Date: 28 Aug 2020 (Fri) / 11 Sep 2020 (Fri) Time: 8:45am – 1:15pm Venue: Virtual Language: English Fee: Complimentary registration is only applicable to first 400 Senior Executives from end user side. A fee of USD850 would be charged otherwise. Register: https://www.mighkevents.com/infosec2020
Highlight: Carrying the theme of “Redefining Cyber Security in The Age of Insecurity”, the 12th Annual InfoSecurity Summit 2020, as the industry’s most important annual meeting for Information Security leaders and professionals, will bring together a galaxy of influential and disruptive Cyber Security Experts and thought leaders to share the latest information security trends and emerging technologies to thwart cyber attacks. Specially designed for Information Security Decision Makers & Professionals Across All Industries, this summit will unveil effective approaches to defense and lay out a roadmap for enterprise to prepare for tomorrow’s New Forms of Attack.
Date: 10 Aug 2020 (Mon) Time: 8:30pm – 9:30pm Venue: Webinar – Participant shall prepare his/her own electronic device (e.g. Desktop, Notebook or Mobile, etc.) with Internet access. Speaker: Mr. Chris Yau (CISA, CISM, CDPSE) Language: Cantonese Fee: Free (Pre-registration is required.) Register: https://bit.ly/pisa200810
Highlight: – Data privacy is more than just information security – A brief introduction to ISO/IEC 27701 – The relationship between ISO/IEC 27701 and GDPR (and other privacy regulations) – Establishing a Privacy Information Management System
Speaker Profile: Chris is currently the Deputy Director of Products and Services Development at the Certifications and Business Enhancement Division of SGS Hong Kong Limited, responsible for business development and execution of ICT related assessments. He has over 20 years of supply chain security-related audit and teaching experience in both manufacturing and IT sectors, cargo and freight security, covering over 1200 man-days of audits and over 300 companies. He is a qualified lead auditor in ISO 9001, ISO 14001, ISO/IEC 27001, ISO/IEC 20000, ISO/IEC 27017, ISO/IEC 27018, ISO/IEC 27701, CSA-STAR, EuroCloud-Star, and ISO 28000. Recently, his focus is on data privacy assessment against GDPR and ISO/IEC 27701.
The Webinar is conducted in Cantonese with English Presentation Material. Please install Zoom software/app for your PC, Mobile or Tablet. For the Meeting ID and Passcode, it will be sent by a separated email after the registration.
Highlight: Is Virtual Bank one of the services you would like to try? But is that secure enough? How to use that securely? This month we invited Captain (Rtd) Samuel NG of Welab Bank to give an interesting and technical topic on “Secure your virtual banking on the Cloud”.
Exciting times for Hong Kong in the realm of Fintech. With 8 bold challengers given the honor of virtual bank licenses, innovative digital banking services are coming real soon and definitely here to stay in the pearl of oriental. Virtual banks are expected to bring new dynamics to the traditional bricks-and-mortar banking sector and enable the city to align with the world’s market in Fintech development.
Upcoming debut of Virtual Banking services packaged with innovative and creativity by riding the cloud computing to the bank of the future, this excitement, however, leads to a higher controversially dynamic cybersecurity risks. VBs offering data-centric banking services with operations heavily rely on the cloud & internet are vulnerable to malicious attacks with various intentions.
Arguably virtual banks come with less physical and legacy trails offers better security, a new sets of challenges arise in cloud security. Fuel with “Go Big or Go Home” and “Do 10x better” mindset, Welab Bank’s Cybersecurity Team always walk the extra mile out of the comfort zone enforcing trust and security while deliver customer-centric services, aiming high to be the winner in Fintech Era.
Highlight: In the ever-changing world of the cloud computing, you will face unique security challenges every day – from new threats, sensitive data to unskilled internal team members. Take command of the Certified Cloud Security Professional (CCSP®), the premier cloud security certification, in order to address these challenges. The CCSP is a global credential representing the highest standard of cloud security expertise. It was co-established by (ISC)² and Cloud Security Alliance – the leading stewards for information security and cloud computing security.
