The 4th InfoSecurity Summit 2012

Mr. Daniel Lai, BBS, JP
Government Chief Information Officer
The Government of Hong Kong SAR

Daniel Lai is one of the most experienced Information Technology professional in Hong Kong with significant experience in managing IT developments and operations, as well as in professional developments and IT in community. Prior to joining the Government in January 2012, he was the Head of Information Technology at MTR Corporation Ltd. between 1999-2011 and held various senior IT managerial positions with The Hong Kong Jockey Club in Hong Kong and Australia. He is a Distinguished Fellow and was the President of Hong Kong Computer Society and Chairman of Hong Kong CIO Board.

Mr Lai is a graduate of Hong Kong Technical College, Hong Kong Polytechnic University and Griffith University with a Master in Technology Management. He has led many innovative and large scale IT projects and managed large computer installations. He has developed and implemented IT governance, programme and project management, and outsourcing frameworks; and led the very successful IT integration for the merger between MTRC and KCRC.

Mr Lai contributed significantly in promoting and developing the application of IT in Hong Kong and the region, he has held many positions in public services and educational institutions. In recognition of his contribution to the development and promotion of IT in business and community, he was awarded Bronze Bauhinia Star in 2004. His achievements in IT is well recognized and he has received numerous awards including ZDNet CIO of the Year 2006, China Distinguished CIO Award 2007, 2009 IDC Asia CIO of the Year, and 2011 HK CIO Awards for Outstanding Achievements.

Mr. Richard Kershaw
Managing Director, Technology
FTI Consulting

Richard Kershaw is a managing director and leader in the Technology practice of FTI Consulting, based in Hong Kong. He has lived and worked in Asia for over 15 years. Mr. Kershaw is an expert in data forensic strategies and technical processing of Asian languages in complex legal reviews.

Mr. Kershaw experience includes securities and intellectual property litigation, labour disputes and investigations by Hong Kong, US, and EU regulators for clients in a broad range of industries including finance, automotive, logistics, electronics, construction and mining.

Mr. Kershaw is a former High Technology Crime Investigation Association chapter president. He has taught on electronic evidence at the University of Virginia, the University of Glamorgan, Chinese University Hong Kong, and the United States National College of District Attorneys.

Mr. Kershaw holds undergraduate and Masters degrees from the University of Oxford and a First on the University of London postgraduate Japanese diploma course. He is a certified BS 7799 Lead Auditor (Information Security). Mr. Kershaw speaks English and Japanese.

Mr. Peter Koo
Partner, Enterprise Risk Services
Deloitte Touche Tohmatsu

Peter Koo is one of the Practice Builders of our Enterprise Risk Services (Risk Management Consulting) in China and Hong Kong. He leads and manages risk management consulting services in Sarbanes Oxley Attestation/Readiness, Internal Audit, Corporate Governance, Privacy & Security Services, System Processing Consulting and Re-engineering. He is the regional leader of the firm’s eBusiness Security and Certification Authority/PKI consulting services. He also serves the firm’s various industry groups, including the Public Sector, Global Financial Services Industry (GFSI) Group as well as the Technology, Media and Telecommunications (TMT) Group.

Having served the firm in numerous countries, he also led the Internet Security Consulting Services in the West Coast of both Canada and United States of America. Prior to joining the firm, he worked in different internal audit departments within the Federal Government of Canada, with specialization in System Process Consulting and Business Process Re-engineering as well as Risk Management.

Mr Koo is certified to implement WebTrust Assurance Services and is the founder of Certification Authority/Public Key Infrastructure (PKI) initiative for Hong Kong office. He plays a key role in the WebTrust and Certification Authority for CARO compliance standard setting committee for the Hong Kong Institute of Certified Public Accountants (HKICPA).

