2019 Highlight

CLOUDSEC 2019

PICTURE THIS! See.
Secure. Go Further.

CLOUDSEC is the leading internet security conference in Hong Kong. With a theme of “PICTURE THIS! - See. Secure. Go Further.”, CLOUDSEC Hong Kong 2019 gathers together renowned experts, industry thought leaders, businesses and organizations from across the globe to re-evaluate and redefine their understanding of threats, risks and solutions in a rapidly evolving threat landscape.

The 2019 Theme: Picture This! See. Secure. Go further.

Picture an organization that can prepare for, withstand, and recover from any cybersecurity threat. How resilient it is that nothing gets in its way to achieve its goal. Picture how it can easily adapt to increasingly complex and shifting IT environments. Picture how it sees cybersecurity as a strategy, and how it has a keen perception of how ever-changing threats and risks should be managed.

Picture that organization as your own.

The computing landscape continues to introduce challenges amidst exciting new technologies, hyper-connections, and benefits. Organizations need to see order out of chaos, see things in a different perspective, and even step back to see the big picture, because having visibility through the power of collective and connected intelligence helps them build cyber resilience, and allows them to go further and do more.

Agenda

8:45 - 9:00
Registration and Showcase Visits
9:00 - 9:10
Opening Remarks
Bob Hung, General Manager – Hong Kong & Taiwan | Trend Micro
9:10 - 9:40
Picture this….
Rik Ferguson, Vice President Security Research | Trend Micro
We take the audience on a journey into the future. Not a far-fetched Orwellian dystopia, but one that we fully expect to see revealed over the next decade. This session will identity key technological and societal shifts that are changing the ways we act, interact and do business and will attempt to illustrate how these shifts could change attackers’ tools, targets and behaviors. While the motivations remain largely the same, money, intelligence and influence; the ever-accelerating pace of change means that the faster-moving, hyper-connected, artificially intelligent world of the coming decade will seem so much further removed than 2009 already does. Citing concrete examples of an all-too-plausible future we will ask the question “Is your organization up to the challenge?”
9:40 - 10:10
FedRAMP and its impact on cloud security
Katie Lewin, Federal Director | Cloud Security Alliance
The Federal Risk and Authorization Management Program (FedRAMP) has matured to become the standard for the US Federal Government and may be codified in Federal law. In this session we will use FedRAMP as an example of how the need for security in the cloud, the involvement of several government agencies and the cloud industry, and aggressive outreach to the community made FedRAMP a success.
10:10 - 10:40
Networking Break
10:40 - 11:10
Access, Authorization and Trust
Mary Ellen Condon, Former Chairperson of the Security Committee of the Identity Ecosystem Steering Group, USA
Identity, credential, and access management (ICAM) allows an organization to manage, monitor and secure access to critical information. While authentication and authorization are key components, do they really provide the trust to grant access. Is moving towards zero trust a better alternative to protecting the individual and the information from inappropriate use?
11:10 - 11:40
Fake News, AI, Privacy: The Next Frontiers in Security
Charles Mok, Legislative Councillor (Information Technology), HKSAR
As cyberpropaganda and fake news become weaponized on a larger scale, its impact could pose serious threats to organisations and institutions. On the other hand, the increasing use of artificial intelligence has raised new concerns over privacy and security. Charles Mok will share his perspective on tackling misinformation, ethical issues of artificial intelligence and their implication towards cybersecurity’s new frontiers.
11:40
Panel Discussion: Seeing Cybersecurity
Ian Christofis, Founding Board Member | Cloud Security Alliance Hong Kong & Macau Chapter
Seeing offers experience. Experience enables insight. And insight prompts action.
In the era of connected systems and evolving technology, increasingly complex threats loom over enterprises and users from all sides. Companies will need the awareness and foresight to see the systems’ gaps and attack entry points to establish a solid security strategy, at the same time have the freedom to pursue business expansion and opportunities yet to be realized.
This year, we share our belief that cybersecurity need not be reactive, ugly, or threatening; data, technology, and solutions can be used to create unique and beautiful expressions of art. With 20 billion internet-connected things by 2020 — powered by 5G communications and the developments in cloud infrastructure — going further and faster is no longer a question of if but when: when can we learn the skills for these new tech, when can we implement them in our organizations’ shifting operations, and when can we catch up to the changing landscape.
In the panel discussion, our experts will talk about the current and upcoming trends in the computing and threat landscape and how organizations can build a connected environment, a resilient cybersecurity strategy, and an adaptive infrastructure.
14:00 - 14:30
Micro-Services Networking and Security Architecture
Barany Mok, Senior Systems Engineer, Network & Security | VMware
VMware NSX Data Center helps customers operationalize micro-segmentation for applications in private and public cloud environments. It also empowers them to connect and protect applications and data, regardless of where they sit – from edge to edge. NSX is the core technology to enable this vision, and to provide a consistent networking and security across the business fabric. Within 30 mins, I am going to walk through how VMware NSX provides a network and security platform to simplify and automate your Kubernetes (K8S / PKS and OpenShift) container networking deployment and network policy enforcement.
14:30 - 15:00
The ever-evolving threat landscape
Sunny Au, Solutions Engineer | Cloudflare, Inc.
