i) Group Discount and Registration Groups of three or more of the same organization will enjoy a 10% discount.
ii) Other discount Members of supporting organization will enjoy a 10% discount.
For registration, please email firstname.lastname@example.org or contact us at +852 8101 2801
Mr. Nicholas W Yang graduated in 1977 from the California Institute of Technology in the United States with a Bachelor of Science in Electrical Engineering and Applied Mathematics. He pursued further studies in Stanford University and obtained a Master of Science degree in Electrical Engineering in 1978 and a Master of Business Administration degree in 1982. Mr. Yang worked as a senior design engineer for Intel Corporation in 1978 and subsequently as a strategic management consultant for Bain & Company. Returning to Hong Kong in 1983, he joined Shell Electric Mfg. (Holdings) Limited as its Executive Director and Deputy Group Managing Director. He was senior consultant and director of several venture capital and private equity investment firms in 2002. Mr. Yang was appointed as the Chief Executive Officer of the Hong Kong Cyberport Management Company Limited in 2003 and was an Executive Vice President of the Hong Kong Polytechnic University from 2010 to February 2015. In March 2015, he was appointed by the Chief Executive of the Hong Kong Special Administrative Region as Advisor on Innovation and Technology, and a Non-official Member of the Executive Council. In November 2015, Mr. Yang was appointed Secretary for Innovation and Technology of the fourth-term Government of the Hong Kong Special Administrative Region.
TOPIC : Cyber resilience through collaboration: Visions and actions of the HKMA
Nelson Chow has been appointed to the present position from 1 September 2016 with responsibilities for facilitating the healthy development of the fintech ecosystem in Hong Kong and promoting Hong Kong as a fintech hub in Asia. He joined the HKMA in 2004 and was responsible for the supervision of banks’ technology risk management and business continuity planning as well as the formulation of related policies and guidelines. He was the Deputy Chief Representative of the New York Office in 2010. After returning to Hong Kong in 2013, he took up responsibilities to supervise banks’ operational risk management and perform macro-prudential data analysis. Prior to joining the HKMA, Mr Chow was a Vice President of JPMorgan Chase Bank, N.A. responsible for information risk management of the Asia Pacific region. He holds a Bachelor of Science degree from the University of Auckland and a Master of Science degree from the Hong Kong University of Science and Technology.
TOPIC: Cyber Future : Security and Privacy Doomed?
ISACA Board Director Rob Clyde, CISM, is the Managing Director of Clyde Consulting LLC, an executive advisory firm. He recently served as CEO of Adaptive Computing, which provides workload management software for some of the world’s largest cloud, HPC and big data environments. He is also a Board Director for White Cloud Security and Xbridge Systems. He was CTO at Symantec and co-founder of Axent Technologies. Credited with creating the first commercial intrusion detection system, he has been a cybersecurity expert for over three decades. He received both the John Kuyer “Best Speaker” and Wasserman awards from ISACA.
TOPIC: Technology Risk Management in Banking Industry (in Cantonese, Presentation Material in English)
Mr. Rocky Cheng has been working in IT and finance industries for more than 20 years. He has engaged in various technology and management positions and is expertized in IT governance, infrastructure architecture, technology standards, application development and service delivery. He also has profound knowledge in banking and finance industry, including the products and operations of banking, securities trading and insurance.
Rocky is now working as the General Manager of the Bank of China (Hong Kong) Limited, responsible for the IT strategic planning and operations; driving and mobilizing the IT resources to accomplish the business strategic goals; and provisioning of IT to support the business operations and facilitate the innovation development as the new core value for the Bank. He also participated in various large-scale re-structuring, public listing and cross-region IT system integration projects in the past.
Rocky serves as Vice Presidents in various IT professional organizations in Hong Kong. He has been actively engaged in professional activities with IT organizations and professionals in Hong Kong. His work facilitates IT and communication industry development, professionalism and career enhancement. He has also been actively involved in professional activities with educational and public bodies, and acting as advisor in major universities and academic institutions in Hong Kong. Besides, he is a judge of the Innovation and Technology Support Programme, a member of the Technology Review Committee and a judge of the Innovation and Technology Fund Research Projects Assessment Panel under the Innovation and Technology Bureau of HKSAR Government. He is also the Chairman of the e-Banking Working Group of the Hong Kong Association of Banks.