Professional Qualifications:

Chartered Accountant, Canada (CICA)

Certified Public Accountant, USA (AICPA)

Certified Public Accountant, Hong Kong (HKICPA)

Certified Information Systems Auditor, USA (CISA)

Certified Information Security Manager, USA (CISM)

Certified in the Governance of Enterprise IT (CGEIT)

Certified Internal Auditor, USA (CIA)

Certified Fraud Examiner, USA (CFE)

Certified Risk Professional, USA (CRP)

Certified WebTrust Assurance Practitioner in compliance with AICPA/CICA requirements

Certified Entrust/PKI Specialist

Certified as a lead BS7799 Assessor

Mr. Alex Skilton
Senior Manager
KPMG Information Security

Alex has supported global organisations over the last 14+ years to deliver information security and IT risk management projects and to develop security strategy, governance and organisations in response to increasing regulatory pressures and operational needs. He collaborates with organisations’ senior IT, information security, operational risk and internal audit functions to effectively identify, assess and mitigate risks found within the business and use innovative solutions to support remediation.

Mr. Thomas Parenty
Managing Director
Parenty Consulting Limited

Thomas Parenty, Managing Director of Parenty Consulting Limited (Hong Kong), has twenty five years of experience in the computer security and cryptography fields, including employment with the National Security Agency. He has designed and evaluated the information security protection of numerous national and global systems, including those for banking, electronic commerce, credit card processing, healthcare, and nuclear command and control. In addition, Parenty has designed security features in enterprise applications that are currently used by governments and businesses across the globe.

Mr. Parenty has testified five times before the United States Congress on global competitiveness, national security, law enforcement, and encryption. In addition, he has served as an advisor to the National Academy of Sciences and the President’s Commission on Critical Infrastructure Protection. Harvard Business School Press published Parenty’s book, Digital Defense: What You Should Know About Protecting Your Company’s Assets. His consulting practice currently focuses on the enablement of electronic commerce and the protection of intellectual property in Asia.

Mr. Siu Fai Leung
SVP, Asia Pacific Network & Security Services
Bank of America Merrill Lynch

SF is responsible for the Security Services governance function covering perimeter security, traffic management & content management platforms for Bank of America Merrill Lynch in the Asia region. Throughout the years he has been actively involved in network integration & segregation activities in merger with Security Pacific Bank, Nations Bank, Fleet Boston as well as divestiture of BAC retail banking business in Asia to ABN ARMO & China Construction Bank.

Prior to the current position he has also run the Unix team, email team, IT risk governance function as well as the data network in Bank of America.

Mr. Steve Tunstall
Head of Corporate Risk Management
Cathay Pacific Airways

Employed by Cathay Pacific Airways in charge of corporate risk (risk, legal, compliance and insurance) for the group which includes three airlines, catering, ground handling and a laundry business. He also provides specialist support to the rest of the Swire group.

Steve is a risk and business management expert with over twenty years experience in running companies and helping them change - often in challenging circumstances. He has held the post of managing director or equivalent for four companies in four countries. With experience in a dozen countries in Asia as well as the EU, Africa and the USA he brings a broad based approach to the management of both risk and opportunities.

Mr. Micky Lo
Director, Information & Technology Risk Governance, EMEA & APAC regions
Deutsche Bank AG

Over 20 years of IT experience in Financial Service Industry that spans across a diversified IT management disciplines including regional and location management, IT and security architecture, distributed computing engineering, technology infrastructure operation, outsourcing/in-sourcing management, IT risk management and technology audit.

Micky's currently manages the extended arms of Global Information & Technology Risk Governance (I&TRG) for EMEA and APAC regions. He holds the end-to-end responsibility from defining policies and procedures to implementing control processes (e.g. self assessments and mitigation programmes) in I&T Risk/Security and drives a consistent I&T risk governance framework across the Bank. The Regional Teams provide guidance to their respective regional businesses and Global Technology Organization in the application of I&T Security related policies and regulatory requirements, and assist them in their effort to identify and manage these risks.

Micky has held various management positions in IT risk, Infrastructure management and Audit with JPMorgan and Citibank prior to his current role.