In an increasingly interconnected world—secure, private, and reliable online connections have never been of greater importance. In this talk, Anqing will discuss the security threats faced by anything connected to the Internet, with a focus on modern bot trends. He will cover some of the major techniques leveraged by attackers and provide examples of recent attack activities observed on Cloudflare's global anycast network to demonstrate the increasing complexity of bot attacks. Finally, he will share how these acts can be prevented by securing all Internet applications
15:00 - 15:30
Multiple Threat Defense on Hybrid Cloud Environment
Alan Leung, Consultant | Trend Micro
As you take advantage of the operational and economic benefits of virtualization and the cloud, it’s critical to secure your virtualized data centers, cloud deployments, and hybrid container environments effectively. If you neglect any aspect of security, you leave gaps that open the door to threats and serious data breaches. Join this session to learn how multiple threat defense techniques helps protecting runtime physical, virtual, and cloud workloads, containers, and scanning of container images pre-deployment.
15:30 - 16:00
Network Break
16:00 - 16:30
Protecting all the layers of your compute
Osemeke Isibor, Partner Solutions Architect | AWS
In this talk AWS will walk through three layers of compute options available to customers and how a combination of AWS best practices and Trend Micro service offerings can help customers raise their security postures in the cloud. We will focus on prevent and detect controls for 1) Amazon EC2 / Operating Systems, 2) Container based applications, and finally 3) Serverless Architectures.
16:30 - 17:00
Extend Security from Enterprise Cloud Platform to Multi-Cloud
Don Fung, Senior Channel Systems Engineer | Nutanix
Today's world has become a data-driven ecosystem. To compete, businesses must leverage new cloud services and data center architectures, which explains the rise of multi-cloud environments. However, without adequate visibility and control over public cloud consumption, the benefits can quickly be overshadowed by increased cloud costs and a weakened security posture. In the Nutanix session, Don Fung will talk about the key drivers for adopting multi-cloud architectures. This includes the core capabilities to look for in cloud cost and security governance tools to optimize your multi-cloud infrastructure.
17:00
Lucky Draw
14:00 - 14:30
Lumin - Evolve Vulnerability Management to Next Level
Disney Cheng, Senior Solution Architect | APAC, Tenable Inc.
Where are we exposed? Where should we prioritize efforts based on risk? How are we reducing our exposure over time? How does our cyber hygiene compare to our peers?
To answer questions above, tenable create tenable.io Lumin - the industry’s first Cyber Exposure offering which tackles these problems head-on by visualizing, analyzing and measuring the organization’s Cyber Exposure across the entire modern attack surface. Tenable.io. Tenable.io Lumin also uniquely applies data science to the industry’s richest set of vulnerability intelligence so CISOs can quantify their organization’s cyber risk, benchmark it against the industry and make better strategic decisions at the Board level.
Join us for inspiration and ideas, to see how tenable's solution can enable security teams to prioritize remediation based on risk while providing the business metrics to communicate and improve security effectiveness over time.
14:30 - 15:00
"Trust Me. Your Data is Safe." - Overcoming Data Security Anxiety
Joseph Ling, Senior Solutions Architect | nCipher Security
Data, probably the most valuable strategic asset in the world, is always the utmost concern in cybersecurity. However, protecting data is a more and more difficult mission, thanks to the advancements in infrastructure, application, and security standards. Despite no products in the market lack data protection abilities, incidents (some are even disastrous) are still everywhere. Is it actually impossible to secure data? Does it mean the products are not robust? Should I compromise security with data liquidity? Although "No" is the short answer, it could only be convincing when there is trust.
15:00 - 15:30
How to protect your cloud?
Jeff Chen, Senior Consultant, Greater China and Korea sales engineering team | Thales CPL
Digital transformation” means many things to different industries, and deploying a cloud environment hosting sensitive data can appear a daunting decision to take. However, the benefits of flexibility and scalability of a cloud-based IT environment can enable organizations to embrace a more efficient way of working, with better customer engagement and experience. In this session, Jeff will deliver below
1) How to develop an effective and efficient digitalisation strategy
2) Why proactive security of data can protect your reputation, employees and customers
3)How best to protect data on a cloud platform and ensure it is as secure as possible
15:30 - 16:00
Network Break
16:00 - 16:30
Effective Risk Management with Multi-vector Alerts Correlation
Tony Lee, Head of Consulting | Trend Micro
Many organizations today use multiple, separate security layers to detect threats across their endpoints, servers, network, email and cloud infrastructure, leading to siloed threat information and an overload of threats with little means to correlate and prioritize them. Investigating threats across all these disparate solutions makes for a very piecemeal and manual investigation process that can miss threats altogether due to lack of visibility and correlation. Many detection and response solutions only look at endpoints—and therefore miss threats that enter through user emails, the network, and servers—resulting in a very limited view of the breach and provides an inadequate response. In this session we will introduce to you XDR, a new methodology to extends detection and response beyond the endpoint to offer broader visibility and expert security analytics, allowing users to respond more effectively to threats, minimizing the severity and scope of a breach.
16:30 - 17:00
Hybrid Cloud Security and Compliance Best Practice Sharing
Allen Ho, Partner Technology Manager | Microsoft Hong Kong
Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your business challenges. You have the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks. Microsoft and Trend Micro work together to provide advancement of security and compliance mechanism on your workloads deployed on hybrid cloud environment powered by Azure. This will be an introductory session to share our insights and best practices to design an enterprise ready architecture.
17:00
Lucky Draw

