Skip to Content

Web Content Display Web Content Display

Web Content Display Web Content Display

Singapore's Professional Registry for Infocomm Professionals

Know it, Use it, Share it

Movers & Shakers

Gain Insights from the industry's Best and Brightest

Ever wonder how the leaders of the Infocomm industry got where they are today? Watch this space and hear from the luminaries themselves what inspired them to join the Infocomm industry and what inspired them to join the Infocomm industry and what continues to drive them to excel.

David Koh

DAVID KOH

Chief Executive, Cyber Security Agency of Singapore (CSA)
Member, SCS Honorary Advisory Council

Cybersecurity is not all doom and gloom. 

There are many opportunities to learn and grow in various specialisations – from incident response and digital forensics to threat analysis and governance.

   

 It has been three years since CSA was formed. How has the local cybersecurity landscape changed since then?

 

The landscape has changed quite dramatically. In recent years, cybersecurity threats are getting more sophisticated and disruptive. We have seen how these attacks caused major disruptions, such as the Wannacry ransomware attack in 2017, and the attacks on power grids in Ukraine in 2016 and 2017 that resulted in power outages. Today, cybersecurity has become a topic of concern because many are seeing the massive disruptions that cyber-attacks can cause.

 

 

   

How has this shaped CSA’s work?

 

 

A key focus for CSA is to build up cybersecurity defences for our essential services. 

 

One of the ways to do so is by strengthening our cybersecurity governance and legislative framework. We introduced Singapore’s Cybersecurity Act which is an important piece of legislation to empower us to work with Critical Information Infrastructure (CII) owners to put in place pre-emptive measures and to respond expediently to cybersecurity incidents. The Act was passed in February 2018. 

 

 

   

In Singapore’s push towards digitalisation and becoming a Smart Nation, what role does cybersecurity play?

 

IAs Singapore pursues our Smart Nation aspiration, our use of and reliance on technology will only increase. These will inadvertently expand our attack surface, exposing ourselves to greater cyber risks.

 

Emil Tan

Emil Tan

Member, SCS
Assistant Manager, Cyber Security
Management, Infocomm Media
Development Authority (IMDA)

 

Like everything else, it all comes down to passion in cybersecurity. 

Recent cybersecurity incidents such as WannaCry ransomware and the cyber-attacks on four Singapore universities in April underscore the importance of a forward looking and strong cybersecurity community in our increasingly digitally connected world. 

   

What are your views about cybersecurity gaining interest among the media and the public recently?

 

Cybersecurity is not something new. But much has changed in the past 10 years – not so much the specialisation, but the way people perceive it. For example, while we continue to hold strong to the mantra (1) protect, (2) detect, (3) response and (4) recover; governments, organisations and even the man on the streets have come to recognise cybersecurity as a backbone to empower progress today. Particularly, it is encouraging to see greater awareness in cybersecurity among everyday users.

 

   

How have these perceptions impacted the growth of the industry?

 

We see a growing number of aspiring cybersecurity professionals. But, because they join the industry thinking that they will be fighting hackers every day, they are likely to drop out once the initial excitement wears off and realisation sets in that the job can be rather process driven. 

 
   

Then how did you become so passionate about cybersecurity?

 

 For me, my love for cybersecurity can be traced back to my polytechnic days. I enjoyed many modules in my course and was hungry to learn more. This led me to engage with special interest groups, which provided interaction opportunities with industry professionals. I also gained first-hand experience during my polytechnic and university internships. These exposures cemented my understanding of the industry and seeded my passion to specialise in the field.

 

Thought Leadership

Stay Ahead at the Cutting Edge

Wondering what is the next wave of changes or breakthroughs in the ever-dynamic Infocomm industry. Get the first-hand insights and knowledge from leading companies and thought leaders and stay ahead!

Steven Sim

It is a given that our technology landscape will be different tomorrow. And while there is no one foolproof way to future-proof our ports, I am quietly confident that as long as the industry continues to embrace the same cybersecurity principles, the future will be bright.