Mr. Michael Janich
CIO
Fleet Management

Michael Janich lives in Hong Kong since 1995, worked for IDC, ZiCorp, Merrill Lynch and served RawMart.com from September 1999, a global raw material trading portal, as Chief Technology Officer. In 2001 he moved to its parent company, the Noble Group as Chief Technology Officer. Michael left the group at the end of 2003 to further his education with a PhD degree in plant molecular biology at The University of Hong Kong. He rejoined the Noble Group in 2007. Mr. Janich won twelve awards for software projects. In 2011 he joined a former sub-division of Noble Group, Fleet Management Ltd. in the role of CIO.

Mr. King Lee
CIO, Growth & Operations
GE

Mr. SC Leung
Senior Consultant
HKCERT

Mr. SC Leung is currently the Senior Consultant of the Hong Kong Computer Emergency Response Team Coordination Centre, supervising the security incident response team and coordinating with local and overseas parties. He has 20 years of working experience serving banking, Internet solution provider, telecommunication and the consultancy industries.

SC Leung holds several information security designations including CISSP, CISA and CBCP. He is a frequent speaker in promoting information security awareness. He had been invited to speak for Hong Kong Monetary Authority, Hong Kong Police Force, Government departments, schools and local non-governmental organizations, while he had also spoken in overseas conferences of the ISC2, APECTEL, CNCERT/CC of China and National University of Singapore. He was awarded in 2007 by (ISC)2 a honouree of the Asia-Pacific Information Security Leadership Achievement, to praise his contribution to product neutral security awareness to the public.

He is the Chairperson of Internet Society Hong Kong. He was the Founding Chairman of Professional Information Security Association (PISA) in Hong Kong. He is also serving as board member of Cloud Security Alliance Hong Kong and Macau Chapter and program committee of PISA. His interests include Cloud Security, Cybercrime Prevention, Botnet Detection, Cyber Security Drill, Disruptive Computing, Internet Governance and Internet Freedom and Privacy. He can be reached by email at scleung@hkcert.org.

Mr. SH Lim
Head of Information Security Function
Hong Kong Jockey Club

Mr. Lim Shih Hsien is currently heading the information security function of the Hong Kong Jockey Club (HKJC). He is responsible for the development and implementation of its information security roadmap, and for ensuring the HKJC’s information security polices, standards, guidelines and processes are appropriately enhanced, communicated, and applied. He is also tasked to identify new technology risks and ensure that effective mitigation measures are implemented.

Shih Hsien started his professional career in the public IT sector in the 1990’s and moved into information security in 2002. He has held positions in IT, information security and strategic information security planning with the Infocomm Development Authority of Singapore, Singapore Airlines and Singapore’s Ministry of Health (MOH).

Prior to joining the HKJC, Shih Hsien was the Director, Identity & Security Services of the MOH Holdings P/L. He was responsible for developing the security technical architecture, policies and processes for public healthcare programs, in particular Singapore’s National Electronic Health Record (NEHR).

Mr. Frank Law
Chief Inspector and Head of Computer Forensics
Hong Kong Police Force

Frank has been working in the Hong Kong Police Force since 1998, and has been involved in technology crime related policing since 2001. Frank is now the head of computer forensics for the Technology Crime Division, in charge of three teams concerning the areas of digital investigation and digital evidence retrieval. Outside of the Hong Kong Police Force, he is currently the President of the High Technology Crime Investigation Association (HTCIA) Asia Pacific Chapter.

Frank has been responsible for facilitating IT crime investigation and computer forensics training programs on behalf of the Interpol Expert Group on IT Crime (Asia and South Pacific), and has led regional training programs in Korea, Japan, Australia, Thailand and Fiji. He has also delivered presentations at many international computer crime related conferences. In 2009, he has been awarded with the "Information Security Leadership Award" by (ISC)2 in recognition of his outstanding leadership and achievements in workforce improvement of information security professionals in the Asia-Pacific region.

Frank is a CISSP and holds a PhD in Computer Science. His research interests include live systems forensics, digital forensics and digital timestamp analysis.