Highlight: Prove you have what it takes to protect your organisation from malicious hackers and threats with the Certified Information Systems Security Professional (CISSP®) certification. Demonstrate your knowledge, advance your career and become a member of a 130,000-strong community of cybersecurity leaders setting the bar for professionals across the information security workforce.
Date: 12 May 2020 (Tue) Time: 8:30pm – 9:30pm Venue: Webinar – Participant shall prepare his/her own electronic device (e.g. Desktop, Notebook or Mobile, etc.) with Internet access. Speaker: Mr. Mike Lo (CCSK, CISSP, CISA, CISM, PMP, Certified SAP Consultant, MCSE) Language: Cantonese Fee: Free (Pre-registration is required.) Register: https://bit.ly/pisa200512
Highlight: As an IT professional, how do you deal with the pandemic situation while you are Work-From-Home (WFH)? Have you tried using Video Conference?
The coronavirus pandemic situation hasn’t yet under controlled in recent weeks, video conferencing tools are more frequently used to communicate with your peers and clients, as a good security practice, have you ever evaluated the security level of video conferencing tools that are being used? Are there any default settings that are vulnerable and easily exploited by the attacker? Any possibility that your sensitive meeting conversation leaks owing to the misconfiguration or poor setup.
PISA has the honor to have Mike Lo share with our members, via Webinar, his invaluable advice for using Video Conferencing Tools as an IT professional during the pandemic situation.
During the webinar, Mike will talk about the security tips for using Video Conferencing (VC) tools, there is a number of suggested rules and best practices stated in the material, as well as screen capture of different VC tools’ setting, these settings are also mentioned in the latest Securities and Futures Commission (SFC) Work-From-Home Guideline released on Apr 29th, 2020.
The Webinar is conducted in Cantonese with English Presentation Material. Please install Zoom software/app for your PC, Mobile or Tablet. For the Meeting ID and Passcode, it will be sent by a separated email after the registration.
BIO Data of Mike Mike is currently working for a Swiss-based CREST Certified Cyber Security Assessment company “wizlynx group” with the role of “Director, Cyber Security Services” looking after Hong Kong and Taiwan Markets, he is also the Program Director of PISA, Founder and Chairman of HK CTF Association, Convener of Car Hacking Village HK, frequent SSO Trainer for ISC2 HK Chapter and Founder of HITCONxCHANGE.
Mike holds professional qualifications such as CCSK, IPv6 Sage, CISSP, CISA, CISM, PMP, SAP Certified Consultant, MCSE, and MCNE.
Date: 8 May 2020 (Fri) Time: 2:30pm – 5:30pm Venue: Webinar – Participant shall prepare his/her own electronic device (e.g. Desktop, Notebook or Mobile, etc.) with Internet access. Language: Cantonese Fee: Free (Pre-registration is required.) Register: https://www.hkcert.org/my_url/en/event/20050801
Highlight: This seminar is jointly organized by the Hong Kong Computer Emergency Response Team Coordination Centre, the Office of the Government Chief Information Officer and the Hong Kong Police Force. In order to prevent the spread of coronavirus, organisations including government, enterprises and schools, ramp up remote working and e-learning. While remote working and e-learning may bring you much convenience, you should stay vigilant to prevent the risk of personal data leakage and cyber attacks by malicious attackers. The webinar will invite information security experts to share their experiences on this subject.