Mr. Cheng holds the Master degree of Business Administration (EMBA) from The Chinese University of Hong Kong and a Master degree in Computer Science from City University of Hong Kong. He was awarded the British Chevening Scholarships for Business Leadership study in University of Cambridge and London Business School in the UK.
TOPIC : Building Business Value with Cybersecurity Governance – An Achievable Reality?
Martin Schlatter is Chief Information Officer and Regional Chief Executive Officer, APAC, of NTT Security, responsible for information technology strategy and systems. Formerly Group Services Director, Security at Dimension Data, Martin brings strong vendor relations and managed services experience. His career includes over 20 years’ experience in information security specializing in consulting, operations management, pre-sales and technical architecture positions at corporations in the ICT services, business consulting, financial services and manufacturing sectors in South Africa, Europe and Australia.
TOPIC : Providing Assurance over Cybersecurity Efforts
Anthony is the New York based VP of IT Audit for Viacom Inc, a role he has held for 18 years. He has 30 plus years of IT experience ranging from Computer Operations in large data centers to IT Audit. He has been employed by major organizations, such as, UPS, Coopers & Lybrand and the former Chase Manhattan Bank during his 25 years as an IT Auditor.
He was a member of the ISACA International Knowledge Board for two years and was the Chair of the COBIT 5 Assurance Guide Task Force which was published in May 2013. He was also a member the ISO Liaison Sub-Committee whose members represent ISACA at ISO working group meetings and represented ISACA at several JCT1/SC7 meetings. Also, prior to that he was a member of both the ISACA Framework and Guidance and Practices Committees. Tony was chair on the ISACA Top Technology Issues project which was published in 2011.
TOPIC : The Revolution of Identity
Mr. Angus Choi began serving as Chief Executive Officer of Joint Electronic Teller Services Limited (“JETCO”) in December 2014, overseeing the company’s day-to-day operations and driving the expansion of its automated teller machine (“ATM”) network and payment business platform in Hong Kong and Macau.
Prior to joining JETCO, Mr. Choi was managing director for Hong Kong at TransUnion Limited where he oversaw the company’s credit reporting, analytics and decisioning business.
At JETCO, Mr. Choi’s objective is to enhance the value of the company’s ATM platform for both users and member banks through continuous innovation and the development of cross-border capabilities. At the same time, Mr. Choi also aims at introducing diversified and sophisticated financial and payment services to help member banks expand their business and promote the development of the local financial market.
With almost 30 years of experience in the consumer credit bureau and banking sectors, Mr. Choi has also held senior positions in Citibank’s and DBS’ consumer and corporate banking businesses, as well as regional sales and marketing management positions at Visa International and American Express in Hong Kong and Canada.
Mr. Choi holds an Executive Master of Business Administration degree from Southern Illinois University in the United States.
TOPIC : How to really audit an organisation’s overall cyber security posture as well as mitigate insider risk?
Paul has been working in Asia since 1988 when he joined the Royal Hong Kong Police Force. With a background in electronics and telecommunications, he led efforts to advance technology-related policing in Hong Kong and helped establish the Technology Crime Division within the HK Police. During this time, he also worked with Interpol in forensics and cybercrime capacity building for over 50 Police Forces in Asia and Europe. In 2010, Paul moved to JPMorgan and whilst with the Firm led APAC Investigations and subsequently headed up Global High Tech Investigations based out of New York. In this capacity, Paul was also instrumental in developing an Insider Threat program for the bank. In 2015, Paul took on the role as APAC MD for Stroz Friedberg (now an Aon company) – a global leader in cyber security testing, investigations, intelligence and risk management.
TOP : Trends in Cyber Threats and Prevention
Ian Christofis is a Managing Principal Consultant with Thales, driving information security advisory consulting and solution-focused professional services in APAC.
His main technical expertise areas are: information security – particularly cryptography and Public Key Infrastructure (PKI), identity and access management, smart cards, and personal data privacy. He combines a strong understanding of the commercial and strategic business issues with a detailed knowledge of the technology. He has over 30 years’ experience providing consultancy, guiding businesses, and providing thought-leadership, in Australia, Germany and Hong Kong across a range of industries, including the banking & financial sector and government.