Dr. Walter S. L. Fung
Teaching Fellow, Department of Computing
Hong Kong Polytechnic University

Walter teaches B.Sc. and M.Sc. subjects in Information Systems Audit, Customer Relationship Management, IT & Logistics. His area of interest is knowledge management and information security integration. Before entering into academic sector, he has some 20+ years experience working for various international companies such as Thomas Cook, Henkel, Taifook Securities, and Kuoni. His duty was to look after these companies' local and Asia Pacific infrastructure, information & risk security, and general IS management.

Walter has a B.Sc. in computer engineering from Iowa State University, a M.Sc. degree from Warwick University (with distinction), and Engineering Doctorate (EngD) degree from City University of Hong Kong. He is a member of IEEE, as well he is a Fellow of British Computer Society (FBCS).

Mr. Dale Johnstone
Security and Risk Management
Hospital Authority

Dale is a Energetic and innovative leader with over 20 years experience in CSO/CISO roles involving information assurance, information security management, risk management, corporate governance and compliance practices.

Specialist in the development of information security strategies, business value-added integration of information security, deployment/management of efficient/effective information security controls and advisor on privacy/legal/regulatory issues.

Strong depth of international experience and educational qualifications in effectively engaging/building key stakeholder relationships and ensuring an acceptable residual risk level of information security assurance and compliance.

Mr. Chris Smith
Head of Security and Fraud Risk
HSBC

Chris Smith has spent more than 25 years in the corporate security environment, in the UK, Africa, Europe and the Middle East. He has worked for international hotel groups and financial institutions. His current role at HSBC, as the Head of Security and Fraud Risk for Asia Pacific, involves financial crime risk management, physical protective security, business continuity management, security intelligence and information risk management. He is a Steering Group Member of the Asia Crisis and Security Group, Past Co-Chairman of the Asia Sister Banks Group, Past Chairman of the OSAC for Hong Kong & Macau, a member of ASIS International and a Fellow of the Security Institute of the UK. He is a Board Certified Protection Professional and has a master’s degree in crime risk management.

Mr. Fuller Yu
VP, Resiliency and IT Risk Management
JP Morgan Chase

Fuller's major responsibility is to lead and execute the enterprise information risk agenda Including IT control governance, risk assessment and security solutions. He has more than 13 years of experience in managing information risk programs in financial industry across the different Asian countries.

Before joining J.P. Morgan, Fuller had Application Development Management role in PCCW to implement its first generation of NOW TV interactive application portal in Hong Kong.

Fuller gained his MBA and Master in Information Systems Management from HKUST. He is also a Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP).

Mr. Vikalp Shrivastava
Information Security Head
Melco Crown Entertainment

Vikalp Shrivastava is heading information security division of Melco Crown entertainment (MCE) limited (http://www.melco-crown.com) which have offices mainly in Macau and Hong Kong, Vikalp joined the organization in 2008 and built entire information security framework to use the best security possible for the company, he implemented the ISO27001 framework and MCE became the first Casino organization in the region which got ISO27001 certification in the year of 2009 for its casino and resort property City of Dreams (http://cityofdreamsmacau.com) at Macau.

With the rich experience of 15+ years into information technology and security. Vikalp helped numerous organizations to use technology securely for business benefits, in different business lines like petroleum pipeline construction / Internet service providers (ISP) / Telecom / NEWS and Media / Direct to home (DTH) / Software development companies / Entertainment (Casino & Hospitality). Vikalp hold dual master’s degree in IT & Telecom and Geology and several certifications in the field of IT & Information Security. He always love to encourage new technologies and concepts which are practical and help business of the organization securely and flexibly.

Mr. Lewis Tam
Head of Information Security
Ping An Insurance (Group) Company of China

Mr. Lewis Tam is the Head of Information Security of Ping An Insurance (Group) Company of China, which is the first integrated financial services conglomerate in China with diversified business profile including insurance, commercial banking, securities brokerage, trust and investment, asset management and corporate pension, since November 2007.