Date: 6 Apr 2020 (Mon) Time: 8:30pm – 9:30pm Venue: Webinar by Zoom. Participant shall prepare his/her own electronic device (e.g. Desktop, Notebook or Mobile, etc.) with Internet access. Speaker: Mr. Young Wo Sang (CISSP CISA CEI ECSA CHFI CIFI CEH ITIL(v3)F ISO/IEC 20000 Auditor) Language: Cantonese Fee: Free (Pre-registration is required.) Register: https://bit.ly/pisa200406
Highlight: Perhaps the most popular global topic nowadays is COVID-19…. You may have learned from TV News that one of our PISA veterans, Mr. Young Wo Sang, who was forced to stay in the cruise ship in Japan for few weeks due to other COVIN-19 infected passengers. Even returned to HK, Sang and other passengers were also required to stay in the quarantine camp for two weeks…. Started with a happy cruise trip with family but turned out with an unexpected quarantine camping, it was not an enjoyable experience. However, something’s lost but something’s gained. It gives Sang new idea on how to face with unexpected situation, continue with his connections with other people or even work remotely in the ship. PISA has the honor to have Sang to share with our members, via Webinar, his invaluable experiences and challenges as a traveler and an IT professional during such unexpected adverse situation.
BIO Data of Sang Mr. Young Wo Sang is an information security specialist with expertise in information security consultation and training. He is one of the Elected Members of the Information Technology Subsector, Election Committee of HKSAR Government receiving a high vote among all candidates in the 2006 & 2011 election. In 2008, he was elected as a Director, Hong Kong Internet Registration Corporation Limited, serviced till 2016.
Education Background Higher Diploma in Computer Engineering (CityU) Professional Qualifications CISSP, CCSP, CISA, CWSP, CWNA, CIFI Industry or Public Services Convener, Information Security and Privacy Working Group, Internet Society Hong Kong
Date: 16 December 2019 (Monday) Time: 2:00pm – 6:00pm (Registration starts at 1:30pm) Venue: 6/F, Happy Valley Stands, Happy Valley Racecourse, Happy Valley Language: English Fee: HKD 200 / HKD 100 (Early-bird till 25-Oct) Register: https://bit.ly/33p9l9F
Highlight: This Half-Day Seminar is the largest Enterprise Architecture seminar in Hong Kong organised by Hong Kong Computer Society Enterprise Architecture Specialist Group (HKCS EASG). Coming to the 7th year, the theme of this year is “Agility and Governance in Digital Age”. Case sharing in the use of latest technologies, such as IoT, Data Analytics, AI, Micro-services, DevOps, Containers, etc. for technology innovation and fit to digital business. How Enterprise Architects and IT leaders introduce agility and governance into such digital transformation journey. In this seminar, several experienced IT leaders in major organisations will discuss their viewpoints and real-world experience in agility and governance in the digital era. They will cover not only the best practices but also the challenges and lessons learnt. This event is also an invaluable opportunity for us to network with the speakers and other IT architects to exchange knowledge and share experience.
Highlight: Following a successful event in 2018, Hong Kong’s premier security research group Dragon Threat Labs is hosting DragonCon, possibly the most technically-intensive security conference borne out of Hong Kong. Come to join us, make friends and see the cybercity!
Date: 23-24 October 2019 (Wed & Thur) Time: 09:00 – 17:35 Venue: Level 2, Hong Kong Convention and Exhibition Centre, 1 Expo Drive, Wanchai, Hong Kong Fee: Free admission (registration required) Register: https://www.issummit.org/registration.asp
Highlight: The Information Security Summit – Over the Horizon Cyber Security is a Regional Event with the aim to give participants from the Asia Pacific region an update on the latest development, trends and status in information security. As cyber attackers are growing more capable and smarter, enterprises are looking at investing in analytics and threat intelligence in order to make better decisions on investment in cyber defense to pre-empt the attacks. Advanced security technologies are increasingly integrated with threat intelligence. Overseas and Local Experts from the industry will be invited to share their experience and knowledge. Following the success of the event organised in the previous sixteen years, this year’s Summit will include a two-day conference and a number of workshops demonstrating management and technical theory, applications and practical experiences on all aspects of information security relating to securing and protecting data in borderless cloud and mobile environment, big data analytics and the Internet of Things.
The dinner drew over 300 guests, comprising of government officials, brand leaders, professionals, academia, industry experts and media last year. We believe that the dinner could help you to build relationships with your target market, strengthen your brand awareness and increase your reach and exposure to potential clients and partners.
