In an era where cybersecurity vulnerabilities, threats, and data breaches are becoming increasingly commonplace, the need for robust cybersecurity measures is more critical than ever.
This workshop is designed to introduce participants to the Information Security Forum’s Standard of Good Practice (ISF SOGP) 2025 and the benefits of adopting a cybersecurity governance framework.
The digital landscape is evolving rapidly, and with it, the nature of cybersecurity threats. Organisations, Small and Medium Enterprises (SMEs) and Non-Governmental Organizations (NGOs) are often the most vulnerable to these threats due to a lack of resources or expertise in cybersecurity. Recognising this, HKPC have localised the ISF SOGP 2025 into a series of training workshops for the general public in Hong Kong on advocating the cyber security culture and atmosphere.
Our goal is to promote cybersecurity awareness and best practices in the SME and NGO and all industry sectors. The first in this series of workshops serves as an introduction to the ISF SOGP and the concept of cybersecurity governance.
Date and Time
21 Mar 2025, 15:30 – 17:30
Venue
HKPC Building, 78 Tat Chee Avenue, Kowloon Tong, Kowloon
Medium
Cantonese with English terminology
Course Content
- Security Governance:
Establish a robust framework for information security governance.
Learn to set and manage your organization’s security direction and risk appetite effectively. - Information Risk:
Develop a comprehensive information risk management framework.
Conduct regular information risk assessments to protect critical business environments. - Security Assurance:
Implement a structured information security assurance programme.
Enhance security performance through regular testing and measurement. - Asset and People Management:
Maintain detailed asset inventories and manage human resources security throughout the employment lifecycle. - Security Education and Training:
Build a culture of security awareness and ensure continuous learning through targeted training programmes. - Technical Infrastructure and System Resilience:
Design and maintain resilient systems and networks to support your business operations securely. - Network Management and Cryptography:
Manage network configurations and implement strong cryptographic controls to protect sensitive data. - Threat Protection and Incident Management:
Develop strategies for threat detection, vulnerability management, and respond effectively to security incidents. - Physical Protection and Business Continuity:
Enhance physical security measures and establish robust business continuity plans to ensure operational resilience
- Training fee:
HK$500
Trainer
This introduction workshop will be conducted by seasoned HKPC Cybersecurity Consultants
Target Audience
- Chief Information Security Officers (or equivalent) develop policies, implement governance, and ensure assurance.
- Information Security Managers (including architects, officers, and specialists) promote and implement policies and controls.
- Risk Officers and Specialists identify, assess, and treat strategic, financial, compliance, operational, technology, and information risks.
- IT Managers and Specialists design, plan, develop, deploy, and maintain business applications, systems, and infrastructure.
- Technology Auditors conduct security audits and provide recommendations.
- IT service providers manage critical IT resources (e.g., cloud environments, infrastructure) for the organization.
- Data privacy officers coordinate privacy activities (e.g., protecting sensitive data, conducting assessments).
- Business Managers ensure risk assessments and manage critical applications and processes.
- Procurement and vendor management define security requirements in contracts.
Certificate of Training
Participants who have attained 75% or more attendance will be awarded Attendance Certificate.