Cyber Security Coordinators (CSC) are nominated and empowered by the management of their respective departments / offices / units for collaborating with ITSC to coordinate the implementation of cybersecurity measures at their units. While the obvious goal is to attain and maintain a healthy level of cybersecurity for the entire University, the exact roles and responsibilities of Cyber Security Coordinators can be evolving with the development of the current cybersecurity threats.
ITSC Cybersecurity Academy is mainly for Cyber Security Coordinators (CSC), and/or IT Staff like system administrators, application developers, etc, to keep their knowledge up-to-date and equip them with appropriate IT skillsets, so that they can fulfil their Roles & Responsibilities. The mission is to develop cybersecurity expertise among CSC in appreciation of the critical role they play in protecting HKUST system and data. The programme is designed to include the followings :
Cybersecurity Updates
Latest information on our Cybersecurity Services, Cybersecurity Incident Sharing, new Cybersecurity trends, etc will be dispatched to CSC through the following channels.
- Regular Cybersecurity Refreshment Briefing / Workshop
- CSC Mailing List
- Direct Email to CSC on departmental basis
| BRIEFING / WORKSHOP | DATE OFFERED |
| Cybersecurity refreshment briefing | 14 Nov 2018 |
| Cybersecurity refreshment briefing and update of KPMG audit results | 24 Oct 2017 |
| Briefing session for arrangement of enforcing 2FA for staff members | 20, 24 Jul 2017 |
| KPMG Briefing Session for Web Application Penetration Test | 16 Jun 2017 |
| Cybersecurity Trends and Latest Updates in HKUST for Administrators | 18, 24 May 2017 |
| Briefing on Duo Two-Factor Authentication (2FA) | 20 Dec 2016 |
| Cybersecurity refreshment briefing for CSC - Audit Review | 13, 18 Oct 2016 |
| Cybersecurity refreshment briefing for CSC - data protection | 11, 17 May 2016 |
| Introducing System protection tools for server administrators | 12, 18 Apr 2016 |
| Security Policy, Risk Assessment and Minimum Security Standard | 9, 16 Dec 2015 |
- Details on upcoming events can be found here.
On attending this kind of briefing / workshop, a Certificate of Attendance will be issued to the participants for their record.
Professional Training
Cybersecurity training will be organized for CSC annually to keep their skillsets to a certain standard.
| CORE COURSE | EXPECTED AUDIENCE | DATE OFFERED |
| Minimum Security Standards for Applications and Secure Software Development Lifecycle | Application developer, software programmer, project manger, etc | 5 Dec 2018 PM |
| Cybersecurity Introduction | All | 23 Nov 2018 |
| Personal Data Privacy by PCPD & VPABO/ISO | All | 10 Jul, 18 Oct 2018 |
| Cybersecurity Introduction | All | 20 Nov, 8 Dec 2017 |
| Securing Windows Server 2016 | System administrator, system manager, etc |
22-26 May 2017 5-9 Jun 2017 10-14 Jul 2017 24-28 Jul 2017 |
| Administering the Web Server (IIS) Role of Windows Server | System administrator, system manager, etc |
19-23 Jun 2017 7-11 Aug 2017 |
| Minimum Security Standards for Applications and Secure Software Development Lifecycle | Application developer, software programmer, project manger, etc | 27 Apr 2017 |
| Linux and Windows Server Security | System administrator, system manager, etc | 6 Apr 2017 |
| Protecting Personal Data Privacy in University Administration | All | 24 Feb 2017 |
| Cyber Security - Protect Your Computer, Your Account and Your Mobile | All | 27 Oct, 15 Nov 2016 |
| Introducing Minimum Security Standards for Applications and Secure Software Development Lifecycle | Application developer, software programmer, project manger, etc | 14, 26 Apr 2016 |
| Linux and Windows Server Security I | System administrator, system manager, etc | 13, 20 Jan 2016 |
| Data Protection in IT Management | All | 20 Jan 2016 |
| Protecting Personal Data Privacy in University Administration | All | 20 Jan 2016 |
- Details on past events can be found here.
On attending this kind of professional training, a Certificate of Completion will be issued to the participants showing the CSC has completed the training course in that particular area.
Central IT Support and Consultation
ITSC offers different infrastructure and cybersecurity services to support departments. CSC can always contact ITSC to seek advice and consultation on any cybersecurity issues.
Continuing Professional Development (CPD) Unit
Starting in 2016, CSC on attending the above briefing, workshop, training, etc will earn CPD units. (1 CPD unit = 1 hour). ITSC will keep record on the number of CPD attained for each CSC. By accumulating a certain number of CPD units, together with assessment, ITSC will issue a Certificate of Achievement to the CSC to show his / her cybersecurity skillsets reached a certain high level of standard. Our hope is that CSC will gain and maintain an information security mindset, employing cybersecurity best practices in their work and fully utilizing the many security resources provided by us.