(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #11 on 8 Dec 2020:
The insightful webinar on "Unclouding" Cloud Security" with a Hacking Demo was conducted by Mr Hiren Shah, who has more than 29 years of experience in IT Governance, IT Risk, Enterprise Architecture, Information security and was recognized as one of the Top 100 CIOs in India while he worked with Crisil Ltd. in one of his earlier role.
Mr Hiren shared very practical and real scenarios and learnings from his own experiences on Cloud migrations and on key aspects of Cloud security which many times are not done correctly and leave behind vulnerabilities giving chance to hackers to exploit.
A lot of topics were covered and included how focus is needed from correct configurations within IAM & Infrastructure security, to VAPT and Data security requirements.
A demo highlighted how a hacker can exploit to mobilize within the environment and gain privileged access to the root account.
Overall an insightful session with great takeaways, and a lot of positive feedback from attendees.
(ISC)2 Singapore Chapter 8th Annual General Meeting on 11 Nov 2020:
Chapter's 8th AGM was conducted successfully on 11th Nov 2020, initiated by a knowledge sharing session, followed by President's opening remarks and updates provided by each of the departments, including Membership, Treasury, Partnerships, Events, Communications and Ecosystem.
Pre-Event: Sharing on Physical Security "Red Teaming 101" by member, Mr Dex Yuan 8:00 pm -8:20 pm
AGM event successfully completed the Agenda as follows
1. Confirmation of 7th (ISC)2 Singapore Chapter AGM Minutes
2. President’s Message
3. Treasurer’s Report
4. Election of Auditors
5. E-voting/ Election of Exco for 2020-2021
Followed by announcement of Top Volunteers Recognition and the New Exco announcement for the term 2020-2021. The elected volunteers as part of Executive committee and Sub-committee would work towards continued value add to the chapter and members by keeping up the pace with the advancement in technology and bringing quality security events to the members.
(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #10 on 24 Sep 2020:
IBM/ViewQwest Co-hosted Partner Webinar - "End-To-End Security for your Remote Work Force - Strategies and Best Practices"
With an enormous increase in cyber-attacks since the pandemic started, it is critical for organizations to ensure that the right solutions are securing your data, network and databases.
To ensure business continuity, IT & network teams have to quickly address issues such as device security, identity and access management, protection of sensitive corporate resources, while ensuring a friction-less user experience such as easy on-boarding, single sign-on, and flexible multi-factor authentication.
This ViewQwest and IBM interactive session discussed upon the Strategies and Best Practices to address these challenges with a suite of solutions for United Endpoint Management (UEM) and Identity and Access Management (IAM) to secure your Remote Work force seamlessly and cost-effectively.
Strategies and Best Practices to Secure your Remote WorkForce
Edwin Lee, Group Head of Corporate Technology, ViewQwestIdentity and Access Management: A Zero Trust Approach
Shaibal Saha, APAC Digital Trust Leader, IBM
(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #9 on 16 Sep 2020:
The webinar on "Blockchain & Cryptocurrency: Risks vs Benefits" helped to understand the key benefits of blockchain, and the varied risks experienced by people dabbling in blockchain and cryptocurrency and answered questions like: Should you use blockchain for your company and should you look into cryptocurrencies?
The webinar was conducted by the speaker: Vijay Luiz , who works as a cybersecurity manager at PwC.
(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #8 on 18 Aug 2020:
Many of the products that we are connected to, are not built with security in mind and can become easy targets for the cyber criminals. This includes the smart devices we work with every day, web applications, software applications and even embedded firmware. At times, some of these vulnerable products could open additional attack surfaces if they are deployed in an organization.
Hence, it is increasingly essential to embrace product security in all aspects of products’ lifecycle, from design, development to support and maintenance, to be more secure.
While this is so, implementing product security comes along with challenges and the speaker, Cyril Tan shared his learning journey of doing so in this webinar titled: "Challenges to Product Security!"
(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #7 on 4 Aug 2020:
The webinar on "Its Time to Quantify Cyber Risk Exposure" was an insightful webinar focused on importance and ways to employ to quantify cyber risk. Our very enthusiastic and the 1st Women speaker Dr Magda Chelly took around 60 participants through a journey with case scenarios and practical implementation of cyber risk quantification. There were great reviews received as part of event survey.
