Biography :

Mr. Dale Johnstone is professional recognised as one of Asia Pacific’s foremost, respected and leading experts in information security management with nearly twenty years full-time professional information security experience in various industry sectors including Government, defence, law enforcement, finance, manufacturing, transportation and telecommunications.

Dale is currently employed as the Chief Information Security Officer with the PCCW Group, and maintains active memberships with a number of International Standards Bodies, including ISO which is responsible for the development of ISO 27001 ISMS family of standards , Chairman of the local Information Security Management Systems (ISMS) International User Group for Hong Kong and Macau, Chairman of the Organising Committee for the annual Information Security Summit (2003-2006), member of the ISMS IUG (UK), and member of the Standards Australia Committee responsible for information security management standards.

Biography :

Mr. David Leung has been working in the legal field for 15 years, both in the private sector and in the Government in Hong Kong. He is currently working in the Prosecutions Division of the Department of Justice, Hong Kong Special Administrative Region.

One of the past duties of Mr. Leung was in giving legal advices to law enforcement agencies on computer crime and prosecuting such cases. He was one of the first graduates the course “Professional Diploma in Computer Forensics” of the University of Science and Technology, Hong Kong in 2000. Since then, he continues to teach on legally related subjects of this course. Mr. Leung has been teaching legally related subjects at the University of Hong Kong and the City University, Hong Kong since 1992.

In 2000, Mr. Leung was appointed as the Honorary Lecturer of the Department of Professional Legal Education, Faculty of law, University of Hong Kong.

Mr. Leung became Chairman of Information Security and Forensics Society (www.isfs.org.hk) in January 2003.

Biography :

Gregory is a partner of Deloitte, one of the world's largest professional services organisations, offering a wide range of world-class audit, tax, consulting, and financial advisory services. He specialised in providing enterprise risk management, technology audit, Information Security Management Services and SOX related services. Gregory works on clients from a wide spectrum of industries including banking and finance, property, telecommunication, manufacturing, retail and government organisations. He leads the Enterprise Risk Services in Deloitte Hong Kong and is a frequent speaker on SOX, security regulations and IT related matters.

Deloitte employs over 123,000 people in nearly 150 countries and has annual revenues of over $20 billion. It serves over one-half of the world's largest companies, one-third of the company in the Hong Kong Stock Exchange and has 7,000 employees in 10 cities in China. It ranked 6th in The Times Top 100 Graduate Employers 2005.

About (ISC)2
The International Information Systems Security Certification Consortium, Inc. [(ISC)2®] is the internationally recognized Gold Standard for certifying information security professionals. Founded in 1989, (ISC)² has certified over 45,000 information security professionals in more than 120 countries. Based in Palm Harbor, Florida, USA, with offices in Vienna, Virginia, USA, London, Hong Kong and Tokyo, (ISC)2 issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, Certification and Accreditation Professional (CAPCM), and Systems Security Certified Practitioner (SSCP®) credentials to those meeting necessary competency requirements. The CISSP, CISSP-ISSEP® and SSCP are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers a portfolio of education products and services based upon (ISC)2’s CBK®, a taxonomy of information security topics, and is responsible for the annual (ISC)² Global Information Security Workforce Study. More information is available at www.isc2.org.

Biography :

Mr. Serrano has more than 30 years of experience in the security and networking arena and has extensive experience in sales, marketing and business development. Prior to Secure Computing’s acquisition of CipherTrust where he served as VP of Marketing APAC, he helped build the initial infrastructure of the company and developed the company to it’s dominant position. Prior to CipherTrust he functioned as Director for security products marketing for Juniper Networks via the acquisition of NetScreen Technologies where he held a variety of senior management positions. Mr. Serrano served four years at NetScreen Technologies, two of which were as Senior Director of Product Management at the California headquarters and the latter two where he functioned as Senior Director of Marketing, APAC, based in Hong Kong.

Prior to joining NetScreen, Serrano was director of business development at Bell Labs Research where he played a key role in the commercialization of various research technologies into the telecom market space. Before that, he co-founded and served as CEO for Network Tools, a company focusing on configuration challenges in the data networking sector. He also served in senior positions in sales, marketing and product management at start-up SynOptics Communications (later acquired by Nortel). He was vice president at the HSBC banking corporation as well as serving in senior management roles at JP Morgan Bank and Citibank. Serrano spent nine years with the US Air Force and was responsible for the planning, design, installation and deployment of large-scale communication systems, including satellite systems, fiber optics, voice and data systems, cryptographic systems and wireless communications. He is a member and participant in the IEEE and IETF forums.

Biography :

Thomas is a Certified Public Accountant (CPA) and chartered accountant with extensive public practice experiences. Thomas is serving as the Secretary and Treasurer of Professional Information Security Association (PISA).

For more than a decade, Thomas has involved or has facilitated in financial and information systems assurance, operational risk management reviews, information security advisory and other business advisory assignments where the subject matters included both information systems (such as billings, assessment of operational and security risks) and financial systems (such as financial reporting, financial due diligence, financial information controls). He has served clients in the fixed-line and mobiles tele-communications, brokerages and credit card operations industries, for companies listed and unlisted, both local HK and overseas.

He has also undertaken financial reporting advisory projects and assurance services for a wide range of clients including associations, charity bodies, SMEs, and regulated entities in Hong Kong (such as those under EMB, SWD, LawSoc and SFC).

He was notable to be one of the first CPA (Practising) in Hong Kong who cross-holds the Certified Information Systems Security Professional (CISSP) and Certified Information System Auditor (CISA) designations. Being one of the earlier full members in the PISA Society, he is also a voting member in other bodies including The Institute of Chartered Accountants in England and Wales, ITAccountants Association (ITAA), The Taxation Institute of Hong Kong (TIHK) and The Society of Chinese Accountants and Auditors in Hong Kong (SCAACPA).

He obtained professional certificates in both international financial reporting and international standards in assurance and has submitted comments to the Legislative Council in Hong Kong in subject matters such as the amendments on Companies Ordinance and the recent regional internet blackout. For the HKICPA Qualification Programme (QP) articling programme, he has been involved as a registered module facilitator, examination marker and acting as an authorized supervisor attesting the professional growth and experience of QP students.

Thomas is running his own public practice in Hong Kong (Thomas H S Tsang Certified Public Accountant) and can be reached at SecTre@pisa.org.hk.
About PISA

PISA as an organization focuses on developing the local information security awareness to the IT and public at large. It also and promotes knowledge and information sharing with a global presence in the industry. It also is a prominent body of professional information security practitioners that promotes the highest quality of technical and ethical standards to the information security profession, the best-practices in information security control.

PISA undertakes and presents several studies on its own. Highlights include panel discussion on the recent local Internet blackout, war-driving for Wi-Fi in Hong Kong, web application security, Windows
Network Load Balancing, publ ic PC Security survey, Distributed Intrusion Detection Network, Honey Net, and Critical Information Infrastructure Protection. Details are available at www.pisa.org.hk.