08:30 – 09:00

Registration and Networking

09:00 – 09:05

Opening Remark
Ambrose Wong, Vice President of Hong Kong Information Security Group (HKISG)

09:05 - 09:45

Identifying and Mitigating Risk - Establishing a risk ready organization
Charles R. Woods, Director, Global Technology Services Asia Pacific, Risk and Resiliency Center of Excellence,IBM

In this "Always On" economy, organizations are facing the challenges of rapid change in business and economic environment, emerging technologies and a diminishing corporate boundary. Most organizations are struggling to gain visibility into their risk profile and strike the right balance between costs of control, compliance and the organization's risk appetite. According to the IBM Global IT Risk Study conducted in 2010, very few organizations today have a risk-aware culture and the traditional role of CIO is evolving into a position of responsibility for enterprise-wide IT operational risk management and its integration with business-driven risk and overall corporate objectives. Establishing a "risk-mature" organization is vital to thrive in the 21st century. In this session, Charles Woods will share with you his extensive insight and experience in addressing complex risk and business issues at leading global organisations.

09:45 - 10:15

Mobile Revolution - What are the risks and opportunities
Richard Stagg, Vice President of Hong Kong Information Security Group (HKISG)

10:15 – 10:55

Effective Data Security Strategy - Getting the Priorities Right
Erkang Zheng, Global Competency Leader, Data Security and Emergency Response Services, IBM Security Services

You still read about security breaches every day, in particular data leakage, even after decades of effort in information security. As a matter of fact, no business is immune to that. And, in today's economy, when businesses rely more and more on information to operate effectively and stay competitive, the impact of security breaches is becoming more apparent than ever. Data security is seen by CIO’s as the highest priority of security projects. How do you determine what security capabilities you need......or lack? How to prioritize security initiatives? In this session, we will share with you the importance and practicability of getting an integrated enterprise-wide data protection strategy, enabling you to set the right priorities in data security management.

10:55 - 11:10

Coffee break

11:10 - 11:40

Empowering Effective Database Monitoring for Regulatory Compliance
Jay Qui, Data Governance Technical Consulting Specialist, Greater China Region, IBM

Data breaches are costly. What are at stake are your company's reputation, valuable client and trade information. Besides defence against external threats and intrusion, rigorous internal control and monitoring of access to data is equally important in protecting your sensitive data. One of the greatest sources of internal risk resides with your staff. Who is accessing sensitive data, how and why. Enterprises must take steps to solidify their access assurance strategies so that only the right people get the right access to the right resources and do the right things with it. In this session, our speaker will share on end-to-end management of the complete database security and compliance lifecyle, and highlight the local regulatory requirements.

11:40 - 12:40

Panel Discussion
Facilitator:
Mr. Chee Sing Chan, Group Editor, Computerworld Hong Kong - Questex Asia Ltd 

Panelists:
Mr. Charles R. Woods, Director, Global Technology Services Asia Pacific, Risk and Resiliency Center of Excellence, IBM
Mr. HP Suen, Director priSM, itSMF International Executive Board and Founding Chairman, itSMF HK Chapter
Mr. Lewis Tam, Head of Information Security & Internal Control, Ping An Insurance (Group) Company of China
Mr. Richard Stagg, Hong Kong Information Security Group (HKISG)

12:40 - 12:45

Q&A