[Webinar] How to Handle Cyber Risks Effectively

Overview

Cyber risk is a real threat to organisations. The recent Annual Global CEO Survey (January 2022) from one of the big four accounting firms revealed that about 50% of CEOs are very and/or extremely concerned about cyber risks. All of us, including the regulators, are aware that cyber incidents are at the rise in recent years, causing financial and reputational damage. This has become more severe in the past few months given the global instability. As all SFC Licensed Corporations (LCs)are holding extensive customer data and most are also providing internet trading, senior management has an urgent need to handle and comply with regulatory cyber risk requirements.

Objective

By the end of this webinar, participants will understand the dynamic cyber threat landscape globally and locally, why and how this is happening and questions LCs should consider mitigating cyber risks. They will also learn the SFC expectations on internal controls over cyber security, how cyber risks should be covered under the 3 lines of defense, and areas to consider in periodic assessments.

Content

1. Update of latest cyber threats landscape in Hong Kong and lessons learned therefrom; and
2. Update of regulatory expectations on cyber security/technology risks

Who should attend

Senior management such as responsible officer, manager-in-charge, director, CIO, CTO, CISO, CCO, as well as compliance officer, risk specialist, IT control officer, security officer, IT auditor, operation staff, academia and anyone who would like to know more about cyber risks.

Speaker/Course Instructor

Kok Tin GAN

Kok-Tin is a Partner in PwC’s Cyber Security & Privacy practice with over 17 years of experience. He is also the founder of PwC’s Darklab and Hackbot and is currently the Vice Chairman of ITSMf HK Chapter and the member of security committee of Fintech Association of HK. Kok-Tin’s key areas of expertise and experience include Cyber security strategy, framework, IT security framework, application security and data security, secure development life cycle, DevSecOps, Cloud security, IT risk, security / technology architecture and white hat hacking. Kok-Tin has co-authored a number of cyber security and technology risk related guidelines for the Regulators in the Asia Pacific Region.

Kok-Tin has led ~300 small to large size of security assessment / transformation engagements and has worked across different continents including, Asia, America, Europe and Africa. Kok Tin is a TED talk speaker and he also founded a dot.com company during his early days of his career.

Jenny YIP

Jenny is a Partner with the Risk Assurance practice of PwC in Hong Kong. She has over 16 years of experience in business process and technology review, regulatory compliance audit and internal control advisory services, specializing in the financial services industry. Jenny performs multiple internal controls and compliance advisory services for SFC Licensed Corporations with type 1, 2, 4, 6, 9 licences on both business and IT processes, including areas such as sales and trading, risk management, technology risk management, electronic trading, pre trade and post trade controls, margin financing, sponsor due diligence, eKYC, AML, FATCA and CRS, etc.

Jenny participated in industry-wide thematic regulatory inspections on behalf of financial services regulator, and has involved in drafting guidelines and circulars for regulators in Hong Kong and China.

Details

Code

TSBFT22000401

Date & Time

Friday, 17 Jun 2022 (12:20PM - 1:20PM)

Venue

Virtual Platform

Relevant Subject

Type 1 - Dealing in securities

Type 2 - Dealing in futures contracts

Type 3 - Leveraged foreign exchange trading

Type 4 - Advising on securities

Type 5 - Advising on futures contracts

More

Language

English

Hours

SFC:1.00, PWMA:1.00