Ian is a Certified Information Systems Security Professional (CISSP), a founding board member of the Hong Kong & Macau chapter of the Cloud Security Alliance (CSA), and on the editorial board of the journal of the Professional Information Security Association (PISA).
Moderator (Panel Discussion I)
Mr. Dale Johnstone is the Vice-Convenor of ISO/IEC JTC1 SC27 WG1 which is the ISO committee responsible for the development and publication of ISO standards such as ISO 27001 and ISO 27002. Dale has over 25 years' experience in information security and risk management with a number of major organisations in Australia and Hong Kong.
Moderator (Panel Discussion II)
Patrick Rozario has over 25 years’ experiences working for large international accounting firms and in the commercial sector.
Patrick has many years of experience working in the area of governance and risk advisory. Patrick managed various internal audits, corporate governance, Sarbanes-Oxley, internal control and information technology risk assurance advisory engagements for clients across different industries including banking, insurance, telecommunication and government in Hong Kong and China. Patrick was also involved in large scale information system implementations in North America and Asia.
Patrick is a Fellow of Certified Practising Accountants of Australia (FCPA (Australia)) and a Certified Information System Auditor (CISA) and a member of the Institute of Internal Auditors (IIA)
Cybersecurity and risk management are becoming increasing visible to the executive management and boards of directors. The emergence of new and more destructive attacks may pose significant or irreversible risks to your organization. This would include ineffective protection of critical infrastructure leading to the consequences of disruption of critical operations, unauthorized access to and disclosure, modification, or destruction of sensitive information.
This is a very thought-provoking education event that you could learn from the expert speakers, or sharing with other attendees on how to proactively addressing the cyber security, identifying risks through data analystics, managing related risk management, or transforming digital risks onto competitive advantage.
Regal HongKong Hotel
88 Yee Wo Street, Causeway Bay, Hong Kong
At a breathtaking pace new technology arrives that amazes us – yet also scares us in some fashion. At the same time attackers are becoming more innovative and not only stealing and selling information, but also holding data and systems for ransom. Security becomes more challenging and privacy may be doomed. Security, risk and assurance professionals struggle to keep up and have to fight the natural instinct to just say “no” to new things. It seems like there is hardly a device or function that can’t be connected to the Internet. This Internet of Things collects all kinds of data. The cloud gives new power to quickly spin up new workloads and scale with business needs. Big Data analytics provide insights that are enabling amazing new ways to improve efficiency, reach customers, cure cancer and diseases, and predict outcomes. Mobile technology has enabled new ways to conduct business, including secure mobile payments. Augmented reality and artificial intelligence applications create new security and privacy implications New technologies enable governments, criminals, and just about anyone to easily spy and gather information. This session explores this future and points to examples that are already here. Learn about security and privacy issues and understand ideas about how to safely embrace some of these new technologies.
The external threat landscape is diverse. There are tons of potential threat that organizations, in particular those in banking industry must deal with each day. Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards.
Technology risk management becomes the heart of our defense system against such threats, and it enables our armies good battlefield intelligence and fight in a coordinated, organized, and efficient manner. Clear defined governance model and adequate management mechanisms, robust defense systems and tools, and comprehensive awareness training are all critical success factors of effective technology risk management.
Strong IT governance is a necessary pre-requisite to ensure the effective implementation of cybersecurity related initiatives by a financial institution. The HKMA will take this opportunity to share its experience in implementing the Cybersecurity Fortification Initiative, which comprises three pillars - a Cyber Resilience Assessment Framework to establish a common risk assessment framework for banks; a Professional Development Programme to offer trainings and certifications for practitioners in the cybersecurity field, and a Cyber Intelligence Sharing Platform to facilitate sharing of cyber threat intelligence.
Data Breach rates are accelerating, despite increased IT security spending to protect data, and increased compliance requirements from regulators. The latest findings from the 2017 Thales Data Threat Report show some clear trends and some surprises. How should businesses protect against cyber threats? Is being compliant enough? What is best practice when adopting new technologies such as Containers? What can IoT manufacturers do to improve security and protect consumers? What can consumers do to protect themselves?
