HKCNSA Cybersecurity Week Luncheon Fosters Policy-Tech Dialogue

On September 11, 2025, the Hong Kong China Network Security Association (HKCNSA) successfully hosted the Cybersecurity Week Luncheon at The Park Lane Hong Kong. The event supported National Cybersecurity Awareness Week, a nationwide initiative jointly led by the Publicity Department of the CPC Central Committee and the Cyberspace Administration of China.The campaign aims to raise public awareness of cybersecurity, promote best practices, and foster a culture of digital safety across all sectors. Through this luncheon, HKCNSA sought to provide a platform for local industry stakeholders to exchange insights, enhance policy understanding, and promote cross-sector collaboration to advance cybersecurity implementation and sustainable development in Hong Kong.

The event began with a welcome address by Mr. David Ip, Founding Chairman of HKCNSA. He emphasized that as cyber threats continue to evolve—driven by generative AI, supply chain infiltration, and ransomware-as-a-service (RaaS)—enterprises are facing increasingly complex challenges. He called for greater digital resilience and cross-sector collaboration, stressing that Hong Kong, as an international financial and technology hub, should actively participate in national cybersecurity development. He also noted the importance of aligning policy understanding with technological implementation to institutionalize and deepen the local cybersecurity culture.

Mr. Kuet Loong Lam, Principal Technologist at Pure Storage, delivered a keynote speech titled “Is your data well protected and recoverable?” He provided an in-depth analysis of how generative AI is being leveraged in cyberattacks, including phishing, supply chain infiltration, and RaaS. He warned that potential economic losses for Hong Kong enterprises could reach HKD 250 billion, with average dwell times of breaches increasing year by year—underscoring the urgent need to upgrade local defense mechanisms.

Mr. Lam recommended that enterprises strengthen their cyber resilience through three key areas: data classification and risk prioritization, faster backup and recovery, and regular storage security assessments. He advocated for the adoption of immutable snapshots, anomaly detection, and layered defense strategies to enhance both resilience and compliance. He also shared a successful case study from the financial sector, where the implementation of an all-flash storage architecture significantly improved recovery efficiency and met regulatory requirements.

Following the luncheon, a panel discussion was held under the theme “Challenges in Threat Intelligence Sharing and Cross-Sector Collaboration,” moderated by Mr. Wilson Tang, Vice Chairman of HKCNSA. Panelists included Mr. Michael Chan, Assistant Commissioner (Project Governance and Cybersecurity)(Acting) at the Digital Policy Office; Mr. Barry Wong, Director of HKCNSA Talent Development and Education Committee and Regional Vice President, Elasticsearch; and Mr. John Wan, Senior Manager at The Hong Kong Jockey Club. The three speakers shared perspectives from policy-making, technical implementation, and industry practice, offering insights into the current challenges and future directions of threat intelligence sharing.

Mr. Tang opened the session by noting, “Hackers collaborate seamlessly, while defenders often operate in isolation,” prompting reflection on the fragmented nature of intelligence exchange in the cybersecurity community. The discussion highlighted the lack of standardized frameworks and trust mechanisms in commercial practices, as well as the prevailing mindset that treats cybersecurity as a secondary cost—factors that hinder effective defense and cross-organizational cooperation.

Building on this, the panel explored how policy guidance and clearly defined roles could help reshape the local cybersecurity culture. It was suggested that neutral figures such as Data Protection Officers (DPOs) could play a key role in facilitating intelligence sharing between public and private sectors, thereby enhancing collective awareness and coordinated defense. Establishing long-term, stable sharing mechanisms and trust frameworks was seen as a vital step toward strengthening Hong Kong’s digital resilience.

HKCNSA extends its sincere appreciation to its corporate members and sponsors, including Pure Storage, Elasticsearch, Akamai, Huiye Law Firm, Mastercard, and SailPoint, for their generous support. The luncheon deepened industry understanding of national cybersecurity policies and fostered meaningful exchanges between Hong Kong and mainland stakeholders.

Looking ahead, HKCNSA will continue to champion dialogue between policy and practice, expand cross-sector collaboration, and work with industry partners to build a safer, more resilient digital Hong Kong.