Skip to content
Latest

Shifting Security to the Left – Guardrails-as-Code

Date: 20 April 2021 (Tuesday)
Time: 13:00 – 14:00 (GMT +8)
Venue:  Live Webinar
Language: English
Fee: Free
Register: https://www.eventbrite.com/e/shifting-security-to-the-left-guardrails-as-code-tickets-149999407265

Highlight:

The shift left of the security and defining everything as code become a new trend for cybersecurity. In this talk, Ken from AWS will share with you a solution that helped users define their guardrails in code, and enforce the guardrails from preventative, detective and responsive perspective.

– The Guardrail-as-Code framework that encompasses Cloud Adoption Framework Security Perspective

– Build the close loop of Directive, Preventative, Detective and Responsive control on AWS

– Open source and AWS native tools to realise the architecture

Speaker Profile:

Ken Zhang

Practice Manager, DevOps & Security, AWS GCR Professional Services

Ken led cloud security and transformation projects in Australia and the Greater China Region. He has experience helping organizations with their security and transformation journeys in banking, insurance, retail, health service and manufacturing industries. Ken maintains a range of well-recognized certificates and holds MBA from a global top 30 business school. He is a regular speaker at AWS and other associates’ conferences in the region.

Notes:

The Webinar is conducted in English with English Presentation Material.

Please install Zoom software/app for your PC, Mobile or Tablet.

For the Meeting ID and Passcode, it will be sent by a separate email after the registration.

Notice: PISAM electronic mailing list service update

Dear PISA members,

PISA uses Yahoo! Groups as our discussion board and electronic mailing service. [PISAM] is the common group for us to distribute our messages to PISA members. Sadly, Yahoo! Groups has announced its End of Service. The Yahoo Groups website is going to shut down on December 15, 2020 and members will no longer be able to send or receive emails from Yahoo Groups. (Thanks Yahoo! Groups for providing the service in the past.)

The PISA Executive Committee has decided to change our mailing list service to Groups.io. Our valid members will receive our invitation from "pisam@groups.io Moderators" in the coming few days. The last batch of invitations will NOT be later than 15-NOV. Please accept the invitation and join our new PISAM group.

The invitation email maybe drops into your JUNK/ SPAM folder. Please take a look, release it and try to whitelist [pisam] emails in the future.

If you still cannot receive any invitation email, please feel free to contact us by email to membership@pisa.org.hk after 15-NOV for checking your email alias forwarding.

Thank you for your attention.

(2020-11-03)

Permanent link to PISAM electronic mailing list service update

Supporting Event: The 13th CIO Executive Virtual Summit 2020 (25-26 Nov 2020)

Date: 25-26 Nov 2020 (Wed-Thur)
Time: 8:45am – 1:15pm
Venue: Virtual Environment
Language: English
Register: https://form.mig-events.com/cio2020/

Highlight:
Even as companies grapple with the implications of the COVID-19 pandemic, it is already clear that CIOs are playing a central role in navigating the crisis. The COVID-19 pandemic is first and foremost a human tragedy, and technology is on the front lines of this crisis. Many of the changes reshaping how we work and live – from employees working remotely to consumers shifting their shopping online – rely on technology. And because technology ties so much of every company together, CIOs have a unique view into what’s really going on and how to manage it. The most successful organizations take risks in “the turns”, those places in the enterprise journey where others slow down.

Carrying the theme of “Preparing To Win In The Turns’’, this premier annual CIO event targeting 200+ CIOs, CDOs, CISOs, C-level delegates and IT decision makers dedicates in optimizing delegates’ digital and business information technology management with a new strategic outlook and equips CIOs and CXOs with insight into how they should prepare and lead in the turns, building agility into systems, processes, and decision-making, both within their teams and among their peers.

For detail: https://www.mighkevents.com/cio-2020

Supporting Event: PwnTillDawn Online Battlefield Competition 2021 (8 May 2021)

Date: 8 May 2021 (Saturday)
Time: 07:00 CEST (GMT +2) / 13:00 HKT (GMT +8)
Venue:  Online
Language: English
Fee: Free
Register: https://registration.pwntilldawn.com/Register?eventGuid=63ebb27b-6cc1-4bc9-89b2-07a577a9076c

Summary:

PwnTillDawn Online Battlefield’s Competition is the 100% online version which will allow selected contenders to put their offensive skills to the test and from anywhere.

PwnTillDawn Online Battlefield’s Competition is an intensive 24 hour/non-stop competition where 50+ participants will evolve within a network comprised of many machines affected by real life vulnerabilities witnessed by wizlynx group through hundreds of penetration tests conducted for companies and organizations of various sizes and industries. The PwnTillDawn “Capture-the-flag” (CTF) will challenge contestants to break into as many machines as possible using a succession of weaknesses and vulnerabilities. Upon the compromise of a machine, contestants will have to collect flags awarding a certain amount of points.

Goodwill Event Edition Changes 

This edition of the PwnTillDawn competition will be slightly different from the previous ones, in fact, you will not only participate for yourself but also you will help less fortunate young students to get Cyber Security trainings.

When the total of the points from the flags discovered by the participants will reach different thresholds (based on the number of players) a training will be granted! We are counting on you to discover as many flags as possible so we can give away all the trainings!

