Pak Ho is a high-achieving, all-around technologist and business leader passionate about addressing unique cybersecurity challenges within the CNI (Critical National Infrastructure) Sectors.

– Enjoys helping organisations to achieve their objectives by identifying needs, providing advice and recommendations, and having a practical approach to deliver cybersecurity solutions that overcome business challenges and enhance organisational resilience.

– Well-known among peers for having a hands-on, consultative approach to providing cybersecurity solutions that cut through complexity, drive efficiency and deliver on commitment.

He has worked across various industries, including but not limited to Aerospace, Automotive, Ground Transportation, Utilities (electric, gas, water, etc.), Manufacturing, F&B, FMCG, Hospitality, Healthcare, etc.

In addition, he is part of the UN Expert Community for the cybersecurity domain and is also a respected speaker with international exposure. He has presented at conferences in US, Europe and APAC, including IAEA International Conference on Nuclear Security, ISA and SecurityWeek ICS Cyber Security Conference and PCI SSC International Conference. Moreover, he delivered the ISACA One-Day Workshop regarding Industrial Cybersecurity back in 2016 – Protecting Industrial Control Systems with Active Cyber Defense.

His recent specialities include ICS/OT security, cybersecurity engineering, secure by design, threat-driven defence, red/purple teaming, and detection engineering.

Julien is a highly experienced OT (Operational Technology) and ICS (Industrial Control Systems) cybersecurity professional passionate about staying at the forefront of technology and cybersecurity. With over 10 years of experience in the field, he has a proven track record of designing, implementing, and continuously improving security controls that align with best practices and risk appetite. He has worked across various industries, including but not limited to energy, manufacturing, and transportation, and has a deep understanding of these industries’ unique cybersecurity challenges.

In addition to his work as a cybersecurity professional, Julien is a regular speaker at external conferences in Asia, and a technology writer for international newspapers.

He holds a master’s degree in computer science, cryptography, and network security. He is currently studying for a Master of Business Administration (MBA) at the University of Hong Kong.

Workshop Learning Outcome

After completing the workshop, the participants will

• Understand the fundamental concept of ICS and their components;

• Understand the network architecture concepts, including topology, protocols, and components, and their relation to IEC 62443 and the Purdue Model.

• Know the features, goals, operations, main causes, and limits of the ICS;

• Know the risks to the safety of process control systems;

• Understand the tools used to run security audits and penetration testing;

• Know how ICS can be hardened by using security solutions;

• Understand incident-response abilities and handling methodologies.

Workshop Outline

I. Overall Picture of ICS and OT security

– Introduction of ICS and OT systems

– Emerging threats and trends in ICS and OT security

– Understanding ICS and OT Architecture and components

– ICS and OT threat analysis and risk assessment

– Cybersecurity Essentials to secure ICS architecture

– Disaster recovery and business continuity for ICS and OT systems

II. Penetration Testing on ICS and OT lab

– Introduction to ICS and OT Lab

– Overview of ICS security testing tools and technologies

– Reconnaissance and information gathering techniques

– Vulnerability identification and exploitation

– Develop a plan for ongoing monitoring and testing of ICS security

III. Practical Incident Response Card Game

– Introduction to the incident response card game

– Conduct table top exercises

– Discussion on the key ICS and OT security concepts and best practices

Participants need to have a basic understanding of

·      Networking and system administration

·      TCP/IP

·      Networking design/architecture

·      Vulnerability assessment

·      Risk methodologies

Map: Click Here

[Regular]:        20 September 2023 (Wednesday)

2.   There is no refund once payment is made except the course is cancelled.

3.   Please keep the certificate as a CPE proof.