Skip to main content Start main content

Date: 14 March 2019 (Thursday)

Time & Venue:
6:00 - 7:00 pm   Chan Sui Kau & Chan Lam Moon Chun Square, PolyU campus

7:00 - 9:00 pm   N101-103, PolyU campus

* The Forum was conducted in English


6:00 – 6:30 pm

Registration and Reception

6:30 – 6:45 pm

Welcome and introduction of the new Alumni Chapter Executives

Ms Joanne Shoveller
Vice-President, Advancement, University of Waterloo

6:45 – 6:50 pm

Welcome and introduction of exciting initiatives of PolyU and Faculty of Business

Dr Miranda Lou
Executive Vice President, The Hong Kong Polytechnic University

6:50 – 6:55 pm

Welcoming Address

Mr Raymond Yung
Vice Chairman of Global Advisory Committee of AMTD Group

7:00 – 7:05 pm

Welcoming Remarks

Prof. Stephen M. Watt
Dean, Faculty of Mathematics, University of Waterloo

7:05 – 7:08 pm

Welcoming Remarks

Prof. Haitian Lu
Associate Dean (External Relations and Development), Faculty of Business, The Hong Kong Polytechnic University

7:08 – 7:11 pm

Remarks

Mr Marcellus Wong
Vice Chairman of the Board of Directors and Managing Director of AMTD Group

7:11 – 7:15 pm

Remarks

Prof. Wilson Tong
Director of AMTD FinTech Centre of PolyU Faculty of Business

7:15 – 7:20 pm Update on exciting research coming out of the Faculty of Mathematics, University of Waterloo, and the Cybersecurity and Privacy Institute
7:20 – 7:50 pm

"Secure Computation of the k-th Ranked Element on the Blockchain"

Prof. Florian Kerschbaum
Executive Director, Waterloo Cybersecurity and Privacy Institute

7:50 – 8:25 pm

Panel Discussion
"A Safety Net for Data in the Age of Machine Learning"


Moderator
:

Mr Gabriel Chan
Secretary General of the Hong Kong Blockchain Society


Panelists:

Prof. Florian Kerschbaum
Executive Director, Waterloo Cybersecurity and Privacy Institute

Dr Allen Au
Assistant Professor, Department of Computing, The Hong Kong Polytechnic University

Mr Jason Lau
Chief Information Security Officer, Crypto.com
HK Regional Leader for International Association of Privacy Professionals (IAPP)

Mr Jack Poon
Professor of Practice, School of Accounting and Finance, The Hong Kong Polytechnic University

Dr Frederic Lau
CEO of Capital Markets & Advisory of AMTD Group

8:25 – 8:30 pm

Closing Remarks

Prof. Stephen M. Watt
Dean, Faculty of Mathematics, University of Waterloo

8:30 – 9:00 pm

Networking

Organizers: logos_700

Supporting Organizations: supporting_logos


Welcome and Introduction
 01

Ms Joanne Shoveller
Vice-President of Advancement 
University of Waterloo

02

Dr Miranda Lou
Executive Vice President
The Hong Kong Polytechnic University

15
Mr Raymond Yung
Vice Chairman of Global Advisory Committee of AMTD Group
Welcoming Remarks
03

Prof. Stephen M. Watt
Dean
Faculty of Mathematics
University of Waterloo

13

Prof. Haitian Lu
Associate Dean (External Relations and Development)
Faculty of Business
The Hong Kong Polytechnic University

12

Mr Marcellus Wong
Vice Chairman of the Board of Directors and Managing Director of AMTD Group

10

Prof. Wilson Tong
Director
AMTD FinTech Centre of PolyU Faculty of Business

"Secure Computation of the k-th Ranked Element on the Blockchain"
05

Prof. Florian Kerschbaum
Executive Director
Waterloo Cybersecurity and Privacy Institute

Panel Discussion
"A Safety Net for Data in the Age of Machine Learning"
11

Moderator:

Mr Gabriel Chan
Secretary General
Hong Kong Blockchain Society

05

Prof. Florian Kerschbaum
Executive Director
Waterloo Cybersecurity and Privacy Institute

06

Dr Allen Au
Assistant Professor
Department of Comupting
The Hong Kong Polytechnic University

08
Mr Jason Lau
Chief Information Security Officer, Crypto.com
HK Regional Leader for International Association of Privacy Professionals (IAPP)
09

Mr Jack Poon
Professor of Practice
School of Accounting and Finance

The Hong Kong Polytechnic University

14

Dr Frederic Lau
CEO of Capital Markets & Advisory of AMTD Group

Closing Remarks
03

Prof. Stephen M. Watt
Dean
Faculty of Mathematics
University of Waterloo

Rapid advances in digital technology are transforming most aspects of modern life, but they are also raising some well justified concerns.