In addition to sponsoring the trainings, the top 3 classified participants will also win the following prizes:

1st Place: A $150 USD Amazon/Spotify/Netflix gift card

2nd Place: A $75 USD Amazon/Spotify/Netflix gift card

3rd Place: A $50 USD Amazon/Spotify/Netflix gift card

New Addition -> TEAMS

For this Goodwill edition of the PwnTillDawn we are also releasing a new feature: TEAMS.

A maximum of 3 players can join a team and participate to the Goodwill Competition.
———

Due to limited spots available for the competition, registrations will undergo a selection process where your passion, motivation, and experience for offensive security will be assessed. We therefore strongly encourage you to submit a complete application.

Important Notes:

  • The competition will start at 7am CEST
  • Limited tools authorised during the competition!
  • No cooperation between single participants and between different teams

Details: https://registration.pwntilldawn.com/Register?eventGuid=63ebb27b-6cc1-4bc9-89b2-07a577a9076c

(ISC)² Info Session: CISSP – The World’s Premier Cybersecurity Certification (2 Mar 2021)

Date: 2 March 2021 (Wednesday)
Time: 14:00 – 15:00 (GMT +8)
Venue:  Live Webinar
Language: Cantonese
Fee: Free
Register: https://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=468140&utm_source=chapter

Highlight:

Cybersecurity is one of the fastest growing professions today. So how do you grow your career and reap the benefits? CISSP: 5 letters that prove your expertise. The CISSP helps you prepare for real-time incidents and stand out as the expert employers are looking for. In fact, it proves you have what it takes to effectively design, develop and manage the overall security posture of an organization.

Join us live online on Mar 2 to learn everything you need to know about getting CISSP certified. In this 60-minute info-session, you’ll learn:

  • Why it has never been more important to be a Qualified Cybersecurity Professional
  • The value of CISSP certification
  • What you will learn in official training for the CISSP exam
  • What to expect from the CISSP exam
  • How to become endorsed and earn the CISSP certification

And, get to ask any question that will support your certification journey.

Presented by:

Tony Vizza, CISSP, CCSP

Director of Cyber Security Advocacy – Asia-Pacific, (ISC)²

Supporting Event: Zero Trust Security For Your Distributed Workforces (10 March 2021)

Date: 10 March 2021 (Wednesday)
Time: 11:00 – 12:00 (GMT +8)
Venue:  Live Webinar
Language: Cantonese
Fee: Free
Register: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=467855&utm_source=chapter

Highlight:
2020 has caught many businesses off guard. Users, data, devices, critical business applications and networks have left the office and become more distributed.

This shift in the way we work & do business has resulted in companies losing visibility into what was happening in their corporate and their employees’ personal networks, devices, and applications. This shift has also seen several cybercriminals and sophisticated hacking groups rapidly adjusting their techniques and tactics to take advantage of the situation.

Whether you are a Fortune 500 company or a small/medium enterprise, there are fundamentally three things you need to protect: data, devices, applications, and the network itself. Register for this session to: See how Hong Kong ranks in DDOS attacks distribution globally

  1. See how Hong Kong ranks in DDOS attacks distribution globally
  2. Stay ahead of the cyberattack vectors & see how Cloudflare helps in combating these attacks
  3. Find out what is the hype on Zero- Trust Security & how Cloudflare One can future- proof your cybersecurity capability regardless of the shift in workforce situation

Stay on for a supercharged Q&A session and test your cybersecurity readiness!

Presenter: Leo Lam

Customer Development, Cloudflare

Presenter: Antonio Rancan

Solutions Engineer, Cloudflare

Moderator: Otto Lee, CISSP, CCSP, CSSLP

Membership Chair, (ISC)² Hong Kong Chapter

For Details: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=467855&utm_source=chapter

Supporting Event: Time to Containment – Supercharge SOC With a New Approach to Incident Response (24 Feb 2021)

Date: 24 Feb 2021 (Wednesday)
Time: 14:00 – 15:00 (GMT +8)
Venue:  Live Webinar
Language: English
Fee: Free
Register: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=466402&utm_source=chapter

Highlight:
How do you shoot down a missile before it hits its target? That’s the problem facing today’s incident response teams. As cyberattacks increase in volume and velocity, the security operations center (SOC) handling incident response is the nexus for this challenge.

A well-honed incident response operation, that combined EPP+EDR, can deliver an impressive return on investment. In many data breach incidents, the cost is more than financial, and it is well known that the time cyber security teams take from the breach to containment is critical.

With the stakes so high, how can your cyber security team shrink the time between detecting and handling cyber threats?

In this special webinar, Kelvin Wee, Director of Security Engineering at SentinelOne – APJ, will cover these key questions and more:

  • Why traditional protective approaches are no longer enough
  • The importance of automation in the response process
  • How to identify and establish key metrics in incident response
  • Technical live demonstration of SentinelOne’s single agent, static AI platform that helps cyber security teams to prevent, detect, respond and hunt threats in real time

Join us to learn how to supercharge your SOC with a new approach to incident response.

Presenter: Kelvin Wee

Director of Security Engineering – Asia Pacific and Japan, SentinelOne

Moderator: Tony Vizza, CISSP, CCSP

Director of Cybersecurity Advocacy, APAC, (ISC)²

For Details: http://www.isc2.org/News-and-Events/Webinars/APAC-Webinars?commid=466402&utm_source=chapter