CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
Bright obtains the certificate of member appointment for Electronic Engineering National Standards Technical Committees by Bureau of Standards, Metrology and Inspection (BSMI), Cybersecurity Committee Member at SEMI Taiwan, qualified instructor of cyber
governance for the Taiwan Corporate Governance Association and Taiwan Academy of Banking and Finance.
In 2023, Bright wins the ISC2 Global Achievement Award - Mid-Career (APAC)、ISC2 Taipei Chapter Ambassador and to obtain the certificate of SCRUM Master.
He have written over thirty articles for Commercial Times (Taiwan, in Chinese) and Bloomberg Businessweek Chinese (China, in Chinese), particularly for SEMI Blogs / Standards Watch, EETimes, and the ISSA Journal.
Being a cybersecurity assessment consultant, Bright integrates IT and factory cybersecurity based on multiple cybersecurity standards, such as the NIST Cybersecurity Framework (CSF) and IEC/ISA 62443. he would expect himself to build a bridge between cyber risk management, information security management system (ISMS), and information security governance (ISG) based on cybersecurity standards.
Recent Publications :
#
The current discussion on international cybersecurity standards tends to focus more on posture than maturity. This talk will take some examples to explain the difference between posture and maturity. Based on our third-party review experiences on NIST Cybersecurity Framework, the differences between IT and risk management views are examined. In addition, due to the implementation of NIST Cybersecurity Framework by SEMI Taiwan, its implication to semiconductor industry will be updated.
#
International cybersecurity standards have drawn great attention from high-technology industry, particularly automotive electronics in a post-covid period. However, business logic behind those standards are little unknown. In the past, top management thinks cyberseurity standards only as an international certificate. The current and emerging trends of cyber resilience, cybersecurity standards cover both functional and organizational purposes of cybersecurity. This talk will share insight on organizational resources for standard implementation by taking IEC/ISA 62443 as an example.