Speakers

Alan Leung

Consultant | Trend Micro

View Bio

Allen Ho

Partner Technology Manager | Microsoft Hong Kong

View Bio

Barany Mok

Senior Systems Engineer, Network & Security | VMware

View Bio

Charles Mok

Legislative Councillor (Information Technology) | HKSAR

View Bio

Disney Cheng

Senior Solution Architect | APAC, Tenable Inc.

View Bio

Don Fung

Senior Channel Systems Engineer | Nutanix

View Bio

Ian Christofis

Founding Board Member | Cloud Security Alliance Hong Kong & Macau Chapter

View Bio

Jeff Chen

Senior Consultant, Greater China and Korea sales engineering team | Thales CPL

View Bio

Joseph Ling

Senior Solutions Architect | nCipher Security

View Bio

Katie Lewin

Federal Director | Cloud Security Alliance

View Bio

Mary Ellen Condon

Former Chairperson of the Security Committee of the Identity Ecosystem Steering Group, USA

View Bio

Osemeke Isibor

Partner Solutions Architect | AWS

View Bio

Rik Ferguson

Vice President Security Research | Trend Micro

View Bio

Sunny Au

Solutions Engineer | Cloudflare, Inc.

View Bio

Tony Lee

Head of Consulting, Hong Kong and Macau | Trend Micro

View Bio

Sponsors

Hosted by:

Gold sponsors:

Supporting Organisation:

Convention & Exhibition Center
Hong Kong

27th August
Tuesday

Hong Kong Convention & Exhibition Center

27th August Tuesday

Conference

Event Speakers

Mary Ellen Condon

Former Chairperson of the Security Committee of the Identity Ecosystem Steering Group, USA

Ms. Condon is a proven and recognized executive leader with a record of success executing program and engagement delivery in both the Federal Government and in the IT industry. She has extensive experience working with a variety of companies both small and large, in both prime and sub roles for opportunities. She has held positions in the Federal IT and Cyber Security arena across a variety of Civilian Federal Agencies, was a founding member of the Federal CIO Council, and has chaired significant cross agency initiatives focused on improving program management and systems delivery.

Conference

Event Speakers

Anqing Jiao

Solutions Engineer | Cloudflare, Inc.

Anqing is an engineer from enterprise solution group at Cloudflare where he works with large customers to help them manage their network edge. His work focuses on TLS, DDoS Mitigation, Web Application Firewalls, HTTP, and DNS.
Security is a continual focus of his career, with work ranging from network security to identity management.
Anqing is a graduate of National University of Singapore, where he received a Bachelor of Computing degree in Information Systems.

Conference

Event Speakers

Joseph Ling

Senior Solutions Architect | nCipher Security

Joseph is one of the founding members when nCipher is relaunched as an independent cryptography hardware and solution provider. He provides analysis, consulting, and solutions for global and regional enterprise, banking, and government customers in Hong Kong, Taiwan, China, Macau, Singapore, as well as other Asia Pacific countries.

