter
10:05 Opening Address – The Cloud Security Alliance Roadmap [English]
Jim Reavis, Co-founder and Chief Executive Officer, Cloud Security Alliance
10:25 Modernising Security and Enabling Cloud Journey [English]
Jason Pun, Assistant Government Chief Information Officer (Cyber Security and Digital Identity), Office of the Government Chief Information Officer
10:45 Cybersecurity Strategies on Incident Response to Protect your Organization [Cantonese]
Otto Lee, Deputy Head, HKCERT
11:15 Cybersecurity Laws in Macau [Cantonese]
Terry Cheung, Deputy Chairman – Macau, Cloud Security Alliance Hong Kong & Macau Chapter
11:45 探索雲中零信任、零摩擦、零損失的技術落地 – Explore technology practices with zero trust, zero friction and zero loss in the cloud [Mandarin]
Liso Lv, EVP – Research, Cloud Security Alliance Greater China Region
12:15 Enabling Data Privacy in the Cloud [English]
Dr Meng-Chow Kang, CISSP, Member, ISC2 Advisory Council – Asia Pacific
12:45 Break
14:00 Making Possible a Zero Trust World You Can Always Trust [Cantonese]
Nick Ng, Head of Systems Engineering, Fortinet Hong Kong, Macau, Mongolia
14:30 Continuous Risk Assessment and Access Control with Zero Trust Secure Access [Cantonese]
Alan Leung, Consultant, Trend Micro
15:00 CSA as a guiding STAR to Cybersecurity [English]
Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance
15:30 Sangfor Hybrid Cloud – Your Cloud Transformer in Disguise [Cantonese]
David Chan, Systems Engineer Director, Sangfor
16:00 Security around sophisticated Multi-cloud and Hybrid-cloud Environment [Cantonese]
Matthew Wong, Senior Cloud Solution Architect, Microsoft
16:30 BeyondProd – A New Approach To Cloud Native Security [English]
Ken Zhang, Head of Security Greater China, Customer Engineering, Google Cloud
EVENT LINK:
The consultation paper on Cyber-Dependent Crimes and Jurisdictional Issues was published by the Cybercrime Sub-committee of the Law Reform Commission on July 20, 2022.
https://www.hkreform.gov.hk/en/publications/cybercrime.htm
We have a fruitful discussion at our forum on September 14, 2022 when we touched on the terms “to acquire certification” and “accrediting cybersecurity practitioners” in the consultation paper. As the paper referred to Cyber Security Agency (CSA) of Singapore, we believe it would be better for us to understand what is CSA of Singapore’s objectives and how they define the program before we define how our future direction to be.
Cloud Security Alliance Hong Kong & Macau Chapter has invited our CSA APAC ex-colleague Anthony Lim to share his view and provide highlights to us on the Cyber Security Agency (CSA) of Singapore accreditation program.
Participants will claim 1 CPE.
DATE: September 27, 2022 (Tuesday)
TIME: 12:30 – 01:30 pm
FORMAT: Webinar
TOPIC: Learn our way to accreditation and qualification of CyberSecurity Professions from Singapore CSA
SPEAKER: Anthony Lim, Fellow, Cybersecurity, Governance & FinTech, School of Business, Singapore University of Social Sciences
AGENDA:
THE SPEAKER:
Anthony is a pioneer and veteran in cybersecurity and governance in Singapore and the Asia Pacific region, with over 25 years’ professional experience, as consultant, advocate, instructor, auditor and business leader. His current interests include application security, cloud security, GRC (governance, risk management & compliance), policy & audit, smart cities and operational technology (OT).
He has held key inaugural Asia Pacific cybersecurity business leadership roles, IBM, CA and Check Point, was regional principal consultant at Fortinet and project CISO at NCS.
Anthony is a long-time well-known speaker and content provider for many business, industry, government and academic conferences, workshops, committees, executive roundtables and media (print, broadcast, internet), and has been interviewed often on national news. He has also been a judge at national and regional industry awards, and himself has won some industry awards, and also is charter member of a government cybersecurity committee.
He was a co-developer of an acclaimed international cloud security professional certification, and was a pioneer and advocate of application security certification in the region. He has presented on matters of cyber-security and governance at seminars at Washington DC, NATO, Stanford University, Tsinghua University and RSA Asia Pacific.He is a guest and adjunct module developer and instructor at some universities (Master’s and adult-executive programs), professional training institutes and certification programs in the region, an ISO-27001 lead auditor, and life alumni member of the University of Illinois, Urbana-Champaign.
REGISTRATION: https://CSAHKM-220927.eventbrite.hk
Cloud Security Alliance Hong Kong & Macau Chapter is pleased to support the the 7th Cloud Forum, which will be held on October 25, 2022.
With a theme of “Cloudnovating the future!”, the event will highlights:
Details of the event:
Date: October 25, 2022 (Tuesday)
Time: 09:00-12:30 – Executive Conference
14:30-17:30 – Cloud Tech Workshop
Venue: Hong Kong Convention & Exhibition Center
Details: https://www.cloudforum.hk/
The consultation paper on Cyber-Dependent Crimes and Jurisdictional Issues was published by the Cybercrime Sub-committee of the Law Reform Commission on July 20, 2022.
https://www.hkreform.gov.hk/en/publications/cybercrime.htm
The purpose of the consultation paper is to make preliminary proposals for law reform on addressing the issues of the protection of individuals’ rights as well as the criminal activities carried out by the rapid developments of information technology, the computer and the internet.
This consultation is affecting our future view in CyberSecurity area. The proposed five cyber-dependent crimes mentioned in the paper will definitely impacts all of us including CyberSecurity practitioners and even IT practitioners.
