Publications and Press Releases - Speeches and Presentations

Office of the Government Chief Information Officer, The Government of the Hong Kong Special Administrative Region

	Publications and Press Releases > Speeches and Presentations

Opening Speech by Mr. Howard C Dickson, Government Chief Information Officer, at the Information Security Summit 2007
05 December 2007

Mr. (Wilson) Fung, Distinguished Guests, Ladies and Gentlemen,

Good morning! It is my great pleasure to give the opening speech for the Information Security Summit 2007. This is one of the key events of information security in Hong Kong for the industry stakeholders to share their expertise and professional views. Today we shall have several honorable speakers sharing with us their experience and knowledge on the evolution, trends and latest development of information security. We may take this valuable opportunity to enrich and refresh our professional knowledge in these areas.

Security Threats of the New Internet Age

Information and Communications Technology (ICT) plays a central role in the creation, distribution, diffusion, use and manipulation of information. A popular, and often criticised, buzzword nowadays amongst the technical and marketing communities is Web 2.0. Web 2.0 is supposed to describe the Internet as a social and collaborative network, where everyone and everything is connected through all means of available devices. The current explosion in the proliferation of easy-to-use and low-cost methods of self-publishing ranging from blogging to multi-media sharing web applications, have turned normal Internet users from information consumers into content providers.

Myspace, Youtube and Wikipedia are some of the Web 2.0 websites with top hit rates. Facebook, the fastest growing social networking website, is reported to have more than 50 million registered users. Despite the popularity and the potential value of these applications, we should not overlook the security issues. Many people using social networking websites have posted confidential or personal information such as phone number, address or email on their online profile, making them vulnerable to identity fraud. Internet users must think twice before posting any personal information onto these websites.

We see that Web 2.0 technologies and applications are also increasingly being used by organisations for better staff collaboration and communication. But if not properly managed and controlled, employees may unintentionally reveal corporate sensitive information through blogging or some open user communities. According to Gartner, Web 2.0 risks are manageable, but only if enterprises engage security early in the process and build a solid foundation to support Web 2.0, while limiting the risks.

Advices to Organisations and the Public

Information security is not optional for running a business. I advise enterprises to tighten their security measures by formulating a set of security policies, guidelines and good practices; define the roles of the responsible persons; develop their business continuity plan and recovery plan, work out incident response mechanism, etc. Above all, "people" is a major element for the success in the implementation of any security measures. Appropriate training and periodic reminder are required to promote staff awareness on the importance of data protection in the organisation.

The current Internet environment is characterised by an increase in data theft, data leakage, and the creation of targeted, malicious code for the purpose of stealing confidential information that can be used for financial gain. To ensure the compliance of the security measures, it is necessary for organisations to carry out regular security assurance programmes, such as information security risk assessment and audit. I am glad that "Compliance" is one of the main themes of today's Summit and a lot of useful and up-to-date information will be offered to the participants.

What Government has done?

Government is keen to provide necessary support to the community in fighting against the cyber attacks as well as cyber crimes. We provide a good resource pool for the related information in our one-stop information security portal for public access. We keep reaching out to the community through collaboration with the IT industry and professional bodies to organize public education and promotion activities such as seminars, conferences and exhibitions.

This year we can see continuous growth and adoption of IT in Hong Kong. There is a market demand for more efficient, innovative, affordable and user-friendly products and services. The Government has announced the GovWiFi Programme which will enable public free access to Wi-Fi facilities at about 350 Government premises. On the security aspects, the Government had published in October a set of Security Guidelines for reference by public Wi-Fi service providers. The Government had also launched a new thematic website on e-Authentication in October to promote the public awareness of the risk of identity theft in the cyber world.

In the 2008 Digital 21 Strategy that we are going to publish soon, we have also placed great emphasis on the information security aspects in order to develop Hong Kong as a hub for technological cooperation and trade.

Conclusion

Next year, Hong Kong will host the Equestrian Events of the Olympics, a topic which Dr. Du will talk with us in just a minute. The Government will provide our full support to this event in various aspects including cyber security.

Finally, I would like to take this opportunity to appeal to everyone here, as individual or corporate users, it is the responsibility of all of us to be in charge of protecting our own information assets, and we should follow every best security practices when using all kinds of Information and Communication Technology.

I wish you will all find this Summit rewarding and have an enjoyable and fruitful day.

Thank you.

- END -

Top

2003

| Important notices | Privacy Policy

Last review date : 31 August 2008