Joseph is well experienced in working in various large scale technology projects: from ITIL, Mobile Device and Application Security, to Identity and Access Management, API Management, Data Encryption, and Cryptography. He sees the beauty of sophisticated products and solutions, but also understands the difficultly of utilizing them. Bridging the gap between the problem that customers are facing, and the effort of engineers spent on creating the solution, is Joseph’s ultimate goal.

Conference

Event Speakers

Sunny Au

Solutions Engineer | Cloudflare, Inc.

Sunny is Solutions Engineer at CloudFlare Inc, and provides technical and security consultation services to enterprise customers. He has more than 25 years experience in the IT field, and 15 years security and intelligence fields performing security design and engineering, information assurance, secure network design, and security assurance across APAC region.

He is also the CCIE holder and has number of cyber security certificates from various of vendors and organisations.

Conference

Event Speakers

Disney Cheng

Senior Solution Architect | APAC, Tenable Inc.

Disney Cheng is Tenable’s Senior Solution Architect for the Asia Pacific Region. He evangelizes the criticality of vulnerability assessment, importance of Cyber Exposure, vulnerability management, and thorough security monitoring as part of an organization’s enhanced security posture.

Disney has more than 15 years of experience in the information technology industry, with expertise in information security. He has led and participated in a wide array of IT security projects and solutions such as remote penetration tests, security assessments, network security and content security solutions across various counties in APAC, including Hong Kong, Singapore, China, Taiwan, Japan and Australia.

Conference

Event Speakers

Tony Lee

Head of Consulting, Hong Kong and Macau | Trend Micro

Tony Lee is the Head of Consulting at Trend Micro – a global leader in cyber security solutions. He is responsible for the provision of security advice and solution consultation for large scale IT users and key channel partners in Hong Kong.

Tony has more than 12 years experiences in strategic planning and requirements analysis, with special focus on cloud security deployment, cyber threats response and emerging technologies analysis. As a technology evangelist for Trend Micro, he has been acting as a high profile speaker for major industry events in the region, specialized in evolving cyber threats such as ransomware and APT attacks.

Tony is a graduate of the Hong Kong Baptist University, where he received a Bachelor of Science degree in computer science.

Conference

Event Speakers

Barany Mok

Senior Systems Engineer, Network & Security | VMware

Barany has more than 15 years of experience in telecom and technology sector, a CCIE holder, focusing IP/MPLS/SD-WAN/Cloud/virtual networking, infrastructure/application performance monitoring, deep inside packet analysis up to application delivery. Barany is keen on transforming technology into the real customer use cases with qualitative business outcomes. He is now focusing on helping customers and partners to architect the virtual cloud networking solution by integrating different VMware network and security products includes NSX Data Centre / SD-WAN / AppDefence / NSX Cloud / HCX and upcoming NSX Service Mesh. Prior to VMware, Barany has been holding different technical leading positions in Riverbed, Cisco Systems, RiverStone Networks and Hong Kong Telecom.

Conference

Event Speakers

Charles Mok,

Legislative Councillor (Information Technology) | HKSAR

Charles Mok is the Legislative Councillor representing the Information Technology Functional Constituency. He has been serving the ICT industry for more than 20 years.

He is currently the Vice Chairman of the Professional Commons, Honorary President of the Hong Kong Information Technology Federation and Founding Chairman of the Internet Society Hong Kong.

Charles is active in public services with a view to upholding the core values of Hong Kong of which include democracy, liberty, human rights, rule of law and integrity, and is serving on various advisory bodies in the Hong Kong government, Hospital Authority, WKCDA, and higher educational institutions etc.

Charles graduated from Purdue University in the United States with his Bachelor and Master degrees of Science in Computer and Electrical Engineering.

Conference

Event Speakers

Rik Ferguson

Vice President Security Research | Trend Micro

Rik Ferguson, Vice President Security Research at Trend Micro, is one of the leading experts in information security. He is also a Special Advisor to Europol’s European Cyber Crime Centre (EC3) and an advisor to the European Union. In April 2011 Rik was inducted into the Infosecurity Hall of Fame.

As a presenter at global industry events such as RSA, Mobile World Congress, Milken Institute, Virus Bulletin, RUSI and the e-Crime Congress, Rik addresses the challenges posed by emerging technology and online crime. He is frequently interviewed by the BBC, CNN, CNBC, Channel 4, Sky News and Al-Jazeera English and is quoted by national newspapers and trade publications around the world.