(ISC)2 Singapore Chapter LearningNeverStops Sharing #6 on 21 Jul 2020:
The virtual session on IT-OT Cybersecurity Masterclass" Event was a huge success with very positive survey results and more than 50 participants. Very insightful session with a lot of participants actively engaged as was reflected by the Q& A session. We thank the event Speaker Mr Anthony Lim to volunteer to share his in-depth knowledge! The session was presented by Mr Lim with so much passion and the energy was infectious. Besides sharing various OT case studies, Mr Lim highlighted the Cybersecurity considerations for Operational technology. With a very clear and in-depth definition, we are sure our participants would have a great take-away on what is OT, difference between OT and IoT, IT Convergence for Building Control systems and how the risk on Critical Infrastructure is real, with many attacks that have occurred in the last 10 years including Stuxnet, Nitro, WannaCry and more.
Mr Anthony Lim shared insights upon various best practices and security guidelines, standards that can be used for OT/ICS Security, as well as the countermeasures. Overall a great session!
(ISC)2 Singapore Chapter LearningNeverStops Sharing #5 on 14 Jul 2020:
The virtual session on "Build a Virtual Home Lab for Penetration Testing" attracted more than 50 participants.
During the 1 hour session, Mr Philip Kwa shared insights on what TTAB is and how can it help (ISC)2 members by working together as a community partner. Mr Kwa gave a demo on usage of Kali Linux and various associated tools, along with the security considerations that one must keep in mind while trying hands at ethical hacking.
He also addressed various interesting questions raised by our participants during the Q&A session.
The slides presented for all our sessions is available for members to refer/download at our Events -> Event Presentation Slides link.
(ISC)2 Singapore Chapter LearningNeverStops Sharing #4 on 18 Jun 2020:
We were privileged to have an esteemed Speaker Mr Keyaan J Williams for the virtual event "Cyber Leadership & Strategies for effective CISOs" on 18th Jun 2020. This was the fourth webinar in the Q2 2020 since we started following social distancing norms during COVID-19 pandemic.
During the 1 hour session, Keyaan shared insights on topics like the right metrics for cybersecurity, the categories of metrics that tell a meaningful story to the business, why does presenting data over time matter, and how do we use metrics to justify your budget request; and also explained the right use of security metrics by a practical example.
He also addressed various interesting questions raised by our participants during the Q&A session.
The slides presented for all our sessions is available for members to refer/download at our Events -> Event Presentation Slides link.
(ISC)2 Singapore Chapter LearningNeverStops Sharing #3 on 5 Jun 2020
Continuing with online events, while we are facing COVID-19 situation; we had yet another great eventful session to bring benefit to our Chapter members. On 5th Jun 2020, we had the privilege to have with us, representatives from NCL (National Cybersecurity Services) and we had a 2 hour insightful session where we learnt about the computing resources and experimentation environments & application services that NCL provides, including OT/IoT testbed and expanding their coverage to all latest technologies including Blockchain.
The event started with a brief on the overview of NCL and it's setup in Singapore, followed by their Pentest Lab demo. It was amazing to know their infrastructure spans with a cluster of 300 nodes that provides a wide range of provisioning mechanisms, security data and security services. NCL aims to provide a platform that fosters and encourages collaboration among researchers in academia, government bodies and the industry. Since 2015, NCL is funded by National Research Foundation (NRF) with the primary objective to serve academic R&D communities who are looking to trial and experiment their innovative applications and/or services. They have since extended to government agencies and private sector capitalizing on their success in the academia.
Very interesting to get all the information, for instance, the testbed also supports the setup of virtual OT networks that simulate actual OT systems (eg. Power systems)
We had an insightful Q&A session and we also got to know the association that NCL has with helping enthusiast students who plan to prepare for their lab exams, and have the opportunity to use NCL labs for their practice. The setups, provide realistic training & education. Customisable setup is provided, according to individual needs and the services have various advantages eg. remotely accessible, highly configurable etc.
(ISC)2 Singapore Chapter invested to buy the paid version of Zoom, so that we could have longer lab & sharing sessions, such as this one without the time constraint that is accompanied in free versions. Also, we promote security and members online security is our first priority.
Hope you all enjoyed the session. Stay tuned, as we have one more session lined up for June! See you all there!
