Michael Pang Managing Director Michael is a managing director with over 20 years’ experience. He is the IT consulting practice leader for Protiviti Hong Kong and Mainland China. His experience covers cybersecurity, data privacy protection, IT strategy, IT organisation transformation, IT risk, post-merger integration and operation improvement. Before joining Protiviti, Michael has taken key consulting roles at Boston Consulting Group, A.T. Kearney and Kodak Services for Business. Major projects Led a large number of security assessment and audits for ISO 27001, PCI DSS and NIST cybersecurity framework Assisted many HK and US listed companies in assessing and improving the cybersecurity and IT security governance Led a number of financial institutions (including asset management firm and insurance firms) for IT security compliance projects Advised multiple international hospitality and hotel groups on cybersecurity protection, security incident respond and data privacy issues Advised the China subsidiary of an international coffee brand on the security assessment and remediation effort, including the establishing of the security operations Led a number of data privacy impact assessment projects for IT system implementation for various departments of the Hong Kong Government Led a large number of technical security assessment exercise, including penetration test, vulnerability scan, phishing testing and source code review Led a number of audit and advisory projects helping clients in establishing risk management function as well as managing risks (especially technology risks) Experience in helping a number of banking and insurance firm in IT transformation as well as information protection/security Led the overall IT audit effort for 2 universities in Hong Kong on data security/privacy, IT governance and operational effectiveness Conducted a number of public speaking, awareness training and corporate educations on cybersecurity and IT security topics Areas of expertise Cybersecurity Data privacy Technology risk and IT audit IT strategy Industry expertise Banking and Insurance Public Sector Retail Education Bachelor of Engineering & Bachelor of Science - University of Melbourne, Australia Master of Business Administration - New York University Professional memberships and certifications ITIL Foundation Certified Information Systems Auditor (CISA) Project Management Professional (PMP)