[Webinar] How to Handle Cyber Risks Effectively


Cyber risk is a real threat to organisations. The recent Annual Global CEO Survey (January 2022) from one of the big four accounting firms revealed that about 50% of CEOs are very and/or extremely concerned about cyber risks. All of us, including the regulators, are aware that cyber incidents are at the rise in recent years, causing financial and reputational damage. This has become more severe in the past few months given the global instability. As all SFC Licensed Corporations (LCs)are holding extensive customer data and most are also providing internet trading, senior management has an urgent need to handle and comply with regulatory cyber risk requirements.


By the end of this webinar, participants will understand the dynamic cyber threat landscape globally and locally, why and how this is happening and questions LCs should consider mitigating cyber risks. They will also learn the SFC expectations on internal controls over cyber security, how cyber risks should be covered under the 3 lines of defense, and areas to consider in periodic assessments.


1. Update of latest cyber threats landscape in Hong Kong and lessons learned therefrom; and
2. Update of regulatory expectations on cyber security/technology risks

Who should attend

Senior management such as responsible officer, manager-in-charge, director, CIO, CTO, CISO, CCO, as well as compliance officer, risk specialist, IT control officer, security officer, IT auditor, operation staff, academia and anyone who would like to know more about cyber risks.

Speaker/Course Instructor

Kok Tin GAN
Kok-Tin is a Partner in PwC’s Cyber Security & Privacy practice with over 17 years of experience. He is also the founder of PwC’s Darklab and Hackbot and is currently the Vice Chairman of ITSMf HK Chapter and the member of security committee of Fintech Association of HK. Kok-Tin’s key areas of expertise and experience include Cyber security strategy, framework, IT security framework, application security and data security, secure development life cycle, DevSecOps, Cloud security, IT risk, security / technology architecture and white hat hacking. Kok-Tin has co-authored a number of cyber security and technology risk related guidelines for the Regulators in the Asia Pacific Region.

Kok-Tin has led ~300 small to large size of security assessment / transformation engagements and has worked across different continents including, Asia, America, Europe and Africa. Kok Tin is a TED talk speaker and he also founded a company during his early days of his career.
Jenny YIP
Jenny is a Partner with the Risk Assurance practice of PwC in Hong Kong. She has over 16 years of experience in business process and technology review, regulatory compliance audit and internal control advisory services, specializing in the financial services industry. Jenny performs multiple internal controls and compliance advisory services for SFC Licensed Corporations with type 1, 2, 4, 6, 9 licences on both business and IT processes, including areas such as sales and trading, risk management, technology risk management, electronic trading, pre trade and post trade controls, margin financing, sponsor due diligence, eKYC, AML, FATCA and CRS, etc.

Jenny participated in industry-wide thematic regulatory inspections on behalf of financial services regulator, and has involved in drafting guidelines and circulars for regulators in Hong Kong and China.


Date & Time
Friday, 17 Jun 2022 (12:20PM - 1:20PM)
Virtual Platform
Relevant Subject
Type 1 - Dealing in securities
Type 2 - Dealing in futures contracts
Type 3 - Leveraged foreign exchange trading
Type 4 - Advising on securities
Type 5 - Advising on futures contracts
SFC:1.00, PWMA:1.00