HKCNSA Luncheon on Insider Threat Culture in Critical Sectors Successfully Held, Focusing on Security Culture and Practical Implementation

On May 20, 2026, the Hong Kong China Network Security Association (HKCNSA) successfully hosted the “Building an Insider Threat Culture in Critical Sectors” luncheon at Crowne Plaza Hong Kong Causeway Bay. The event brought together industry representatives from finance, energy, transportation, and technology sectors to exchange insights on insider threat management and the development of security culture in critical infrastructure environments.

The luncheon aimed to enhance industry awareness of internal risks and facilitate discussion on governance frameworks, technology application, and practical management approaches, in response to the increasingly complex cybersecurity landscape.

The event began with a welcome address by Mr. David Ip, Founding Chairman of HKCNSA. He noted that as enterprise digitalization continues to deepen, the integration of information systems and business processes has become more complex, leading to broader system access and privileges for internal users. In this context, insider threats have emerged as a critical risk that organizations can no longer overlook. He emphasized the importance for industry stakeholders to strengthen awareness and response capabilities from both management and operational perspectives to mitigate potential risks.

This was followed by keynote presentations from cybersecurity and technology experts, focusing on insider threats and related challenges in critical infrastructure environments.

Mr. Jason Chan, Solutions Engineer for Greater China at Claroty, delivered a keynote titled “The State of CPS Attacks.” He analyzed current attack trends targeting cyber-physical systems (CPS), highlighting recent incidents in the energy sector where attackers remained undetected within networks before launching disruptive operations. He pointed out that many attacks do not rely on sophisticated vulnerabilities, but rather exploit weak credentials, insufficient system hardening, and a lack of monitoring mechanisms. He emphasized the importance of strengthening asset visibility, continuous monitoring, and anomaly detection in OT environments to enhance overall resilience.

Mr. Paul Hugh, Principal Enterprise Architect at Hewlett Packard Enterprise (HPE), delivered a keynote titled “AI Security & Governance with HPE AI Factory.” He discussed the security and governance challenges associated with the rapid adoption of generative AI. As AI evolves toward more autonomous “agentic” systems, organizations face new risks such as over-privileged access, data misuse, and supply chain vulnerabilities. He highlighted the need for robust governance frameworks, including data classification, access control, and runtime monitoring, as well as better management of “Shadow AI” to ensure secure and compliant AI adoption.

Following the luncheon, a panel discussion was held under the theme “Building a Trust-Based Insider Threat Culture: Balancing Vigilance and Employee Trust.” The session was moderated by Mr. Pierre Malgorn, APAC Director at I‑Tracing. Panelists included Mr. Wilson Tang, Vice Chairman of HKCNSA; Mr. Frank Ip, Head of Enterprise Risk Management at Hang Seng Bank; Mr. Alan Lee, OT Cyber Security Manager at CLP Holdings Limited; and Mr. George Chung, Head of IT Infrastructure, Operation and Cybersecurity at HK Express.

Drawing on perspectives from finance, telecommunications, energy, and aviation sectors, the panelists shared practical experiences in managing insider risks. The discussion highlighted that insider threats manifest differently across industries, including data leakage, privilege misuse, and remote access risks. As organizations continue to expand their digital operations and integrate IT and OT environments, the scope of internal access has grown significantly, increasing the complexity of managing such risks.

The panel further explored the balance between “controls” and “culture.” While organizations have implemented a range of technical and governance measures—such as segregation of duties, approval workflows, and monitoring systems—panelists noted that technical controls alone are not sufficient, as users may still find ways to bypass them. Building transparency in monitoring practices, strengthening employee awareness, and encouraging the reporting of anomalies were identified as key steps in fostering trust and improving overall security posture. The discussion concluded that effective insider threat management requires a combination of governance, technology, and cultural development, with a balance between trust and accountability.

HKCNSA extends its sincere appreciation to its corporate members and supporting organizations, including Claroty, HPE, and I‑Tracing, for their valuable support. The luncheon enhanced industry understanding of insider threat management and strengthened cross-sector exchange among professionals.

Looking ahead, HKCNSA will continue to promote dialogue on policy, technology, and best practices, while fostering collaboration with local and international partners to support the development of a secure, resilient, and trustworthy digital ecosystem in Hong Kong.