Opening Remarks by Ir Tony Wong, JP, Government Chief Information Officer, at the “ISACA China Hong Kong Chapter Annual Conference 2023” (with photos)

Eugene (Mr Eugene HA, President of ISACA China Hong Kong Chapter), Simon (Mr Simon CHAN, Chairman of Hong Kong Cyberport Management Company Limited), Duncan (Hon Duncan CHIU, Legislative Council Member (Technology & Innovation Constituency)), Prof WONG (Prof Hon William WONG Kam-fai, Legislative Council Member), distinguished guests and speakers, ladies and gentlemen,

Good morning! It is my honour to join you all today at this year’s ISACA China Hong Kong Chapter Annual Conference. In a highly-connected world where we depend on the digital technologies more with every passing day, cybersecurity has never been more close to every one of us. The proliferation of digital devices, the Internet of Things (IoT), and the growing reliance on smartphones and cloud computing have all created new avenues for cyber criminals to exploit and wreak havoc. As we gather here today, I am sure that we are all aware of the potential hazards that cyber attacks can cause to our organisations, both in terms of financial loss and reputational damage. So the question is: what can we do to fend off potential cyber threats while maintain our competitive edge as an international Innovation & Technology (I&T) centre?

As cyber threats are growing and becoming more dangerous, we have to put in place effective risk management measures. We cannot avoid cyber security risks, but we can tackle them more effectively through embracing the power of technology.

The adoption of new technologies such as artificial intelligence, big data analytics, and machine learning are playing an increasingly important role in protecting digital assets and information. For example, enormous data like system or transaction log records could be analysed automatically in a real-time manner for early identification of potential security risks. The automation can not only enable organisations to respond quickly to potential threats, but also enhance the accuracy of threat detection and minimise the impact of security breaches. Through AI, big data analytics and applications of risk management, we can also enhance cybersecurity risk awareness and adopt a more proactive, collaborative, and resilient approach to manage the ever-changing cyber environment.

Utilising innovative solutions to tackle cyber security threats is definitely one of the areas we wish to collaborate with the industry. As such, the Smart Government Innovation Lab (Smart Lab) has been set up by my Office to encourage and facilitate wider adoption of I&T in government departments, and promote active participation of industry players to assist government departments in adopting various innovative solutions to improve public services and enhance cyber security.

In face of the growing cyber threats, the need for a fast and efficient response is crucial. The Security Orchestration, Automation, and Response (SOAR) empowers organisations to seamlessly coordinate, execute, and automate tasks among different parties, all within a single and unified platform. It allows security teams to better manage and tackle threats in a more efficient and effective manner. By integrating with other security solutions, such as Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and Security Information and Event Management (SIEM), it enables security teams to enhance the ability to respond to a wide range of threats swiftly.

In the ongoing battle against cyber threats, collaboration and intelligence sharing are critical components of a proactive security strategy. Sharing of cyber threat intelligence is the key to break down silos in organisations which used to keeping their threat intelligence to themselves. To promote closer collaboration against cyber attacks and sharing of cyber security information among local information security stakeholders, my Office and the Hong Kong Internet Registration Corporation Limited (HKIRC) have jointly administered the “Cybersec Infohub” partnership programme. It provides a platform for machine-to-machine sharing of cyber threat intelligence of the participating organisations. The platform also enables organisations to share information on threats, attacking vectors, and mitigation strategies in order to ensure a coordinated response to cyber threats. By joining this programme, organisations can pool their resources and knowledge in identifying emerging threats and vulnerabilities more effectively.

While it is true that some enterprises, particularly small and medium-sized enterprises (SMEs), may face resource constraints when it comes to cyber security, the Government has taken measures to address this challenge. We have bolstered the cyber security posture of these enterprises by providing various resources and guidelines. In addition, the Technology Voucher Programme (TVP) provides funding support to local enterprises and organisations in using technology and digital solutions to improve productivity and business processes, as well as upgrading systems to implement cyber security solutions. Moreover, HKIRC provides security scan services for websites with “.hk” domain name, while the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) is regularly issuing security guidelines and information for reference by local enterprises.

To chart a path towards developing Hong Kong into an international I&T centre, the Government has promulgated the Hong Kong I&T Development Blueprint last year to set out clear directions and major policies for the future I&T development in Hong Kong. By fostering I&T culture for all and enhancing the overall I&T atmosphere in the community, individuals and businesses can gain a better understanding on how technology can help them achieve their goals, including enhancing their state of security and defensive capabilities. Moreover, by creating a more innovative and technology-driven culture, we can attract and retain top talent in the cyber security field, further enhancing our security capabilities.

At last, let me emphasise once again the importance of harnessing the power of technologies and collaboration. We all play a crucial role in enhancing the security posture of Hong Kong. Together, by taking the advantage of the latest technologies and intelligence sharing, we can not only strengthen our organisation’s defences against cyber threats, but also create an environment where innovation can thrive. I am heartened and grateful to have all of you who are committed to joining us to build a safer and securer cyberspace in Hong Kong. I wish you all a fruitful Conference today. Thank you.

- ENDS -