Understanding the Emerging Cybersecurity and Privacy Challenges

Jason is currently the Chief Information Security Officer at Crypto.com, driving the company’s global cybersecurity and privacy strategy. Jason has over 20 years experience in the field and is also an Adjunct Professor of cybersecurity and privacy at HKBU’s Master of Science (FinTech and Data Analytics) programme and a regular speaker at global industry events like RSA Conference and DELTA Summit. Jason was selected as a member and contributor to the Forbes Technology Council, ISACA Academic Committee, and holds an official position on the Standing Committee on Technological Developments for the Office of the Privacy Commissioner for Personal Data (PCPD). Jason certifications include CDPSE, CGEIT, CRISC, CISM, CISA, CISSP, CIPP/E, CIPT, CIPM, CEH, CNDA, HCISPP, as well as being an ISO27701 Senior Lead Auditor, ISO27701 Senior Lead Implementer, and ISO27001 Lead Auditor. Jason is also a Fellow of the Hong Kong institute of Directors (FHKIoD), and Fellow of Information Privacy (FIP).

What do FinTech companies need to consider when entering into this space, from digital payment, virtual banking, cryptocurrency and others? What are the risks and opportunities? What do consumers need consider when shifting from using traditional banking services to FinTech, and what are the cybersecurity and privacy risks with the up-coming and emerging FinTech trends in the market?

Join this session if you are looking for some insight into the emerging FinTech space, and to understand the cybersecurity and privacy risks.

–        Rapid development, rapid growth and rapid acceleration of projects and time to market means functions and features may be more important than security and privacy. Ensure that your teams perform security and privacy risk assessments for all projects early on and not at the end of the projects as it will be too late.

2.     FinTech Third-Party Risks

–        FinTechs are developing new cutting edge products and services which are often building on existing infrastructure or platforms. Watch out for risks from vulnerabilities in third-party coding libraries, through to API’s from partners and platforms. Ensure you perform the necessary penetration tests to discover and close any vulnerabilities.

3.     Security and Privacy Awareness Training

–        Never underestimate the impact and risks of the “Human Element” of security which is often the weakest link. Companies are only as strong as their weakest link, so companies should make sure they have a awareness and continuous training strategy.

Online Registration

·       For Member of HKCS/ HKICPA/ CPA Canada/ IIA HK and Non-Member, please complete the reservation reply and return to events@isaca.org.hk

• A valid ISACA ID (6 or 7 digits and not the certification number)
• Name and Email address (Same as the one you registered at ISACA)

We will keep you informed once CPE recording to ISACA is completed. To check your ISACA ID, please log in your account at www.isaca.org.