 

Driverless vehicles transporting cargo containers, automated loading and unloading operations, and drones making inspections and deliveries is not a port scene out of a science fiction film, it is how our ports tomorrow would look like. But such a wide scale adoption of the Internet of Things (IoT) brings security loopholes – both physical and technological. How then can we secure our ports for the future?

 

RECOGNISE LURKING THREATS

As the transformation blueprint of PSA, Container Port 4.0™ (CP4.0™)2 unfolds, IoT is expected to play a prominent role alongside other emerging technologies like blockchain and machine learning. In addition, its promise of being self-configurable, adjustable, self-optimising-and-healing, suggests increasing emphasis and reliance on IoT in the future.

 

ADOPT A SECURITY-BY-DESIGN APPROACH

These challenges evidence the importance of adopting a Security-byDesign (SbD) approach. For instance, through conducting vulnerability assessments and penetration tests, risky security backdoors can be uncovered and defences can be put in place to mitigate exposure and security risks. This was the methodology PSA adopted when trialling a vendor’s automated guided vehicles (AGVs), which led to the discovery of undeclared security backdoors serious enough to warrant vulnerability disclosures to the United States Computer Emergency Readiness Team (US-CERT).

 

PRIORITISE SECURITY

For SbD to be effective at the corporate level, it has to be supported by three key underlying principles. First, it must be aligned to the risk deemed acceptable by the organisation. A profit-driven company should not only integrate cybersecurity into its strategy to get ahead, but also make an effort to fully appreciate its role as a business enabler. Second, the principle of least privilege should be observed by conferring user privileges based on necessity. This ensures minimum network exposure. 

 

 Security
 Security-by-Design
Dr Melvyn Kuan, Benedict Chong

As Singapore continues our drive towards becoming a Smart Nation, digitalisation is expected to permeate every aspect of our business environment and everyday life. In tandem, we need to have a vibrant cybersecurity ecosystem that is made up of professionals with requisite skills to protect our cyberspace.

 

ESTABLISHING A SKILLS FRAMEWORK FOR CYBERSECURITY

 

In 2017, CSA, together with SkillsFuture Singapore (SSG), Workforce Singapore (WSG) and the Infocomm Media Development Authority (IMDA), launched the Skills Framework for Infocomm Technology (ICT) to help individuals, employers and training providers promote ICT mastery and lifelong learning. The cybersecurity track of the Skills Framework was co-developed by CSA with IMDA. The cybersecurity track was developed with reference to internationally-recognised standards and represents Singapore’s perspective of the skill sets required for the profession. The Framework will be reviewed and updated periodically to ensure its continued relevance to the evolving industry trends.

 

ATTRACTING TALENTS INTO THE CYBERSECURITY INDUSTRY

To provide opportunities for fresh and mid- career professionals in adjacent disciplines, such as ICT or STEM (Science, Technology, Engineering and Mathematics), to take on cybersecurity job roles, CSA partnered IMDA to launch the Cyber Security Associates and Technologists (CSAT) programme in 2016. By collaborating with companies which are CSAT Training Partners, the programme trains and upskills professionals for cybersecurity job roles. Trainees will have the opportunity to undergo structured on-the-job training programmes identi ed by CSAT Training Partners. There are currently nine companies on board the CSAT programme.

 

RAISING PROFESSIONAL STANDARDS

Continuous skills deepening and raising industry standards to align with internationally-recognised benchmarks are key to enhancing the quality of the cybersecurity ecosystem. This is why CSA actively seeks internationally-recognised certi cations as benchmarks for critical cybersecurity competencies. 

 

 

 Smart Nation
 Cybersecurity

 

TRENDS

Technology Revolution, Empowerment 'N' Development Series

Engage your contemporaries on the newest developments! Listen to industry stalwarts and leading technical experts and get first-hand insights and knowledge of the next trending scene in the ever-dynamic Infocomm industry.