Date: 26-Sep (Thur) Time: 7:00pm – 9:00pm Venue: Room Y403, HK PolyU, Hung Hom Language: Cantonese Fee: FREE Register: http://bit.ly/pisa190926
Agenda: 7:00pm to 7:30pm : Networking and Check-in 7:30pm to 7:35pm : PISA Announcement 7:35pm to 8:45pm : The new Macau Cyber Security Law is on its way by Mr. Terry Cheung 8:45pm to 9:00pm : Q & A
Highlight: Starting from July 2015, Macau started to prepare the law for cyber security. Eventually, the Macau Cyber Security law was published in June and will be effective in December this year. Many people may feel cyber security law is a sensitive subject and the controls may be a bit over.
You like it or not. The new law is coming. What are the requirements of the new law? What will be the challenges to the in scope organizations? Will it affect you as a person or company outside Macau? In this seminar, we will highlight the law and discuss the related issues.
This event is supported by CSA Hong Kong and Macau Chapter.
Speaker: Terry has been in IT and Information Security sectors for over 23 years. He has been working in various industries including banking, government, telecommunications and hospitality and gaming. He has experiences in security policy development, forming new security team, design and deploy various security systems including two tiers DDoS protection service, central logging system and SIEM, ISO27001 implementation, etc. He has been participated in the development and implementation of many systems including core banking systems, converged billing systems, ERP, HR, CRM, Call Center system, gaming and hospitality systems, etc.
Apart from work, Terry is also the founder of the Information Systems Audit and Control Association (ISACA) Macao Chapter and the Cloud Security Alliance (CSA) Hong Kong & Macau Chapter.
Date: 14-15 Sep 2019 (Sat-Sun) Venue: Common First Year Laboratory (Room CF004), The HK Polytechnic University Language: Cantonese and English Fee: HKD 300 (all the materials inclusive) Register: https://qrgo.page.link/REH8Y
Highlight: ISOC HK is organising the Security Bootcamp 2019 this month — hands-on workshops conducted by industry practitioners and CTF challenges for participants to build a foundation and sense of security, as well as to explore further in infrastructure and application. The program this year covers the following, including but not limited to IoT hacking, Malware analysis, Steganography, Forensic, Cryptography, Symbolic execution and Formal Proof. Targeting undergraduate students this year, it has received a vast number of registrations.
Supporting Event: Sustainability & Smarf Retailing Summit 2019 (20 Jun 2019) PISA Security JAM 2019 x CSA (25 May 2019) (ISC)² CCSP Clinic at Cloud Expo Asia 2019 (22 May 2019) “Phishing scams? No more!” Seminar (03 May 2019) Information Security Management – Guidelines for Cyber Insurance (16 Apr 2019) DevSecOps – Web Application Firewall in a CI/CD Workflow (10 Apr 2019) Supporting Event: Asia Pacific CACS Conference 2019 (1-3 Apr 2019) PISA Spring Dinner Gathering 2019 (27 Mar 2019) Supporting Event: Cybersecurity Predictions 2019 and Advanced Technology on Endpoint Protection Webinar (6 Mar 2019) Supporting Event: Certified Cloud Security Professional (CCSP) certification (4 Mar 2019) (ISC)2 HK Chapter AGM cum Technical theme talk with hands-on (26 Jan 2019)