Lewis has over 25 years’ international experience in risk management, information technology and project management, specializing in the banking and finance industry. In particular, Lewis directs information security strategies for enterprises for more than a decade, and received the Information Security Leadership Achievements honor from (ISC)² in 2009.

Lewis previously served as a Vice President for Bank of America, and headed a number of different functions including Information Security, IT Compliance, Technology Risk Management, Internal Control and Project Management. Prior to this, Lewis was the Principal IT Auditor and also leaded the worldwide financial system development for American Express. While most of these assignments were with regional responsibilities, Lewis has offices based in different countries including China, Hong Kong, and Australia.

Mr. Iolaire McKinnon
Director - Security Consultancy
UBS AG

Having worked up from the trenches through a wide variety of IT roles in the financial services, government and online gambling sectors, Iolaire has extensive practical knowledge of e-commerce technologies, data security and IT operational management. With UBS since 2011, representing the global Security Consultancy division in Asia-Pacific.

Mr. Jerome Walter
Chief Security Officer, Asia Pacific
Natixis

Mr. Martin McKeay
Akamai Security Evangelist, Security Intelligence Team
Akamai Technologies

Martin McKeay is a Security Evangelist at Akamai, joining the company in 2011. As a member of Akamai's Security Intelligence Team, he is responsible for researching security threats, customer education and industry intelligence. With over a decade of experience in the security space and five years of direct Payment Card Industry work, Martin has provided his expertise to hundreds of companies. He is the author of the Network Security Blog and host of the weekly Network Security Podcast.

Mr. Vic Mankotia
Vice President, Security Sales, Asia Pacific & Japan
CA Technologies

Vic Mankotia is vice president for Security Sales for Asia Pacific. In this capacity, he is responsible for growing CA Technologies security business portfolio in the Asia Pacific markets.

Vic is a veteran in the software industry with more than 15 years of experience. An established sales leader with a strong track record in building the security software business in Asia Pacific and Japan, he has demonstrated his expertise in fostering strong customer relationships and linking sales teamswith business units to ensure that security offerings are built around customer needs, including those in developing markets with managed service providers.

Prior to joining CA Technologies, Vic spent ten years with Symantec Corporation where he held various sales leadership positions. His last role was vice president of Security for Asia Pacific and Japan, where he was responsible for the delivery of Symantec’s security solutions across the region. He also served as the vice president of Emerging Solutions where he led the Asia Pacific and Japan Pre – Sales Engineers and the Strategic Global Partners, and successfully developed five lines of business with market ready solutions from over 30 Symantec acquisitions.

Vic has numerous industry affiliations and qualifications from the Information Systems Audit and Control Association (ISACA) and Australian Institute of Management. He also has credentials in Supply Chain Management. Vic has successfully completed elite programs with Right Management on Leading at the Speed of Trust, and the Holden Groups Power Base Selling Program from IL, USA. He is currently pursuing another Masters in Business Administration from the Royal Melbourne Institute of Technology, in Global Business Context.

He currently resides in Melbourne, Australia with his family in a semi-rural community when he is not visiting clients and partners across the geography.

Ms Mei Huang
Senior Product Manager of Network Security Appliances
Cisco Systems

Ms. Mei Huang is Senior Product Manager of Network Security Appliances at Cisco Systems. She has been working in networking and security for 13 years, and is familiar with data center and campus network designs.

Mr. Gab Gennai
Strategic Products Evangelist – APAC
HP Enterprise Security

Gab has more than 25 years of experience in the IT industry servicing customers in Australian and around Asia Pacific. He began his career as customer facing but for the last 18 years his skills have taken him to the vendor space covering 3270/5250/UNIX emulation, Mainframe Middleware Technologies, Security and SIEM.

Gab joined ArcSight (now HP Enterprise Security) in October 2008 as a Senior Technology Specialist. He was employee number 2 in ArcSight Asia Pacific. With his expertise in Security & SIEM, Gab worked closely with his Country Manager to establish the ArcSight business and led it to become the leader for SIEM and Log Management in the ANZ region, all within a short 3 year period. His successes led him to take on a new role as the Strategic Products Evangelist within APJ for HP Enterprise Security, delivering key messages and vision on HP’s new & emerging Security Products together with creating stronger ties back into Product Management and Development.

