Building a Cyber Security and Cloud Protection Framework - 生产力学院
Building a Cyber Security and Cloud Protection Framework
10011811-01
香港九龙达之路78号
2021-08-25
蔡小姐,电话:+852 2788 5884

只提供英文版本

Cyber security is essential to any organisation, yet many are still struggling with establishing an effective cyber security protection model to protect their critical and sensitive assets. Migration to cloud and working from anywhere are adding more complexity and uncertainty.

Is there a standard cyber security model organisations can take reference to? How can the model be implemented in a pragmatic way to balance security protection versus business agility?

The answers are all in this workshop!

Security Frameworks Covered

NIST has published a cyber security framework (CSF) a few years back. It consists of 5 functions and 23 categories. It is now regarded as a matured framework which can be adopted and implemented by different types of organisations in order to build a sound cyber security protection framework.

CSA has also published a cloud control matrix (CCM) which describes a set of control objectives to governance secured usage and implementation of cloud services. It consists of 16 control domains with over hundreds of detailed control specifications.

Content

This training will explain in detail what CSF & CCM frameworks are and how they can be applied to protect an organisation’s critical assets and cloud usage. Practical examples will be shared to illustrate the best practices and tips of adopting these two frameworks.  

After the training, the audience will acquire deeper knowledge about NIST CSF and CSA CCM and the practical side of applying these frameworks to implement cyber security and cloud protection.

Course Outline

The training will be classroom based led by instructors who will teach the content based on slides with practical experience sharing. The outline of the training is as follows:

    • Evolution of Cybersecurity
    • Different Standards and Frameworks
    • NIST Cyber Security Framework
      –  What is CSF
      –  CSF functions and categories
      –  Detailed walkthrough of each of the subcategories or control sets
    • CSA Cloud Control Matrix
      –  What is CSA CCM
      –  16 control domains
      –  Detailed walkthrough of each of the control specifications
    • Examples of Framework Implementation
    • Practical Implementation Guidelines and Tips
    • What Other Frameworks and Standards Are Expected to Come

Target Participants

Individual who are interested in cloud deployment and familiar with network architecture and management, such as:

    • System Integrators
    • System Administrators / Engineers / Analysts
    • Technical Engineers / Managers
    • Information Security Analysts / Managers

Date and Time

25 Aug 2021 (Wed)
09:30 – 17:00 (Total 6.5 hours)

Medium of Instruction

Cantonese with English terminology

Training Fee

Early bird price on or before 23 Jul 2021

– Staff of Organiser or Member of Supporting Organisation: HK$3,200 per person
– Non-member: HK$3,300 per person

Regular Price
– Staff of Organiser or Member of Supporting Organisation: HK$3,300 per person
– Non-member: HK$3,400 per person

RTTP Training Grant Application

This course is applying Reindustrialisation and Technology Training Programme (RTTP), which offers up to 2/3 course fee reimbursement upon successful applications. For details: https://rttp.vtc.edu.hk.

Companies should submit their RTTP training grant application for their employee(s) via https://rttp.vtc.edu.hk/rttp/login at least two weeks before course commencement. Alternatively, application form could be submitted by email to rttp@vtc.edu.hk along with supporting documents.

Trainer

Mr Henry NG
Principal Consultant, eWalker Consulting (HK) Limited

Henry NG has been an IT and cyber security veteran for 30 years.  He has held various senior management positions managing and growing cyber security businesses in the APAC region.

His last position was managing director of Thales Critical Information Systems and Cyber Security business line which he worked for 9 years. While working with Thales, Henry built up the cyber security business from scratch to managing a team of 30 security professionals. He oversaw the regional team to help APAC customers to address cybers security issues by protecting against cyber security threats and managing IT security risks. Projects include conducting cyber security maturity assessment, strategy studies, security assessment and audit, PCI and other regularly security engagements, penetration testing and ethnical hacking. Customers came from different industries and sectors including banking and finance, insurance, telecommunications, transportation and utilities, manufacturing and higher education institutes. Prior to joining Thales, Henry also held senior positions at Verizon Business and HP consulting security practice team.  

Henry was appointed as the adjunct professor for University Malaysia of Computer Science and Engineering, and served in a different cyber security professional bodies including the director of CSA Hong Kong and Macau Chapter and member of the Hong Kong Expert Group on Cloud Security and Privacy. He has been invited frequently as speakers and panelists in many cyber security and risk seminars in the region. He also teaches IT security courses and helps promote security awareness to the local community by speaking in schools and the public.

Henry is a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) and a certified Information Systems Security Architecture Professional (ISSAP). He holds a Bachelor degree in Computer Engineering from University of Michigan, Ann Arbor, USA.

Certificate of Training

Participants who have attained at least 75% attendance of lecture will be awarded a Training Attendance Certificate.

 

Download Full Course Detail ▼