Supporting Event: Joint ICT Christmas Party (14 Dec 2018) Modern Endpoint Security (5 Dec 2018) Supporting Event: Building Your Open Source Intelligence Capabilities (7 Nov 2018) Supporting Event: “Hong Kong Towards Faster Payment” Conference (16 Oct 2018) Supporting Event: Certified Cloud Security Professional (CCSP® ) certification (8-12 Oct 2018) Supporting Event: “Stay Smart, Keep Cyber Scam Away” Seminar (20 Sep 2018) Information Security Summit 2018 (4-5 Sep 2018) Supporting Event: IoT Security Forum (29 Aug 2018) PISA AGM cum Feature Talk: Road to Defcon (25 Aug 2018) (ISC)2 Security Congress APAC 2018 (09-10 July 2018) (ISC)2 12th Annual ISLA Asia-Pacific (09 Jul 2018) Supporting Event: GDPR Hands-on workshop 2018 (26 Jun 2018) Supporting Event: Certified Information Systems Security Professional (CISSP® ) certification (25 Jun 2018) PISA Security Jam 2018 #pisajam2018 (26 May 2018) Supporting Event: “Stay Smart, Keep Cyber Scam Away” Seminar (25 May 2018) Supporting Event: Cloud Expo Asia 2018 (16-17 May 2018) (ISC)2 APAC Secure Webinar – Stronger Security Posture through Zero Trust and API Management (9 May 2018) Understanding What is New in China Cybersecurity Law and What We Cannot Do (26 Apr 2018) Supporting Event: VXCON 2018 (21 Apr 2018) (ISC)2 APAC Secure Webinar – Security at Network Speeds (18 Apr 2018) Supporting: (ISC)2 Online Training Options (Especially for APAC based candidates) PISA Spring Dinner 2018 (26 Mar 2018) Supporting Event: Official (ISC)² CCSP Classroom Training in Hong Kong (19 Mar 2018) (ISC)2 HK Chapter AGM cum Feature Talk: The Era of BlockChain and Smart Contract Development (20 Jan 2018) Supporting Event: How to get ready for your Cloud Security Certificates (18 Jan 2018)
Tackling System Security from the Perspective of Non-digital Components (9 Dec 2017) Supporting Event: Live Cloud Forensics (6 Dec 2017) Supporting Event: 11th Annual HTCIA APAC Training Conference 2017 (5-6 Dec 2017) The Integration of “Human + Machine” – The biggest security challenges in businesses (23 Nov 2017) Supporting Event: Cyber Security for Industry 4.0 International Conference (21-22 Nov 2017) Supporting Event: Hong Kong’s Road to Compliance (6 Nov 2017) [Limited Time Offer] CCSP Online Self-Paced Training Package (ISC)2 Upcoming Webinars in Nov (ISC)2 Safe and Secure Online – Train the Trainer and Sharing (26 Oct 2017) How does Blockchain enhance Cybersecurity (26 Sep 2017) False sense of security – “How easy to hack the physical security nowadays” (21 Sep 2017) Supporting Event: Build a Secure Cyberspace 2017 – “Smart Home, Safe Living” Seminar (20 Sep 2017) PISA AGM cum Feature Talk: DevOps Security Journey (19 Aug 2017) Co-organized Event: Information Security Summit 2017 (15-16 Aug 2017) Supporting Event: Cloud Adoption at Governments – Building Public Cloud Policy (10 Aug 2017) Technical Sharing Session: Malware Command and Control using Social Media Platform (4 Aug 2017) SafeWiFi – Public Awareness Seminar on WiFi Security 2017 (29 Jul 2017) Supporting Event: (ISC)2 Security Congress APAC 2017 (03-04 Jul 2017) Supporting Event: Cyber Security for Industry 4.0 Conference (23 Jun 2017) Supporting Event: Innovix Symposium (23 Jun 2017) Supporting Event: Security Tech Forum 2017 (16 Jun 2017) Supporting Event: The 18th Info-Security Conference 2017 (9 Jun 2017) PISA Security Jam 2017 (27 May 2017) Supporting Event: Cloud Expo Asia and Data Centre World (24-25 May 2017) Supporting Event: VXCON (28 Apr 2017) Supporting Event: The 9th InfoSecurity Summit 2017 (26 Apr 2017) Supporting Event: Build a Secure Cyberspace 2017 – “Smart Home, Safe Living” Seminar (21 Apr 2017) Supporting Event: Executive Luncheon: Greater Security Capabilities with New Microsoft Enterprise Cybersecurity Group (20 