Huang Shao Fei

How to Survive (and Do Well) in the CISO Hot Seat

Since the time the Chief Information Security Officer (CISO) role emerged in the late 1990s, the job has become vastly more demanding and complex than ever before.

 

Expectations for the modern CISO today have long gone beyond traditional aspects of IT governance, and risk and compliance. Oftentimes, CISO are also required to interpret the Board’s business goals and translate them to practicable risk-balanced implementations that empower achievement of strategic and operational excellence outside the purview of IT domains. Question is, against the backdrop of this demanding landscape, how can CISOs stay relevant?

 

GET THE PRIORITIES RIGHT

To do well in the competitive, resource- tight business environment, the CISO’s ability to balance corporate risks based on specific business needs and prioritising IT security needs is key in ensuring that IT security budgets are targeted, relevant and sustainable.

 

ADD VALUE TO THE BUSINESS

CISOs often play a pivotal role in bridging the gap between traditional IT departments and the rest of the business. It is therefore important that CISOs have a good understanding of how they can value-add to the business at large while enabling innovation and advancing operational efficiency.

 

BE THERE FOR YOUR PEOPLE

There is no doubt about it – the cybersecurity landscape will be different one year from now (if not sooner), and every other year as well. Thus, rather than drafting policies behind closed office doors, it is more critical for CISOs to be proactive in leading their staff through changes, and “walking the talk” alongside them to solve challenges.


 

 

 

  Tech@Edge

 

 

  Technology Features

Enterprise Architecture

 

Enterprise Architecture

Survey & Resources

A Plethora of Resources

Access insightful surveys and analytical reports to better understand the local ICT landscape.

5 traits of a Great Company Culture

 

 

Industry Surveys

Industry News

Are we learning enough new skill
 

 

Talent Showcase

Driving the brightest ideas in town

Looking for a marketplace spotlighting the best student IT projects and potential networks to link up with investors? Here could be the next virtual Silicon Valley transforming breakthrough ideas into useful products or services.

Time to get your innovation engine started!

Splash Awards Winners Rise Up to the Drone Challenge

The SCS Splash Awards 2017 is back with its 14th edition. This year, in conjunction with the celebration of the SCS 50th Anniversary finale event, the competition was aptly themed “Drone Challenge”.

All in the spirit of creativity, leveling up tech savviness and honing problem-solving skills, this agship event – one of the longest running student infocomm competitions in Singapore – attracted close to 300 student participants from local and international Institutes of Higher Learning, Institutes of Technical Education, Junior Colleges and Secondary Schools.

 

In this instalment, the competition provided an opportunity for students to dabble in new technology using codable drones.

 

 

Splash Awards 2018 Champion Teams

 
 
 
 
Team CCJ
 
 
 
Team Mimibot

SCS Splash Awards

Splash Awards 2018
Splash Awards 2017

Gallery

IT Professionals at Work and Play

Missed an event? View the highlights of the events here and be sure to join us at the next upcoming event!

Strengthening Resilience with Business Continuity Management

“Leveraging BCM for Preparedness and Industry Transformation”

 

Cyber threats, data breaches, unplanned outages and security incidents threaten business continuity. To ensure effective mitigation and quick recovery, there is great demand for T-shaped infocomm talent well-versed in the principles of Business Continuity Management (BCM).

 

Aptly, the 10th annual conference of SCS Business Continuity (BC) Chapter on 10 April 2018 was themed: “Leveraging BCM for Preparedness and Industry Transformation”. The topic reinforced the importance of levelling up the industry’s state of preparedness and boosting corporate resilience in support of industry transformation. Besides featuring eminent speakers from both public and private sectors, the conference also saw the active engagement of over 130 BC practitioners, cloud professionals, risk managers and C-suite executives.

Past Events

SCS 50 Drone Experience

 

 

 

 

 

 

 

 

Web Content Display Web Content Display