Team Experts

PhD, M.Phil, MAArbDR, BSc

Professional Certifications

CISSP, CISA, CISM, CCFP, CCSP, CCSK, CEH, GPEN, GIAC Advisory Board, ACE, ISSMP, ISSAP, ISO 27001 LA, STAR Auditor

• ISC2 Asia-Pacific Information Security Leadership Achievements (ISLA) Honoree – Senior Information Security Professional (2017)

• GIAC Advisory Board Member

• Founding Member of High Tech Crime Investigation Association

• Founding Member and Council Member of Information Security and Forensic Society (F.ISFS)

• Founding Member, Vice-President for Professional Development of Cloud Security Alliance (HK & Macau) Chapter

• Authorized CCSK Trainer

• ISC2 Authorized CCSP Trainer

• Part-time lecturer and Adjunct Assistant Professor of the Hong Kong University of Science and Technology

Award

• Asia-Pacific Information Security Leadership Achievements (ISLA®) Program 2017 honorees: Senior Information Security Professional

Achievements

• Led and performed security risk assessment, security audit, penetration tests, and security strategy study for HKSAR government departments.

• Performed Sarbanes-Oxley Act 404 IT consultancy services for China and Hong Kong-based US corporations.

• Led and conducted Computer Forensics investigations and incident handling services for HKSAR government departments and Financial Institutes in Hong Kong.

• Designed and developed computer forensics tools for multi-national corporations

• Defined and planned the IT security services direction of the HP e-Security Center, HP Security Team in HK and AP Security Competence Center of HP;

• Led the HP Security Team in HK and Deputy Manager in the ITPSA Cat D (Security Services) for HKSAR Government.

• Led one of the two HP e-Security Center and performed penetration test services for clients in Asia Pacific, Europe and America.

Reference Cases

• Led over 50 governmental Security Risk Assessment and Audit cases for HKSAR governments

• Led and performed security assessment and audit for over 10 financial institutions in Hong Kong

• Led and performed web penetration tests for over 20 local and international corporations

• Conducted over 50 trainings on cloud security, incident handling and forensics, operating systems security and IT general awareness trainings

Henry Ng is an IT and cybersecurity veteran with over 28 years of experience. He held several senior management positions in the past including managing director of Thales cybersecurity APAC business line, head of professional services of Verizon business and security lead of HP Consulting. He has successfully setup and managed a regional APAC team to help customers protect against cyber security threats and manage IT security risks. Projects include cybersecurity maturity assessment, security policies and supporting governance framework development, PCI assessment and compliance program, security review and advisory on latest technology adoption, IT risk assessment and audits, data privacy and mobile/web security reviews. Customers include MNCs to SMEs covering banking and finance, insurance, telecommunications, retail and hospitability, transportation and utilities, manufacturing, government and public sector, and higher education institutes.

Henry also teaches and lectures on IT security and cybersecurity topics. He has conducted many security awareness trainings, management workshops and IT security certification programs such as CISA and CISSP for local enterprises, MNCs and the government and public sector. In addition, he has been frequently invited as a speaker, subject matter expert and panelist in many IT security and risk seminars in APAC to share thought leadership and best practices related to cybersecurity.

Henry has been appointed as the adjunct professor for the University Malaysia of Computer Science and Engineering, and serves in a number of cybersecurity professional bodies including the director of CSA Hong Kong and Macau Chapter and member of the Hong Kong Expert Group on Cloud Security and Privacy.

Stephen has been in the digital industry for 26 years. His service experiences cover some of the largest enterprises in Hong Kong in different industries and public sector. Stephen specialises in various infrastructure discipline including data centre, IT service management, information security, enterprise architecture, cloud computing and project management.

Stephen has been responsible for providing infrastructure solutions including Security, ITIL process design and implementation, enterprise architecture and governance, data centre migration and large scale S.I. planning and execution. Stephen assumed the role of chief architect / consultant in most of the major engagements.

Stephen recently worked on consulting engagements related to: formulating information security policy, cloud security framework, IoT security framework, NIST review, cybersecurity improvement programme etc.

Professional Certifications

CGEIT (Certified in the Governance of Enterprise IT, ISACA)

CISSP (Certified Information Systems Security Professional, ISC2)

PMP (Project Management Professional, PMI)

ISO/IEC 27001 Lead Auditor (PECB)