Skip to content
Latest

Shifting Security to the Left – Guardrails-as-Code

Date: 20 April 2021 (Tuesday)
Time: 13:00 – 14:00 (GMT +8)
Venue:  Live Webinar
Language: English
Fee: Free
Register: https://www.eventbrite.com/e/shifting-security-to-the-left-guardrails-as-code-tickets-149999407265

Highlight:

The shift left of the security and defining everything as code become a new trend for cybersecurity. In this talk, Ken from AWS will share with you a solution that helped users define their guardrails in code, and enforce the guardrails from preventative, detective and responsive perspective.

– The Guardrail-as-Code framework that encompasses Cloud Adoption Framework Security Perspective

– Build the close loop of Directive, Preventative, Detective and Responsive control on AWS

– Open source and AWS native tools to realise the architecture

Speaker Profile:

Ken Zhang

Practice Manager, DevOps & Security, AWS GCR Professional Services

Ken led cloud security and transformation projects in Australia and the Greater China Region. He has experience helping organizations with their security and transformation journeys in banking, insurance, retail, health service and manufacturing industries. Ken maintains a range of well-recognized certificates and holds MBA from a global top 30 business school. He is a regular speaker at AWS and other associates’ conferences in the region.

Notes:

The Webinar is conducted in English with English Presentation Material.

Please install Zoom software/app for your PC, Mobile or Tablet.

For the Meeting ID and Passcode, it will be sent by a separate email after the registration.

Notice: PISAM electronic mailing list service update

Dear PISA members,

PISA uses Yahoo! Groups as our discussion board and electronic mailing service. [PISAM] is the common group for us to distribute our messages to PISA members. Sadly, Yahoo! Groups has announced its End of Service. The Yahoo Groups website is going to shut down on December 15, 2020 and members will no longer be able to send or receive emails from Yahoo Groups. (Thanks Yahoo! Groups for providing the service in the past.)

The PISA Executive Committee has decided to change our mailing list service to Groups.io. Our valid members will receive our invitation from "pisam@groups.io Moderators" in the coming few days. The last batch of invitations will NOT be later than 15-NOV. Please accept the invitation and join our new PISAM group.

The invitation email maybe drops into your JUNK/ SPAM folder. Please take a look, release it and try to whitelist [pisam] emails in the future.

If you still cannot receive any invitation email, please feel free to contact us by email to membership@pisa.org.hk after 15-NOV for checking your email alias forwarding.

Thank you for your attention.

(2020-11-03)

Permanent link to PISAM electronic mailing list service update

Supporting Event: The 13th CIO Executive Virtual Summit 2020 (25-26 Nov 2020)

Date: 25-26 Nov 2020 (Wed-Thur)
Time: 8:45am – 1:15pm
Venue: Virtual Environment
Language: English
Register: https://form.mig-events.com/cio2020/

Highlight:
Even as companies grapple with the implications of the COVID-19 pandemic, it is already clear that CIOs are playing a central role in navigating the crisis. The COVID-19 pandemic is first and foremost a human tragedy, and technology is on the front lines of this crisis. Many of the changes reshaping how we work and live – from employees working remotely to consumers shifting their shopping online – rely on technology. And because technology ties so much of every company together, CIOs have a unique view into what’s really going on and how to manage it. The most successful organizations take risks in “the turns”, those places in the enterprise journey where others slow down.

Carrying the theme of “Preparing To Win In The Turns’’, this premier annual CIO event targeting 200+ CIOs, CDOs, CISOs, C-level delegates and IT decision makers dedicates in optimizing delegates’ digital and business information technology management with a new strategic outlook and equips CIOs and CXOs with insight into how they should prepare and lead in the turns, building agility into systems, processes, and decision-making, both within their teams and among their peers.

For detail: https://www.mighkevents.com/cio-2020

(ISC)² Info Session: CISSP – The World’s Premier Cybersecurity Certification (2 Mar 2021)

Date: 2 March 2021 (Wednesday)
Time: 14:00 – 15:00 (GMT +8)
Venue:  Live Webinar
Language: Cantonese
Fee: Free
Register: https://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=468140&utm_source=chapter

Highlight:

Cybersecurity is one of the fastest growing professions today. So how do you grow your career and reap the benefits? CISSP: 5 letters that prove your expertise. The CISSP helps you prepare for real-time incidents and stand out as the expert employers are looking for. In fact, it proves you have what it takes to effectively design, develop and manage the overall security posture of an organization.

Join us live online on Mar 2 to learn everything you need to know about getting CISSP certified. In this 60-minute info-session, you’ll learn:

  • Why it has never been more important to be a Qualified Cybersecurity Professional
  • The value of CISSP certification
  • What you will learn in official training for the CISSP exam
  • What to expect from the CISSP exam
  • How to become endorsed and earn the CISSP certification

And, get to ask any question that will support your certification journey.