(ISC)2 Singapore Chapter LearningNeverStops Sharing #2 on 13 May 2020
Today, 13th May 2020, we had a Learning session arranged over Zoom, the topic being "Threat Hunting with Data Science"
It was great having Zhi Hou sharing his experience and insights on the topic, including various interesting use cases! To access Zhi Hou's presentation slides please click on the link:Threat Hunting with Data Science_ISC2 May 2020.pdf (For Chapter Member Only)
The session started with the 4 V's of Big Data - Volume, Velocity, Variety and Veracity, moving over to understand the impact of Bigdata in Cyber-security Space and the solution to successful threat hunting, when it is combined with Data Science.
After covering Introduction on Machine Learning, the most interesting section to many was applying ML techniques to various use cases! The technical deep-dive on various techniques, and how to bring everything together was very insightful.
It was our 2nd attempt at online sharing today, we are moving towards a better user experience with each attempt. We are aware that the time limit on Zoom is strictly 1 hour, and will address that in our subsequent meeting.
Nonetheless, we hope all participants would have had some good takeaways from the knowledge sharing session.
We thank all participants, and are very encouraged by your participation. We had 91 registrants - the highest turnout at our zoom session thus far. Hope to break that record at Sharing #3.
(ISC)2 Singapore Chapter LearningNeverStops Sharing #1 on 23 Apr 2020
"Good to Have or Must Have Cyber Insurance?"
The Speaker was none other than the Head of Cyber solutions, Risk from AON - Mr Andrew Mahony.
It was quite an interactive session with an active participation from all members who joined in. Cyber Insurance Policies were discussed in details and various insights were provided.
Overall, members really enjoyed the session, and we look forward to arrange more such sessions & covering wider variety of topics and all relevant to the current times.
(ISC)2 Singapore Chapter 2020 Lo Hei @ YMCA on 23 Jan 2020
Click here for the presentation slides presented ISC2 Singapore 2020 Lo Hei.pdf
(ISC)2 Singapore Chapter 7th AGM @ YMCA on 31 Oct 2019
We successfully conducted our Chapter's 7th AGM on 31 Oct 2019, a good turn out that night. The evening started with our associate member Efion from Ten Ten recruitment firm sharing the "do and don't" in job interview, what hirer are looking for and the cyber security job landscape (we will insert his slides later).
With our quorum met, we started our AGM proper, various exco directors shared the year achievements and activities. The financial year account were passed and approval was given by members to make changes to our constitution clauses; adjustment needed by ROS and for better administration.
We then presented appreciation plagues to the outgoing exco volunteers and outstanding events volunteers; Louis Hin, Manoj and Vincent Gan.
We then concluded the night with Freddy, nomination committee rep, announcing the next term elected exco.
Last but not least, we thanks Matthias Yeo for his leadership, with his lead over the last 2 years many things were done; the chapter membership has grown further, we organised the Secure Singapore 2019, we implemented a new Chapter portal and we won the (ISC)2 Regional Chapter Award from (ISC)2 Global. We wish Matthias, all the best in his future endeavours with APAC (ISC)2 committee, we are sure he will volunteer when we call upon his assistance.
The new EXCO will have their new inaugural meeting in 2 weeks. If you are keen to volunteer your help to the exco, do reach out to any of our chapters directors.
We are a community, we can only be great with your participation!
Till we meet again defenders.
(ISC)2 Member Reception @ Ritz-Carlton on 12 July 2019
(ISC)2 Singapore Members Reception was held at ritz carlton. Singapore have more than 2000 certified professionals, largest in the region. It was great to see the huge turnout at the event. Our board members shared many new (ISC)2 initiatives; the professional development online courses that members can sign-up for free. The local Chapter Exco presented their new online initiatives and shared the many activities they organised. Members also raised many issues of interest; Cyber for OT, CISO training, possible Security Congress and APAC office in Singapore etc - Great exchanges. Our collective participation will allow us to do more. Join and volunteer with (ISC)2 Singapore Chapter.
(ISC)2 APAC Secure Summit - Day 2 Coverage
Day 2 of Secure Summit APAC 2019.
Plenary and more excellent presentations by our Singapore members.
Singapore Chapter bought the (ISC)2 Garfield Cyber Educational Kits for our outreach activities to young school children. Volunteers can loan these kits for their activity.
A great 2 days of learning, and an appropriate ending with drinks and view of HK skyline.
(ISC)2 APAC Secure Summit - Day 1 Coverage
Day 1 of Secure Summit APAC 2019. Great Keynotes, Tech Presentations, Member Meetup with (ISC)2 Board and Management. Proud to see so many Singapore Chapter members presenting at the event.
