Member of the month Mr. Adam Au | Bridging technology and legislation to build a secure future

We're excited to introduce Mr. Adam Au (Adam) as our first Member of the Month. Adam boasts an impressive academic background, holding a Bachelor of Arts from Brown University, Bachelor and Master of Arts from the University of Oxford, and a Master of Business Administration from MIT Sloan School of Management. He is now a legal professional with a passion for interdisciplinary solutions. Balancing dual roles as an in-house lawyer and HKU lecturer, he finds synergy between practice and theory. "Legal work keeps me rooted in real-world challenges," he explains, "while teaching compels me to clarify and articulate complex concepts."

Adam's approach centers on bridging law with diverse fields, bringing thoughtful curiosity to this multidimensional space. "While law provides my foundation, I actively incorporate insights from technology, policy, and philosophy," he shares. "This cross-disciplinary perspective is becoming essential for tackling today's most pressing issues."

He particularly values Hong Kong's dynamic ecosystem for this work: "Our city offers the perfect testing ground - compact enough for rapid iteration yet globally connected to ensure meaningful impact."

How the HKCNSA Transformed His Professional Lens

Adam's journey with HKCNSA came unexpectedly when HKCNSA’s Chairman Mr. David Ip reached out via LinkedIn. What began as casual curiosity has then become a professional revelation. "Instead of being confined to the typical lawyer echo chamber," Adam explains, "I now regularly engage with the very engineers who build the systems I help contract for - it's completely changed my perspective."

The HKCNSA’s value, in Adam's view, lies in fostering practical dialogue across disciplines. Where lawyers often operate in theoretical frameworks, engineers focus on implementation - and HKCNSA creates this opportunity, acting as a platform for them to bond and exchange. This cross-pollination proves particularly vital in rapidly evolving areas like AI governance and data privacy, where, as Adam notes, "real-world complexities constantly challenge our professional assumptions."

Though his schedule doesn't allow him to participate in all the events, Adam praised HKCNSA's commitment to actionable knowledge-sharing. He mentioned that the simple act of gathering lawyers, engineers, and diverse professionals in one room does more than break down silos - it creates smarter solutions.

Hong Kong's Critical Infrastructure Ordinance: A Positive Step Forward with Room to Grow

The upcoming Protection of Critical Infrastructures (Computer Systems) Ordinance, set to take effect on January 1, 2026, represents what Adam describes as "a seismic shift" which also referenced the mainland China's regulatory framework. He views this as a promising foundation, though he emphasizes that the law's success will ultimately depend on thoughtful implementation.

Adam highlights the increasingly important role of cybersecurity in an AI-driven world: "When artificial intelligence manages transportation networks or financial markets, security breaches transcend data privacy concerns - they become genuine threats to public safety." He welcomes the ordinance as an important step in recognizing these evolving risks, while noting opportunities to address key areas: the integration of legacy systems with emerging AI technologies, and developing robust protocols for vulnerabilities that could have widespread societal impacts.

Adam's primary focus is ensuring that companies embrace the spirit of the regulations rather than simply meeting minimum requirements. He advocates moving beyond what he calls 'compliance theater' - where organizations check boxes without meaningfully strengthening their security posture. He notes optimistically, "The real opportunity here is for companies to use this framework as a springboard for building genuinely robust protection that goes well beyond the paperwork."

The ordinance provides Hong Kong with a solid regulatory foundation that, with proper implementation and genuine commitment from organizations, could significantly enhance the territory's cybersecurity resilience.