As often as not, those doubts centre on the protection of data and guaranteeing the individual's right to privacy, issues which appear secondary in the general rush towards online commerce, fintech, and social media culture in the virtual world.  

However, the importance of addressing such matters and finding the best way forward was the subject of a recent double feature which brought together some leading names in the field.

Billed as the University of Waterloo dean's public lecture cum the Hong Kong Polytechnic University's Knowledge Transfer Forum on Cybersecurity and Privacy, the evening's keynote speaker explained how blockchain developments are helping to make certain types of data transfer more secure.

W3073_181_

But the experts taking part in the subsequent panel discussion also made no secret of the fact that, as things stand, regulatory controls are lacking and, generally speaking, there are all kinds of holes in the system.

In particular, it is important to have clear new standards at a time when ever more organisations are adopting core business models which look to monetise data from users. And with so many   instances of data leaks and hacker attacks hitting the headlines, taking the right steps to maintain or rebuild trust with stakeholders should be seen as a top corporate priority.

Delivering the main lecture, Professor Florian Kerschbaum, executive director of the Waterloo Cybersecurity and Privacy Institute, spoke about the challenge of creating an absolutely "interference-free" system where people can only see or know what they are allowed to.

W3073_268_

His chosen topic was "Secure computation of the k-th ranked element on the blockchain", using as illustration the example of a "sealed bid" online auction where individual bidders can see their offer and nothing else except information essential to the process.

With blockchain, it is possible to do this. The challenge, though, is to compute everything in the least number of "blocks", while guaranteeing speed and required output and tackling any factors which limit efficiency or scalability.

To achieve this type of secure multi-party computation, Kerschbaum touched on considerations like generic protocols, zero-knowledge proofs (ZKPs), key generation, encryption, evaluation and decryption. 

He also explained the approach his team has developed for using public and private keys and sending ciphertext, thereby reducing the total number of steps involved and allowing for the inclusion of unique elements.  

"It leads to something that scales quite well," said Kerschbaum, who worked as a software architect with SAP in Germany before switching to academia. "It also allows the construction of new applications on the blockchain." 

For the panel discussion which followed, Kerschbaum was joined by moderator Gabriel Chan, secretary general of the Hong Kong Blockchain Society and Dr Allen Au, assistant professor in PolyU's Department of Computing.

W3073_327_

Also taking part were Jason Lau, chief information security officer for Crypto.com; Jack Poon, professor of practice in the School of Accounting at PolyU; and Frederic Lau, chief executive of capital markets and advisory at AMTD Group.

They expressed broad consensus that, in the digital age, the imperatives for those overseeing data include confidentiality, integrity, and developing trust with customers. 

Unfortunately, the growing list of large-scale mishaps tends to show that "the devil always gets his way". Sometimes, this can be traced to a failure in due diligence, poor impact assessment, or an inherited risk from, say, a merger or acquisition, which was never adequately addressed. In such respects, organisations have a responsibility to take action and step up vigilance accordingly.  

Worryingly, though, the panel also emphasised that there is an ongoing cybersecurity war between attackers and defenders. All it takes is one ill-intentioned hacker - and a single weakness in the defences - to break into an apparently robust system and potentially sow havoc.  

"Most organisations should assume they have been hacked and, starting from that assumption, think about what to do next," said Poon, who also highlighted the importance of finding the right balance between ease of use and data privacy.

Due mention was made of issues like awareness training, authentication without passwords, the "right to be forgotten", biometric-based encryption, and possible problems resulting from people having so much data on their cell phones.  

Kerschbaum, though, pointed out that no one should be holding out hope for easy answers or all-in-one solutions. 

"It is discouraging how bad we [in general] are at implementing security in newly developed systems," he said. "It seems we wait for attacks and then try to fix things as an afterthought. People used to say build in security from the start, but it is not really happening."

Regarding the possibility of better regulations, fit for purpose and broad in scope, progress seemed to be slow at best. 

"There are all sorts of regulations and some efforts with international traction to take care of these issues, but there is nobody governing it," Kerschbaum said. "Every government needs to agree to follow [one set of] regulations."

W3073_153_

 

Your browser is not the latest version. If you continue to browse our website, Some pages may not function properly.

You are recommended to upgrade to a newer version or switch to a different browser. A list of the web browsers that we support can be found here