HKCNSA AI Luncheon successfully organized with a focus on infrastructural protection and policy implementation

On October 16, 2025, the AI Governance Luncheon organised by HKCNSA was held successfully at the Crowne Plaza Hong Kong Causeway Bay. As AI reshapes the cybersecurity industry landscape, businesses face rising challenges in governance, compliance and security. This luncheon aims to share practical experiences and risk response strategies in AI management, and to catalyse cross-sector communication under Hong Kong’s digital transformation, thus strengthening local digital resilience.  

The founding chairman of HKCNSA, Mr. David Ip started the event with a welcoming speech. He stated that the rapid development of generative AI and automated attack technologies is reshaping the cybersecurity configuration. Connecting international finance and technology, Hong Kong must enhance its understanding of its policies and technical practices simultaneously to respond to new threats better. He emphasized that AI governance is not just a technical issue, but more about the institutional design of policies and cross-sector collaboration.

Then, Ms. Elena Lee, senior solutions architect lead at Elastic delivered a speech titled ‘Grounding GenAI and Practical Use Cases in Cybersecurity’, indicating that large language models (LLMs) still face challenges in data protection and role-based access control. She suggested that corporates should use retrieval-augmented generation (RAG) technology to enhance security and compliance. She shared how Elastic merged Search AI technology to help corporates quickly detect attacks and generate legible incident narratives, which effectively improved their investigation and governance.

Mr.  Yifeng Jiang, APJ Principal Solutions Architect Data Science from Pure Storage presented the topic ‘Unlocking AI Value in Enterprise: Our AI Journey and lessons learned’. He highlighted that AI policies must be built on robust data strategies, covering data governance, traceability and compliance requirements. He introduced the use of Pure AI Copilot, which enables storage management and security assessment through a natural language interface, and shared 5 design patterns for enterprise AI deployment, naming early evaluation, starting small but user-focused, continuous optimization, talent investment and partnering early. He implied that data provenance and model version control are the key to AI governance, ensuring interpretability and compliance audit.

The roundtable was moderated by Ms. VZ, partner at Anjie Broad Law Firm. Our panelists included Ms. Filipa Santos, regional data protection officer, APAC, L’OCCITANE Ltd; Mr. Maurice Mo, regional chief information security officer, APAC, Chanel; Mr. Jayaprakash M K, senior manager, group information security governance, AIA Group Ltd; Mr. Kinman Tsang, head of IT Digital and Infrastructure, Maxim’s Caterers Ltd. These guests discussed the challenges and response strategies to the implementation of AI governance through the lens of policy design, technical practices and enterprise management.

The discussion concluded that when enterprises facilitate the applications of AI, their primary task is to build a use case diagram and a risk assessment framework, and establish a cross-departmental responsibility and accountability to prevent governance from becoming merely formal. Our guests highlighted the use of risk stratification models prioritized according to data sensitivity and business impact. Quantitative indicators can be introduced to measure governance effectiveness, such as model bias rates and compliance audit results, ensuring that the framework can be continuously optimized with technological evolution. Our participants generally agreed that setting standards and promoting the sharing of best practices is a crucial direction for raising Hong Kong’s digital resilience.

The association sincerely appreciates the enthusiastic support from Elastic, Pure Storage, Anjie Broad Law firm and Master Concept etc. This luncheon strengthened the industrial understanding of AI governance, compliance infrastructure and data security management, which catalyses the collaboration and partnership of cybersecurity technology, standards and practical aspects amongst China and Hong Kong, building a basis for cross-sector collaboration.

The association would keep on promoting in-depth discussions about policy and technology, and boost collaboration with our local and international partners. We wish to promote the implementation of safety regulations and innovation applications to support Hong Kong’s construction of a secure, reliable and enduring digital ecosystem.