Yung Wei (Wayne) Tang is a partner in the Risk Assurance group of PricewaterhouseCoopers Taiwan practice. Wayne is an information systems specialist with over 15 years’ experience in a range of industries, including financial service, manufacturing, engineering and semi-conductor. Moreover, He has experience on the cybersecurity consultant and cybersecurity operation because he was the CISO of one of the foreign bank in Taiwan. He assists in leading the Cybersecurity & Privacy practice and also Forensic Technology Service in Taiwan.
Wayne started with PwC Taiwan performing audits on systems and process assurance in 2009.01 to 2016.05, and he also involves project related to cybersecurity and ERP implementation. Wayne joined DBS Bank and acted as the CISO from 2016.06 to 2018.05. He also took a place in bank association to draft many cybersecurity regulation reform in that period. Wayne returns to PwC Taiwan on 2018.06 and assists in leading the Cybersecurity & Privacy practice and also Forensic Technology Service in Taiwan.
Key Experiences:Led several cybersecurity maturity assessment project for retail industry and financial industry (using NIST-CSF / FFIEC standard / Taiwan local regulation), Led several cybersecurity incident response cases and assist the client to discover the root cause and to harden the environment,Led several cybersecurity technical assessment project (vulnerability scan / penetration test / network package analysis / firewall rule analysis / malware analysis / configuration baseline analysis / APP + IoT Security Testing Registered Report Signatory), Led several cybersecurity compliance assessment project (e-banking / IoT device / Mobile Application / Cloud Security / Biometric Security / Social Media Security / BYOD Security /ATM Security / API Security / Interface Security / Secure SDLC)
Areas of Expertise:Forensic service / Cybersecurity / IT regulatory compliance / Internal control optimization / Internal audit services
Relevant Qualifications: CISSP / CISA / EC-Council CEH / EC-Council LPT / EC-Council ECSA / EC-Council CHFI / LPIC Level 3 Linux Security / SAP FI Solution Consultant / SAP BASIS Solution Consultant / Blockchain Council CBE
By sharing the structure and content of NIST SP 800-128, I expect to assist audience in searching the management possibilities for cloud and ground energy compliance in the technological environment where emerging technologies emerge. I woud like to apply the new version of ISO 27001 (ISO 27001:2022) as a starting point to help the audience understand how NIST SP 800-128 can be used to fulfill the change of the standards. The new version of ISO 27001 has put more emphasis on configuration management, but most companies are unable to effectively practice configuration management. Finally, through the sharing of industry cases, the audience can have a concrete understanding of management practices.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。