Moderator : Dale Johnstone
One of the most often heard complaints regarding cyber-security is the lack of talent! Is this really the case, or is the real problem an inability to recognise who is most suited to entrust our cyber defences to? All too often, companies hire individuals (or external providers) based on certifications and academic qualifications, but never actually test or audit whether these individuals are doing a good job post-hire. This presentation examines the options available to effectively test security resources both in terms of the ability to detect and prevent threats, as well how they respond in the event of a breach occurring.
Also covered will be best practices in approaching the insider risk – in terms of both inadvertent and malicious actors. How to balance privacy with audit considerations in identifying those who place the company’s data at risk? How to engage the employees to become the first line of defence as opposed to the weakest link?
Technology continues to extend into every corner of business as they increasingly transform to a digitized environment to stay competitive. Corporate leaders now face a new strategic challenge: how do they ensure that information security measures are aligned with business objectives?
With so much of an organization’s value anchored to its information assets, re-thinking traditional fragmented security infrastructures and processes is absolutely essential to protecting future earnings, and more importantly, trust from customers. Businesses need a clearly defined approach to understanding their risk exposure, benchmarked against global industry best practice. Equipped with insights from risk assessment, coupled with the broader objectives of business priorities, organizations can then make informed decisions for a well-defined cybersecurity strategy.
Security has become a board and executive level issue. In fact, 82 percent of respondents to the “ISACA 2016 State of Cybersecurity” report that their enterprise board of directors is “concerned” or “very concerned” about cybersecurity.
But, half of the latest IIA “Pulse of Internal Audit” survey respondents (52 percent) believe that a lack of cybersecurity expertise among internal audit staff very much or extremely affects internal audit’s ability to address cybersecurity risk. We will discuss methods of addressing Cybersecurity within Internal Audit using COBIT in order to be able to give our board of directors some comfort over this area.
New generation of consumers demand high mobility and wide variety of banking services via digital channels where interactions are required to be seamless and fast. In order to cater to their needs, digital identity is the key element to break through any existing limitation for banks to provide a quality, efficient and secure offerings. Moreover, identity fraud can not only cause financial loss to consumers, but also a negative impact on the corporate. Therefore, a robust identity management mechanism is a critical success factor to catch the new wave of technological revolution and to mitigate the risks facing.
Moderator : Patrick Rozario
*The organizer reserves the right to make changes without prior notification.
Speaker : Anthony Noble
Speaker : Robert Clyde
Every business is now a digital business with software at the core. The velocity of technical change today is unlike any we’ve seen before. Enterprises must figure out how to safely embrace new technology or risk obsolesce. At the same time attackers are innovating faster than many enterprises can match. This workshop will explore recent cyber-attacks and emerging technology trends, risks, mitigations and countermeasures. Participants will understand how these and other attacks work and techniques for thwarting them:
• Advanced Persistent Threats
• Targeted Malware
• Spear phishing
Through engaging discussion, multi-media presentation, and group exercises, participants will also understand the opportunity, risks and ideas for safely embracing the following types of emerging technologies and IT trends:
• Artificial intelligence and machine learning
• Augmented and virtual reality
• Internet of Things (IoT)
• Big Data
• Private cloud, Hybrid Cloud, Public Cloud
• Social media
• Mobile payments
Regal Ballroom, Basement 1, 88 Yee Wo Street, Causeway Bay, Hong Kong
It is easy to travel to Regal HongKong Hotel from HongKong International Airport and Hong Kong's efficient public transportation system.
Feel free to contact email@example.com for more transportation options.
26/F, Wu Chung House, 213 Queen's Road East,Wan Chai,Hong Kong
It is easy to travel to School of Continuing Education from HongKong International Airport and Hong Kong's efficient public transportation system.
Feel free to contact firstname.lastname@example.org for more transportation options.
Sponsor the event and be involved in one of the fastest growing domains in IT industry, and most important of all - Position your organization with an attractive demographic. For sponsorship packages details, please contact email@example.com
Inquiries: +852 8101 2801