CrossWise InfoTech Limited

Tag: 數位化轉型

  • Know Yourself and Know Your Enemy: Enterprises Need Cybersecurity Audits to Combat Online Fraud

    Know Yourself and Know Your Enemy: Enterprises Need Cybersecurity Audits to Combat Online Fraud

    The founder of CrossWise InfoTech Limited as full member of HKCS, recently attended an online seminar titled “Let’s Secure as we Digitalise”, jointly organised by the HKDPO, co-organised by the CSTCB/HKPF, supported by the HKCS. During the event, professionals from each participating organisation shared real-life cyberfraud cases and practical countermeasures from their respective areas of expertise.

    Cyberfraud has been a persistent issue in Hong Kong in recent years, with victims losing increasingly large sums of money — a trend that many readers are likely already aware of. The reason this seminar was named “Let’s Secure as we Digitalise” is that frequent fraud incidents can significantly affect businesses, especially small and medium-sized enterprises (SMEs), that are planning or undergoing digital transformation. These scams may even hinder the government’s broader efforts to promote digitalisation across society.

    However, a seminar is just the beginning. For enterprises that are considering or have already embarked on the path of digital transformation, taking the first step towards cyber fraud prevention is crucial. In reality, however, many business owners struggle to identify exactly what that first step should be.

    From the perspective of CrossWise InfoTech’s founder, the answer lies in the ancient wisdom of Sun Tzu’s “Art of War“: “Know yourself and know your enemy, and you will never be in peril.

    Since we are already aware of the various fraud tactics used online, it makes sense to evaluate whether our own defences are strong enough.

    Therefore, the right first step is to conduct a cybersecurity audit — a comprehensive assessment of an enterprise’s cyber defence capabilities based on industry standards. Through such an audit, companies can identify the risks they face in daily operations, with particular focus on areas most vulnerable to cyberfraud or other cyber threats. Based on the audit findings, and taking into account the company’s risk tolerance and financial resources, appropriate cybersecurity management measures can be designed and implemented, along with necessary technical safeguards.

    CrossWise InfoTech Limited offers customised cybersecurity audit services tailored specifically for SMEs and organisations across different sectors. Leveraging the founder’s extensive experience in enterprise IT governance and threat response, we provide actionable and effective recommendations to help clients strengthen their cyber resilience.

    At its core, cybersecurity is a battlefield of attack and defence. Thus, age-old military wisdom like that found in Sun Tzu’s “Art of War” remains highly relevant today. Both cybersecurity professionals and business leaders would benefit from reflecting deeply on these timeless strategies.

    • HKDPO: Hong Kong Digital Policy Office
    • CSTCB/HKPF: Cyber Security and Technology Crime Bureau (CSTCB) of Hong Kong Police Force (HKPF)
    • HKCERT: Hong Kong Computer Emergency Response Team Coordination Centre by HKPC
    • HKCS: Hong Kong Computer Society

    Photo of this article is shot by CrossWise InfoTech Limited.

  • The First Question in Implementing AI: Cloud AI or On-Premises AI?

    The First Question in Implementing AI: Cloud AI or On-Premises AI?

    The founder of CrossWise InfoTech Limited, as a full member of the Hong Kong Computer Society (HKCS), recently participated in an offline seminar hosted by HKCS titled “Retail Tech Industry Group Seminar – Unlocking AI with Proven Use Cases.”

    The topic discussed at the seminar was highly relevant and appealing to SMEs: leveraging AI technology can significantly boost productivity without increasing headcount.

    Having previously served as the IT Director of a large enterprise group, the founder of CrossWise InfoTech Limited is well-versed in using IT to enhance operational efficiency. Therefore, we strongly believes that appropriate adoption of AI can bring even greater productivity gains than conventional IT solutions.

    However, any decision must be made from a multi-dimensional perspective. For SMEs, the primary consideration has always been — and will always remain:

    Cost-effectiveness.

    If the investment does not justify the return, then talk about AI implementation or digital transformation becomes meaningless.

    Therefore, when potential returns are uncertain, how to effectively control the cost of adopting AI while ensuring the business keeps up with technological trends—without overextending and becoming a casualty—is a key dilemma for business owners.

    Deploying AI on-premises requires purchasing and setting up AI all-in-one servers, costing anywhere from tens of thousands to over one hundred thousand Hong Kong dollars. More importantly, businesses must have a suitable environment to house these machines for stable operation. In a space-constrained city like Hong Kong, this is often a major challenge. Fortunately, electricity costs remain relatively low.

    On the other hand, cloud-based AI services are typically charged per “token.” Since this is a technical term, and different languages, word choices, sentence structures, and even particles can affect token consumption, CrossWise recommends estimating costs assuming 1 Chinese character equals 1 token.

    For standard use cases that do not involve complex computations or analysis, the cost is actually very affordable. Processing one million Chinese characters costs approximately HKD 35 — roughly equivalent to a two-dish lunch set.

    Of course, some business owners may wonder: one million Chinese characters sounds like a lot, but how long would that really last?

    The answer depends entirely on the specific use case. If AI is used internally for non-text-intensive operations, based on CrossWise’s experience, each transaction typically generates around 5,000 characters of data. One million characters could therefore support around 200 transactions.

    From this perspective, the cloud-based AI services clearly offers better value.

    However, for text-intensive operations, each transaction may generate at least 20,000 characters — four times more than non-text-heavy processes. In this case, one million characters would only cover around 50 transactions. The good news is that such operations usually command higher fees, helping to offset the costs.

    Taking the above calculations into account, along with the challenges associated with on-premises deployment, it becomes clear that for SMEs in Hong Kong, the preferred option for AI implementation remains cloud-based AI services.

    Yet, implementing AI involves more than just calculating operating costs. There are also hidden expenses such as process automation reconstruction, integration with existing systems, and more.

    Even more overlooked by many business owners is what CrossWise will explore in our next article:

    Data compliance and privacy protection.

    * Article photo is shot by CrossWise.

  • How to Ensure the Delivery of IT Projects as the Project Lead?

    How to Ensure the Delivery of IT Projects as the Project Lead?

    In the process of enterprise informatization and digital transformation, various types of IT projects are required. Some project leads may think that since the contract is signed, if the delivery is unsatisfactory, they can simply execute the contract, withhold the final payment, or even claim compensation, believing there will be no loss.

    However, in reality, in the competitive market, delays in project delivery, or even failure to deliver, cannot be simply compensated by withholding contract payments or claiming compensation.

    Time is the most valuable resource. The business world is like a battlefield; being one step ahead means staying ahead, while being one step behind means lagging behind. Delayed or failed project delivery equates to falling behind competitors. Whether starting over or increasing investment to catch up, it cannot compensate for the competitive disadvantage.

    Therefore, as the project lead, after confirming the supplier and starting the project construction, it is essential to proactively follow up on the project progress, anticipate and eliminate project risks, and study and resolve project obstacles, thereby pushing the supplier forward rather than being driven by the supplier.

    The most crucial management approach is to assign dedicated personnel with specific responsibilities.

    However, most project leads, especially small and medium-sized enterprises (SMEs), do not have the conditions to assign dedicated personnel with specific responsibilities. Therefore, an experienced IT consulting services company that understands the practical implementation of information technology and can take on the role of project construction, such as our company, CrossWise InfoTech Limited, should be a consideration for project leads.

    * Article photo is shot by CrossWise.