Posted by communications on 7 July 2019
ISC2 Singapore Chapter had a fun filled bowling and fellowship Friday night at Superbowl on 5 July 2019
Securing and Surviving the DevOps Trend for Security Professionals - Mar 2019
ISC2 Singapore Chapter proudly hosted a Knowledge-sharing and Networking session on 27 March 2019 on the topic “Securing and Surviving the DevOps Trend for Security Professionals”
Presented by DevSecOps professionals – Lucas Kauffman from EY and Fabian Lim from Government Technology Agency of Singapore (GovTech), the session engaged the participants on the various frameworks, approaches, tools, leading practices and case studies that agile-driven organisations have embarked to integrate security into the DevOps practices in the era of Digital transformation and disruption.
The session started with Lucas providing a recap on the concepts of Waterfall, Agile and DevOps, the need for DevSecOps and typical challenges that organisations face in the DevSecOps journey. The speaker then provided a case study on tacking the challenges of people, process and technology and how a future-state DevSecOps would look like.
Fabian continued with his views on the diary of a typical DevSecOps engineer and how DevSecOps is akin to Cyber Krav Maga. The speaker then
shared the modus operandi of DevSecOps projects and his learnings from
NECTAR container workshop. It was known that Fabian was also a contributor to the book “Epic Failures in DevSecOps”.
The presentations from both the speakers clearly emphasised that stakeholder management, cultural change and creating a safe fail environment are the key critical success factors in the journey to DevSecOps.
The session concluded with many intriguing questions raised by the participants such as the maturity of DevSecOps, the challenges in skill-sets of people, approach to perform security testing, typical tools used and many more.
ISC2 would like to thank our speakers – Lucas and Fabian and participants for making this event a great success.
We are pleased to invite you to another (ISC)2 Singapore Chapter members’ Knowledge-sharing and Networking session that is happening this month.
Transforming the Security Stack with Moving Target Defense: Toward Cybersecurity as a Business Enabler
Today’s CISO is a business leader as much as a technical leader. This session defines 5 key challenges CISOs face today and articulates how strategies based on Moving Target Defense can shift the landscape to prevent advanced threats and reduce risk levels while enabling business transformation. It looks closely at the concepts and technologies that define Moving Target Defense and unpacks how this new, disruptive security model enables security teams to prevent a larger volume of advanced threats and unknown attacks, effectively and efficiently.
1. Understanding the importance of security and architectural design patterns to enable business transformation rather than control it. Where moving target defense can support this
2. Trends in advanced attacks and exploits and how moving target defense aligns with these trends.
3. A technical explanation of moving target defense and how it works from a deterministic threat prevention standpoint
4. Ways to protect against the ‘unknown unknowns’ and against future attacks using moving target defense.
5. How moving target defense can be used to reduce risk without increasing security and IT complexity.
When: 22 May 2019, – Wednesday
Where: Seminar Room 2.15, SMU School of Law, 55 Armenian Street, 179943, Singapore.
This is a chapter professional development event thus 2 CPE hours will be available.
The event access code has been shared to your (ISC)2 Singapore Chapter registered email.
Registration Link: Transforming the Security Stack with Moving Target Defense
Note: (ISC)2 members from Singapore are not members of (ISC)2 Singapore Chapter by default. Please ensure that you have signed up separately with the Singapore Chapter at www.isc2chapter.sg
Ordinary Member: $50/- year
Associate Member (Non-credential holders): $30/- year
Student Member: $10/- year
All prices are in Singapore dollars.
Jayakumar (Jay) Kurup – Technical Director – APAC Region
Jay has more than 15 years of experience in the cyber-security space.
Prior to Morphisec, Jay had worked with companies like Checkpoint and TrendMicro, providing Architectural and Consultancy services to major accounts in India.
Jay is based out of India and holds a Bachelor’s degree from Mumbai University.
Eyal Rozen – Sales Director – APAC Region
An experienced Sales and Business Development manager, well familiar with the Security and Cyber arenas.
Eyal’s experience includes 10 years of working in Asian countries such as Singapore, Japan, HK, Thailand, Korea, China and more.
His resume includes companies such as Verint, in which he worked for nearly 9 years, managing Sales and Delivery groups, Convergys, a fortune 500 US-based company and others. Eyal holds both an Israeli and US citizenship and has a Bachelor’s degree from the Haifa University in Israel.
