Elaine Hung is a senior vice president in Kroll's Cyber Risk practice, based in Hong Kong.
Elaine Hung is a senior vice president in Kroll's Cyber Risk practice, based in Hong Kong.

Elaine Hung

Senior Vice President

Elaine Hung is a senior vice president in the Cyber Risk practice, based in the Hong Kong office. She has over nine years of experience in security and risk assessment. Her key areas of expertise include digital forensics and incident response, machine learning in cyber security, web and mobile penetration tests, red team exercises, and supervisory control and data acquisition (SCADA) security assessments.

Prior to joining Kroll, Elaine was Security Operation Center lead at Natixis, a global investment bank. She was the lead incident responder and assisted the bank throughout the entire incident lifecycle, from containment to eradication and remediation. She led the team conducting forensic acquisition and analysis, malware analysis and provided the IT teams with practical remediation plans. She also built worldwide machine learning detection capabilities by optimizing the application of endpoint detection and response, user and entity behavior analytics, etc.. to the bank’s environment. During this time, she was elected as one of the speakers for BSides Singapore 2020 to educate the audience on how to build their machine learning model for detection monitoring.

Elaine was the technical lead at KPMG from 2013 to 2018, where she led and performed a wide range of technical cyber security services, such as digital forensics and incident response, compromise assessment, malware reverse engineering, red and purple team attack simulations and SCADA security assessments. She has assisted organizations across diverse sectors, including leading banks, oil and gas companies and Fortune 500 conglomerates. She played a pivotal role in establishing KPMG China’s Incident Response practice.

Elaine began her career with DBS Bank as a security engineer. She has extensive expertise in managing network security devices, penetration tests and security information and event management (SIEM).

She holds a BBA in economics and information systems from The Hong Kong University of Science and Technology. She is a Certified Information System Auditor (CISA), a Certified Information Systems Security Professional (CISSP) and a Checkpoint Certified Security Administrator (CCSA). Additionally, Elaine holds the following GIAC certifications: Certified Penetration Tester (GPEN), Exploit Researcher and Advanced Penetration Tester (GXPN), Certified Forensic Analyst (GCFA) and Certified Forensic Examiner (GCFE). Elaine is also an Offensive Security Certified Professional (OSCP) and Splunk Core Certified User. She also holds the AWS Certified Security certification and QualysGuard Certified Specialist – Vulnerability Management certification. Elaine is fluent in English, Mandarin and Cantonese.

Hung /en/our-team/elaine-hung /-/media/kroll/images/headshots/vice-presidents/elaine-hung.jpg people {E39587AD-8F0B-4FE2-865F-969BC5501096}{44969BA1-47AB-4BE6-BC0C-6EE0232385DF}{7A48DD95-1A63-4784-842F-A2BE81EAFE13}{7EC13A8A-F86F-4AEB-8B10-1EE5D7371F2D}{2F9D4938-E5F0-4F9C-9A20-C4A5DCF79130}{A3E80394-4BDC-4E1D-8266-0653FE885E69}{34183564-0FD0-4B23-83DD-F39E7A73B28B}{0D8F5BE3-DF68-470D-ADFF-536F0505BF20} {6B18A490-2227-426A-A1D0-3836822E90EB}

Stay Ahead with Kroll

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Incident Response and Litigation Support

Kroll’s elite security leaders deliver rapid responses for over 3,200 incidents per year and have the resources and expertise to support the entire incident lifecycle.

Computer Forensics

Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.

Kroll Responder

Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.

Cyber Risk Retainers

Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.

Ransomware Preparedness Assessment

Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.

Data Breach Notification Letters

Kroll will work with your team to implement a personalized, plain-language notification letter that provides pertinent information and maintains message control.

System Assessments and Testing

Kroll’s field-proven cyber security assessment and testing solutions help identify, evaluate and prioritize risks to people, data, operations and technologies worldwide.

See all insightsExplore insights
Webcast Replay

Q4 2021 Threat Landscape Virtual Briefing: Software Exploits Abound

Feb 25, 2022


Q1 2022 Threat Landscape: Threat Actors Target Email for Access and Extortion

May 18, 2022

by Laurie IaconoKeith Wojcieszek George Glass

M&A Advisory

Global Software Sector Update – Spring 2022

May 18, 2022

by Karan  KapoorSamir HusseinRory O'SullivanNicolas DepardieuPhilipp BoseMihail IvanovRobert A.  Bartell, CFAScott MunroNicholas CollinsDaniel TaranovskyEfraim Chalamish

Cyber Risk

Cyber Extortion Gets Personal– The Next Step in Email Compromises

May 13, 2022

by Christopher BallodJaycee Roth