Dr. Ricci IEONG

PhD, M.Phil, MAArbDR, BSc
Principal Consultant

19 years of IT Security Experience

Professional Certifications

CISSP, CISA, CISM, CCFP, CCSP, CCSK, CEH, GPEN, GIAC Advisory Board, ACE, ISSMP, ISSAP, ISO 27001 LA, STAR Auditor

  • ISC2 Asia-Pacific Information Security Leadership Achievements (ISLA) Honoree – Senior Information Security Professional (2017)
  • GIAC Advisory Board Member
  • Founding Member of High Tech Crime Investigation Association
  • Founding Member and Council Member of Information Security and Forensic Society (F.ISFS)
  • Founding Member, Vice-President for Professional Development of Cloud Security Alliance (HK & Macau) Chapter
  • Authorized CCSK Trainer
  • ISC2 Authorized CCSP Trainer
  • Part-time lecturer and Adjunct Assistant Professor of the Hong Kong University of Science and Technology

Award

  • Asia-Pacific Information Security Leadership Achievements (ISLA®) Program 2017 honorees:
    Senior Information Security Professional

Achievements

  • Led and performed security risk assessment, security audit, penetration tests, and security strategy study for HKSAR government departments.
  • Performed Sarbanes-Oxley Act 404 IT consultancy services for China and Hong Kong-based US corporations.
  • Led and conducted Computer Forensics investigations and incident handling services for HKSAR government departments and Financial Institutes in Hong Kong.
  • Designed and developed computer forensics tools for multi-national corporations
  • Defined and planned the IT security services direction of the HP e-Security Center, HP Security Team in HK and AP Security Competence Center of HP;
  • Led the HP Security Team in HK and Deputy Manager in the ITPSA Cat D (Security Services) for HKSAR Government.
  • Led one of the two HP e-Security Center and performed penetration test services for clients in Asia Pacific, Europe and America.

Reference Cases

  • Led over 50 governmental Security Risk Assessment and Audit cases for HKSAR governments
  • Led and performed security assessment  and audit for over 10 financial institutions in Hong Kong
  • Led and performed web penetration tests for over 20 local and international corporations
  • Conducted over 50 trainings on cloud security, incident handling and forensics, operating systems security and IT general awareness trainings