Apr 2017) Supporting Event: Implementing DevSecOps – Evolving Security Culture (20 Apr 2017) Supporting Event: Internet Economy Summit 2017 (10-12 Apr 2017) (ISC)² Member Reception@Hong Kong 2017 (7 Apr 2017) Supporting Event: ThreatMetrix APAC Digital Identity Summit 2017 (5-6 April 2017) Supporting Event: ISACA China HK Chapter Annual Conference 2017 (16 Mar 2017) Supporting Event: The 8th BankTech Executive Summit 2017 (7 Mar 2017) Tech talk “Safe Browsing & Evolving Security Threats” (06 Feb 2017) Supporting Event: The Youth Technology Crime Seminar (19 Jan 2017) Supporting Event: The Asian Financial Forum (AFF) (16-17 Jan 2017) (ISC)2 HK Chapter AGM cum Feature Talk: Remote Attacks on Vehicles by Exploiting Vulnerable Telematics (14 Jan 2017) Supporting Event: Cyber Security Professionals Awards 2016 (6 Jan 2017) Supporting Event: CSA HKM Knowledge Sharing Event (5 Jan 2017)
Hacking an ATM For Cash – ATM Company Visit and Cases Sharing (7 Dec 2016) Supporting Event: HTCIA Asia Pacific Training Conference (6-7 Dec 2016) Supporting Event: Build a Secure Cyberspace 2016 – “Protect Data, Secure Transaction” Seminar (25 Nov 2016) How Mirai Botnet & IoT took down the Internet (16 Nov 2016) Supporting Event: Asia Internet Symposium Hong Kong (11 Nov 2016) Technical Sharing from the Blackhat US 2016 (4 Nov 2016) Supporting Event – ASTRI IUCF 2016 (17 Oct 2016) Supporting Event: Welcoming Dinner for IT Legislative Councilor 2016-20 (30 Sep 2016) Supporting Event: Cyber Security Programme 2016 (23 Sep 2016) Seminar on “Cloud, IoT and Security – Connect cloud security with the physical world through AWS IoT” (20 Sep 2016) Co-organized Event: Information Security Summit 2016 (12-13 Sep 2016) Supporting Event: SecureHongKong 2016 (2 Sep 2016) LegCo Information Technology Constituency Election Forum (29 Aug 2016) PISA AGM, EXCO Election 2016 and Theme Talk (27 Aug 2016) Supporting Event: The 4th Symposium on Risk Management (25 Aug 2016) Train the Trainer Session for (ISC)2 Safe and Secure Online (24 Aug 2016) Public Awareness Seminar on WiFi Security 2016 (13 Aug 2016) Open Discussion on “Professional Development Programme for Cybersecurity Practitioners to Enhance the Cyber Resilience of Banks” (6 Aug 2016) Supporting Event: How to securely configure and use Office 365 from enterprise perspective (4 Aug 2016) PISA 15th Anniversary Dinner (28 Jul 2016) Supporting Event: (ISC)² Security Congress APAC 2016 (25-26 July 2016) Security Seminar on Security Operation Center (SOC) 3.0 and Cyber Threats (28 Jun 2016) Supporting Event: The 17th Info-Security Conference (28 Jun 2016) Supporting Event: Build a Secure Cyberspace 2016 – Protecting Data from Ransomware Attack (31 May 2016) Supporting Event: Cyber Security Conference 2016 (30 May 2016) PISA Security Jam 2016 (21 May 2016) Supporting Event: Cyber Security Summit 2016 (16-18 May 2016) Supporting Event: VXCON 2016 黑白對決 (Blackkungfu Vs Whitekungfu) (22-24 Apr 2016) Supporting Event: Mobile App Development Forum on Privacy and Security (21 Apr 2016) Supporting Event: Hong Kong Cloud Forum 2016 (7 Apr 2016) Supporting Event: Software Defined Network and how can it help enhancing Cloud Security (7 Apr 2016) Just Hacker things with Jayson (15 Mar 2016) CopperDroid: Automatic Android Malware Analysis and Classification (4 Mar 2016) Ethical Hacking Workshop – Deep dive of Exploit Writing (20 Feb 2016) Information Security Talk – The Road to DEFCON (19 Feb 2016) ISC2 Hong Kong Chapter AGM and Advanced Persistent Threat (APT) Techniques and Case Studies (16 Jan 2016)