(只提供英文版本)
Recent news regarding cyber security incidents and phishing frauds have elevated cyber security as one of the top risk concerns for many organisations. Top management is keen on understanding the specific cyber risks they face, while organisations are actively seeking ways to enhance protection against cyber threats. Yet, they may have concerns to establish an effective cyber security protection model to secure their critical and sensitive assets.
Why is it difficult to address cybersecurity? What are the common pitfalls? How should an organisation put cybersecurity as priority?
Date and Time
27 Feb 2025, 09:00 – 18:00
Venue
HKPC Building, 78 Tat Chee Avenue, Kowloon Tong, Kowloon
Medium
Cantonese with English terminology
Course Content
This workshop will first explain the common tactics and techniques used by the cyber attackers and how such risk can be identified, assessed, and managed. Next, the key essentials to manage cybersecurity and references to cybersecurity frameworks will be elaborated. Incident management which is an important aspect of cybersecurity will be covered: how incident response should be structured, how security monitoring could help with early detection, and when/how digital forensics should be used. Finally, the workshop will also cover privacy by explaining how privacy is different from security and how privacy controls should be implemented.
Course Outline
The workshop will be classroom based led by instructor presentations with practical experience sharing based on the outline below:
- Understand cyber threat landscape
- Worrying local and global cybersecurity incidents
- Anatomy of ransomware and common cyberattacks
- Common root causes
- Cybersecurity risk management
- Techniques and approaches
- Risk identification and assessment – cyber risk exposure assessment (include exercise)
- Risk treatment
- Risk monitoring
- Essentials to manage cybersecurity
- Security governance
- Security architecture
- Security technology: products vs solutions vs services
- Security operations
- Introductory of Cybersecurity frameworks
- NIST Cybersecurity Frameworks
- CIS controls
- CSA Cloud Control Matrix
- Incident management
- Security monitoring
- Use cases (with demonstration)
- Incident response processes (include exercise)
- Forensics
- Privacy management
- Privacy principles
- Privacy frameworks
- Privacy impact assessment
- Understand cyber threat landscape
Fee
Early bird price on or before 2 February 2024
HK$4,000 per person
Regular Price
HK$4,500 per person
Trainer
Mr Henry NG
Principal Consultant, eWalker Consulting (HK) Limited
Henry NG is an IT and cyber security veteran for 30 years. He has held various senior management positions managing and growing cyber security businesses in the APAC region.
Leveraging his in-depth cybersecurity management and operational experience, Henry has provided practical consultancy advices to many organizations how to implement effective cybersecurity programs. His specalities include security governance, cybersecurity and privacy framework design and implementation, assessments and audits, incident response, and security training. He has been invited frequently as speakers, panelists and moderators in many cyber security and risk seminars in the region. He also teaches IT security courses and helps promote security awareness to the local community such as speaking in schools and the public.
He was the ex-managing director of Thales Critical Information Systems and Cyber Security business line which he worked for 9 years. While working with Thales, Henry grew the cyber security business from scratch to managing a team of 30 security professionals. He oversaw the regional team to help APAC customers to address cyber security issues by protecting against cyber security threats and managing IT security risks. Projects include conducting cyber security maturity assessment, strategy studies, security assessment and audit, PCI and other regularly security engagements, penetration testing and ethnical hacking. Customers came from different industries and sectors including banking and finance, insurance, telecommunications, transportation and utilities, manufacturing and higher education institutes. Prior to joining Thales, Henry also held senior positions at Verizon Business and HP consulting security practice team.
Henry holds multiple cybersecurity, cloud security and privacy certifications including CISSP, CISSP-ISSAP, CISA, CPDSE, CCSK, and CCAK. He holds a Bachelor degree in Computer Engineering from University of Michigan, Ann Arbor, USA.
Target Audience
Anyone interested in cybersecurity or who wants to know more about cybersecurity and privacy protection are welcomed to join. IT technical knowledge is preferred but not essential.
- IT and technical professionals
- Cybersecurity professionals
- Senior management
Certificate
Participants with at least 75% attendance will be awarded an Attendance Certificate.