The (ISC)2 Singapore Chapter (www.isc2chapter.sg) conducted a Cyber Security Awareness Talk for over 1300 “NCZen” students, teachers and staff of Nan Chiau High School (NCHS) in collaboration with the Cyber Security Agency of Singapore (CSA) Cyber Security Awareness Alliance. Nan Chiau High School has an Infocomm Technology Vision for their NCZens to be future-ready & responsible digital learners.
It was bright and early on 27th March 2019, 8am, during the NCHS Morning Assembly that Mr. Paolo Miranda, CISSP & Partnership Director of (ISC)2 Singapore Chapter, gave a Cyber Security Awareness Talk for Teenagers using contextualized examples from (ISC)2 Safe & Secure Online (www.iamcybersafe.org), CSA Gosafeonline (www.csa.gov.sg/gosafeonline) and his professional experience, all in the short span of 30 minutes. Laughter filled the air as these “digital natives” found out about the age limits of popular social media apps. Several questions were raised on how the NCZens use the Internet and on the different dangers that lurk in their mobile apps, emails, websites, social media, games, chatrooms, Internet of Things (IoT) and other places online. Mr. Miranda asked the NCZens to think of their computers and digital devices as their homes and their data as their valuable belongings in order to make cyber security concepts easier to remember. How they protect their homes and valuables with locks, keys, gates, monitors and alarms should be similar to the way they protect their data, computers and mobile devices.
Mr. Miranda was also assisted by Quiz Master Mr. Garion Kong, Events Director of (ISC)2 Singapore Chapter, who asked tough cyber questions for NCZens to win cool prizes from NCHS and (ISC)2 Singapore Chapter. There was one smart student hacker who quickly cracked the encrypted password and everyone gave him a resounding round of applause! The NCZen Cyber Security Ambassadors also helped out during the quiz and handed out the prizes to those who gave the correct answers. The NCHS Cyber Security Ambassadors were given awards on the same day for their dedication in promoting Cyber Security Wellness in their schools.
The NCZens enjoyed and learned a lot from the (ISC)2 Singapore Chapter’s Cyber Security Awareness Talk and hopefully more students and teachers will be able to learn how to be cyber safe and secure online.
About (ISC)2 Singapore Chapter
The (ISC)2 Singapore Chapter provides its members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security.Filed under Outreach, Seminars| Tagged Nan Chiau High, outreach, paolo, school, seminar| Comment
The (ISC)² Information Security Leadership Awards (ISLA) Asia-Pacific Program is coming!
Nominate Your Peers Today
The ISLA Asia-Pacific program is held annually by (ISC)² in cooperation with the (ISC)² Asia-Pacific Advisory Council to recognize outstanding leadership and achievements in workforce improvement and foster public awareness of cyber, information, software and infrastructure security professionals, educators and management throughout the Asia-Pacific region.
More information check it here.
Nomination deadline: 31 Mar 2019Filed under Awards, Conference, Networking| Tagged ISLA| Comment
To usher in the new year and bring prosperity, goodwill and cheer to all members (ISC)2 Singapore Chapter is pleased to organize the annual Chinese New Year Lo Hei dinner event. This is yet another golden opportunity for members to gather and catch-up with one another. Come join us, network and usher in a new year. Huat Ah!
Where and When:
Venue: YMCA of Singapore, 1 Orchard Road, Singapore 238824;
Date: 13th February 2019, Wednesday;
Time: 6:30pm (1830 hrs)
Registration and Networking:
To register, please visit: https://www.eventbrite.sg/e/isc2-chapter-members-chinese-new-year-lo-hei-event-tickets-55746793159#tickets.
Please use the access code/password which was sent to your (ISC)2 Singapore Chapter registered e-mail addresses.
Tickets: – Free for (ISC)2 Singapore Chapter members
6.30pm – 7.00pm – Registration and Networking
7.00pm – 7.15pm – Short speech by chapter president
7.15pm – 10.00pm – Lo Hei Yusheng Platter followed by Dinner Buffet and Networking
This is a social event thus no CPE hours will be available.
See you all there!
Drop a message to communications@ isc2chapter.sg and/or events@ isc2chapter.sg if you have any inquiries.Filed under Lo Hei, Networking, News, Uncategorized| Comment