Rik is actively engaged in research into online threats and the underground economy. He also researches the wider implications of new developments in the Information Technology arena and their impact on security, both in the enterprise and for society as a whole, publishing papers, articles, videos and participating in thought-leadership initiatives

With twenty-five years’ experience in information security, Rik has been with Trend Micro since 2007. Prior to assuming his current role, he served as Security & Privacy Infrastructure Specialist at EDS where he led the security design work for government projects related to justice and law enforcement and as Senior Product Engineer at McAfee focused on network security, intrusion prevention, encryption and content filtering.

Rik Ferguson holds a Bachelor of Arts degree from the University of Wales and has qualified as Certified Ethical Hacker (C|EH), Certified Information Systems Security Professional (CISSP) and Information Systems Security Architecture Professional (ISSAP).

Conference

Event Speakers

Osemeke Isibor

Partner Solutions Architect | AWS

Osemeke Isibor is a Partner Solutions Architect at AWS. He works with AWS Partner Network (APN) partners to design secure, highly available, scalable and cost optimized solutions using AWS services along with partner solutions on the AWS cloud around customer objectives to deliver quantitative results.

Conference

Event Speakers

Ian Christofis

Founding Board Member | Cloud Security Alliance Hong Kong & Macau Chapter

Ian Christofis is a founding board member of the Hong Kong & Macau chapter of the Cloud Security Alliance (CSA), and Managing Principal Consultant with nCipher Security. A specialist in information security, applied cryptography, and personal data privacy, he has over 30 years’ experience, in Australia, Germany and Hong Kong, across a range of industries, including the banking & financial sector and government. Ian is a Certified Information Systems Security Professional (CISSP).

Conference

Event Speakers

Katie Lewin

Federal Director | Cloud Security Alliance

Katie Lewin has served as First Director of the Federal Cloud Computing Program at the General Services Administration, where she was responsible for identifying, developing and delivering methods for agencies to use cloud computing.  GSA’s cloud program includes Apps.gov, cloud-based email, security-as-a-service and data center consolidation.  Prior to this position, she served as chief of staff to the agency’s CIO.  Before joining GSA, Lewin was an information technology consultant at SRA International and Lockheed Martin, where she worked with clients at the Internal Revenue Service, other financial management agencies and the Federal Aviation Administration. She started her federal service career at the Library of Congress and has also worked at the Office of Management and Budget and IRS.  Lewin holds a master’s degree in library and information science from Dominican University and an undergraduate degree in American history from Trinity University.

Conference

Event Speakers

Don Fung

Senior Channel Systems Engineer | Nutanix

Don Fung works as a Senior Systems Engineer at Nutanix for Hong Kong and Macau. Don is responsible in structuring infrastructure and cloud solutions for enterprise customers across industries. He also takes an active role to enable channel partners in providing sales and technical support in commercial sector. Don has got 10+ years of technical and account servicing experience from being a Solution Architect in Global System Integrators including Fujitsu and PCCW. Before joining Nutanix, he led a number of mid to large enterprise projects in IT infrastructure and Cloud.

Conference

Event Speakers

Allen Ho

Partner Technology Manager | Microsoft Hong Kong

Allen is the Partner Technology Manager in One Commercial Partner group of Microsoft Hong Kong. He leads a team of solution architects and technical specialists to focus on helping partners and customers to adopt the three Microsoft clouds – Azure, Microsoft 365 and Dynamics 365 in their solutions.

Allen has over 20 years of experience in IT industry including software development, system and application architecture, consulting and business management in different industries.

Conference

Event Speakers

Jeff Chen

Senior Consultant, Greater China and Korea sales engineering team | Thales CPL

Jeff Chen is Senior Consultant for Thales CPL, Greater China and Korea sales engineering team, focused on assist clients protect their sensitive data with cryptographic and identity management technology. Mr. Chen is specialized in PKI, Data Security, and Authentication. Prior to joining Gemalto in 2015, Mr. Chen spend the prior 12 years at Changing Technology, TWCA, and Mxtran technology, including leading a team to assist enterprise and financial industry to adopt PKI into IT systems. Mr. Chen is a Certified CISSP.

Conference

Event Speakers

Alan Leung

Consultant | Trend Micro

Alan Leung is a Consultant at Trend Micro – a global leader in Cyber Security solutions. He provides Security advice and Technical consultation to Enterprise Customers.

Prior to joining Trend Micro, Alan was a Technology Consultant with more than eight years of IT experience. He has strong technical background in datacentre, cloud and network security.

He also obtained the CCIE and a number of certificates in cyber security from a number of vendors.