Presented by:

Tony Vizza, CISSP, CCSP

Director of Cyber Security Advocacy – Asia-Pacific, (ISC)²

Supporting Event: Zero Trust Security For Your Distributed Workforces (10 March 2021)

Date: 10 March 2021 (Wednesday)
Time: 11:00 – 12:00 (GMT +8)
Venue:  Live Webinar
Language: Cantonese
Fee: Free
Register: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=467855&utm_source=chapter

Highlight:
2020 has caught many businesses off guard. Users, data, devices, critical business applications and networks have left the office and become more distributed.

This shift in the way we work & do business has resulted in companies losing visibility into what was happening in their corporate and their employees’ personal networks, devices, and applications. This shift has also seen several cybercriminals and sophisticated hacking groups rapidly adjusting their techniques and tactics to take advantage of the situation.

Whether you are a Fortune 500 company or a small/medium enterprise, there are fundamentally three things you need to protect: data, devices, applications, and the network itself. Register for this session to: See how Hong Kong ranks in DDOS attacks distribution globally

  1. See how Hong Kong ranks in DDOS attacks distribution globally
  2. Stay ahead of the cyberattack vectors & see how Cloudflare helps in combating these attacks
  3. Find out what is the hype on Zero- Trust Security & how Cloudflare One can future- proof your cybersecurity capability regardless of the shift in workforce situation

Stay on for a supercharged Q&A session and test your cybersecurity readiness!

Presenter: Leo Lam

Customer Development, Cloudflare

Presenter: Antonio Rancan

Solutions Engineer, Cloudflare

Moderator: Otto Lee, CISSP, CCSP, CSSLP

Membership Chair, (ISC)² Hong Kong Chapter

For Details: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=467855&utm_source=chapter

Supporting Event: Time to Containment – Supercharge SOC With a New Approach to Incident Response (24 Feb 2021)

Date: 24 Feb 2021 (Wednesday)
Time: 14:00 – 15:00 (GMT +8)
Venue:  Live Webinar
Language: English
Fee: Free
Register: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=466402&utm_source=chapter

Highlight:
How do you shoot down a missile before it hits its target? That’s the problem facing today’s incident response teams. As cyberattacks increase in volume and velocity, the security operations center (SOC) handling incident response is the nexus for this challenge.

A well-honed incident response operation, that combined EPP+EDR, can deliver an impressive return on investment. In many data breach incidents, the cost is more than financial, and it is well known that the time cyber security teams take from the breach to containment is critical.

With the stakes so high, how can your cyber security team shrink the time between detecting and handling cyber threats?

In this special webinar, Kelvin Wee, Director of Security Engineering at SentinelOne – APJ, will cover these key questions and more:

  • Why traditional protective approaches are no longer enough
  • The importance of automation in the response process
  • How to identify and establish key metrics in incident response
  • Technical live demonstration of SentinelOne’s single agent, static AI platform that helps cyber security teams to prevent, detect, respond and hunt threats in real time

Join us to learn how to supercharge your SOC with a new approach to incident response.

Presenter: Kelvin Wee

Director of Security Engineering – Asia Pacific and Japan, SentinelOne

Moderator: Tony Vizza, CISSP, CCSP

Director of Cybersecurity Advocacy, APAC, (ISC)²

For Details: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=466402&utm_source=chapter

Supporting Event: Adopting Zero Trust for Remote Access

Date: 20 Jan 2021 (Wednesday)
Time: 11:00am
Venue:  Live Webinar
Language: English
Fee: Free
Register: https://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=454673&utm_source=chapter

Highlight:
By definition, a Zero Trust security model advocates the creation of zones and segmentation to control sensitive IT resources. This also entails the deployment of technology to monitor and manage data between zones, and more importantly, user interactions within a zone(s). A Zero Trust security model redefines the architecture of a trusted network inside a defined corporate perimeter. This is relevant today since technologies and processes like the cloud, DevOps, and IoT have either blurred, or dissolved altogether, the idea of a traditional perimeter.

While the Zero Trust model has become a trendy catchword in IT, it is complex and difficult to implement for many organizations in Asia Pacific, because it requires the establishment of a model of trust, verification, and continuous evaluation of trust for further access and lateral movement.

Join BeyondTrust and (ISC)² on Jan 20, 2021 (Wed) at 11am (GMT +8), Ajay Kumar, Director for Security Engineering at BeyondTrust, review the practical shortcomings and limitations of a Zero Trust model, and explain how to achieve Zero Trust using the Privileged Remote Access model.

Presenter: Ajay Kumar, Director for Security Engineering – APJ, BeyondTrust
Moderator: Hoo Chuan-Wei, CISSP, Technical Advisor – Asia-Pacific, (ISC)²

More Info: https://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=461297&utm_source=chapter