Thus, Cloud Security Alliance Hong Kong & Macau Chapter is working with HKU Computer Science Department, as well as Information Security and Forensics Society (https://www.isfs.org.hk), Hong Kong Computer Society (https://www.hkcs.org.hk) and other IT organisations to jointly organise a Tech Forum to discuss on the topic.
Online Discussion will be held on September 14, 2022:
DATE: September 14, 2022 (Wednesday)
TIME: 18:30 – 20:30 (HK Time)
FORMAT: Online Zoom
TOPIC: HKU-CS Online Tech Forum and Discussion: the Consultation Paper on Cyber-Dependent Crimes and Jurisdictional Issues
Agenda
Free registration at https://forms.gle/eJtEsxGZkrMPFQ5HA
The Cloud Security Alliance was commissioned by Anjuna to develop a survey and report to better understand the industry’s knowledge, attitudes, and opinions regarding sensitive data in the cloud. Anjuna financed the project and co-developed the questionnaire by participating with CSA research analysts. The survey was conducted online by CSA in April 2022 and received 452 responses from IT and security professionals from various organization sizes and locations. CSA’s research team performed the data analysis and interpretation for this report.
Goals of the Study The goal of this survey was to understand the following:
• Cloud use and data security needs
• Security priorities and challenges for the next year
• Approach to hosting sensitive data and workloads in the cloud
• Familiarity with cloud and data security technologies
Download the report: https://cloudsecurityalliance.org/artifacts/sensitive-data-in-the-cloud/
Cloud Security Alliance Hong Kong & Macau Chapter is a proud supporter of the Information Security Summit 2022.
Jointly organised by the Hong Kong Productivity Council and leading information security organisations in Hong Kong, the Summit is the flagship cyber security summit in Hong Kong, with the aim to provide participants with the latest information security trends and developments.
This year, themed “Security Transformation for the Next Normal – Evolution of Risk Management and Data Protection in a Post Pandemic World”, the 2-day Summit will focus on how the enterprises can transform their security successfully under the cyber security challenges and the escalating cyber threats for the next normal. The topic will cover emerging cyber attacks and technologies, new security defence framework and risk management methodologies.
Details:
| Date: | 6-7 September 2022 |
| Time: | 09:00 – 18:00 |
| Venue: | 4th Floor, Hong Kong Convention and Exhibition Centre |
| Fee: | Free (Registration is required) |
| Registration: | https://www.issummit.org/registration/index.html |
| Details: | https://www.issummit.org/ |
Auditing of Cloud Computing Environment is getting more important than ever. More application and infrastructure already implemented in the Cloud Environment.
In last month, Cloud Security Alliance and ISACA jointly promoted the Certificate of Cloud Auditing Knowledge (CCAK) virtual class with discount.
In this month, after we got the confirmation from VTC for the RTTP approval, we can start to offer our first CCAK class in Hong Kong locally. In order to catch this training for yourself or your company, Cloud Security Alliance (HK & Macau) chapter and Hatter Company Limited offer this CCAK evening (Hybrid Class) from 23 August 2022 to 20 Sep 2022 on every Tuesday from 19:00 – 22:00.
If you are interested in registering the first ever CCAK class, you can register and check the link in RTTP web site and apply directly.
CSA (HK and Macau) Chapter members will be entitled to membership discount. For non-CSA (HK&M) Chapter member, you will also be granted with the CSA (HK and Macau) Chapter membership, after taking the class.
With an exploding set of cloud infrastructure services and an increasing number of stakeholders involved in infrastructure and security decisions, the cloud has formed the perfect storm for security. In the ever-evolving threat landscape, organisations need capabilities in place to help detect and respond rapidly to threats that may breach defenses. Today, many organizations use multiple, separate security layers to detect threats across their email, endpoints, servers, cloud infrastructure, and networks, leading to siloed threat information and an overload of uncorrelated alerts.
In the Knowledge Sharing Event organised by Cloud Security Alliance Hong Kong & Macau Chapter on August 11, our guest speaker, Alan Leung from Trend Micro will introduce ways to broaden an organisation’s scope of detection and response across endpoint, email, networks, servers, and cloud workloads; as well as collecting and analyzing diverse data quickly empowers teams to understand, mitigate, and respond to risk.
Please do not miss this opportunity to learn from the expert and get connected with your peers.
Participants will claim 1 CPE.
DATE: August 11, 2022 (Thursday)
TIME: 12:30 – 01:30 pm
FORMAT: Webinar (in Cantonese)
TOPIC: Enhanced Visibility to Mitigate Risks on Cloud Workload
SPEAKER: Alan Leung, Consultant, Trend Micro
CONTENT:
As more organizations are moving their server workloads to the cloud to enjoy the many advantages of hybrid cloud computing, they also face more risks and threats. Organizations must ensure compliance requirements are met, and that they have unified security and visibility across all workloads such as physical servers, virtual, cloud, or containers. Join this session to understand the crucial elements of a comprehensive detection and protection and how to leverage enhanced visibility to complement the protection.
THE SPEAKER:
Alan is a Consultant at Trend Micro – a Global leader in Cyber Security solutions. He provides Security advise and Technical consultation to Enterprise Customers.
Prior to joining Trend Micro, Alan was a Technology Consultant with more than 10 years of IT experience. He has strong technical background in datacenter, cloud and network security.
He also obtained the CCIE and a number of certificates in cyber security from a number of vendors.
View the Presentation: https://youtu.be/AT9Q2MLxbhs
CSA Hong Kong and Macau Chapter 