Before joining ArcSight, Gab worked at RSA where he was the lead SIEM specialist for Australia and New Zealand. He took a zero market to over achieving in its first year of operation.

Prior to RSA Gab led the Pre-Sales team at Attachmate working primarily with SNA and 3270 emulation, that eventually led Gab into a more strategic position of Business Solutions Specialist for their Mainframe and Mid-Range Middleware products. Gab’s role extended outside of Australia often reaching Indonesia, Singapore, Hong Kong and Japan.

Mr. John Mak
Sales Engineering Manager, North Asia
Riverbed Technology Inc.

John graduated in The University of Sheffield in the UK, and started his career as a Telecom Engineer in Hong Kong Telecom (now PCCW) in 1993.

He switched into the IT and networking industry in 1996 and worked in various companies including Anxiter, Nortel and Bay Networks as pre-sales consultant. In 1998, he joined Cisco and served various technical consulting, management, business development and solution architect roles for various vertical segments including enterprises, service providers, and real estate verticals.

After serving more than 10 years in Cisco, John joined Riverbed as the Sales Engineering Manager for North Asia covering Korea and Greater China regions. He successfully grew the WAN Optimization market in North Asia and being perceived as trusted advisors of many enterprise customers in his territories.

Mr. Ng Sheung Chi
Security Consulting Manager, CISSP, CISA
SafeNet Asia Ltd.

Sheung-chi has joined SafeNet since 2005. He possesses solid knowledge in both mobile and internet security from solution development/architect to system review/analysis.

Prior to SafeNet, he took Technical Consultant role in several multi-national IT security vendors like Betrusted (now Verizon) and PrivyLink. Previously, He was research engineer in the New Concept Implementation Group of Nokia Research Center in Finland to participate in developing one of the world first testbeds for 3rd Generation wireless communication system.

He got a very broad IT security knowledge from user authentication, device authentication, file protection, end-to-end transaction security, database encryption and storage encryption, key management, virtualization to cloud security. He participated in a lot of IT solution security review and design/implementation for government and financial institutions across Asia Pacific.

He received the Bachelor of Engineering degree and Master of Philosophy degree, all from Electrical an Electronic Engineering department in The Hong Kong University of Science and Technology. He also received a Diploma degree of Information and Internet security from The City University of Hong Kong. He is now a Certified Information Systems Security Professional (CISSP) and Certified Information System Auditor (CISA).

Mr. Dickens Lee
Technical Manager
SonicWALL, Inc.

Dickens Lee is Technical Manager of North Asia at SonicWALL. He is emphasizing on the market of Hong Kong, China, Taiwan and Korea. Prior to joining SonicWALL Corporation, Dickens was employed by several tiptop technology companies. Over 15 years experience in IT industry, he has vast experience on IT advisory, solution design and project management. He has rich deployment experience on Manufacturing, Banking & Finance, Universities, Telecom and Government.

Mr. Ricky Ho
Regional Director, APAC
SSH

Ricky Ho, the Regional Director of SSH Communications Security covering Asia Pacific region, is responsible for business development within the region.

Prior to his position at SSH, Ho has a strong background in information security. Ho was the Regional Director of McAfee covering Hong Kong, Taiwan and Macau since 2009. In his role, Ho was responsible for developing sales and marketing strategy, expending regional channel community and managing customer satisfaction in Hong Kong and Taiwan. Before joining McAfee, Ho was at TippingPoint and Fortinet as Managing Director, mainly managing the business units within Hong Kong and Macau. Ho also served as Country Manager of NetApp for five years.

Ho received a Bachelor degree in Science and Business with honors, from University of Waterloo in Waterloo, Canada.

Mr. Gareth Bridges
Business Manager, Security and Emerging Technologies, Greater China
Symantec Hong Kong Limited