(ISC)2 Singapore Chapter MOU Signing with AISG on 28 April March 2021:


(ISC)² Singapore Chapter has signed an MoU with AISG to plus-skill our cybersecurity professionals in AI literacy and proficiency. This partnership will see us offering a series of AI webinars/seminars and clinics to help both members. We hope to build up a pool of AI savvy cyber professionals who will make a mark in the industry. Let us join our hands to combat cyber threats with game-changing innovation.

Special appreciation to our President Victor Yeo and AI SG Mr Laurence Liew for gracing the occasion and our Event Lead Louis Sin who has orchestrated the event setup. Our heartfelt thanks to the host AI Singapore for providing the nice venue and facilities. Finally, to all those who have helped in one way or another to make this a successful start of our journey. Stay tuned for more upcoming activities.

(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #03 on 18 March 2021:

Webinar Topic: Demystifying Digital Forensic Incident Response (DFIR) Service During COVID-19 Pandemic

Speaker: Chua Zong Fu

Data breaches happen every day and Adversary will not be resting on their laurels during COVID-19 period.

The webinar begins by introducing 6 phases of incident response and its variations across different international recognised standards such as NIST, SANS & ISO.

Zongfu echoed similar sentiments and challenges of fellow DFIR industry partners that COVID-19 have been consistently push the envelope of Incident Responders' reactions and force their business to revolutionise new ways of engagement delivery especially onsite evidence gathering and preservation may not be possible due to restriction of safe management measures

As an alternative measure, Zongfu describes the importance of exploring remote DFIR services and what organizations need to do prepare their environments for remote digital forensics and virtual incident response coupled with proper runbook or playbook so that security operations staff will be able to carry out tasks at ease during immerse pressure moment. Hence, checklist and automation are the key to the success!

Even in a non-COVID-19 era, Incident Responders are already facing many challenges due to the wide range of security vendors (ie. EDRs, SIEMs) procured by their clients. All the logs must parsed into a common event format in order to facilitate investigation and detailed analysis.

In his presentation, Zongfu has illustrated several real-life use cases and application of forensic & analysis tools (ie. SIFT, KAPE, Encase, ELK, Azure Sentinel & etc) which are utilised heavily by his team members. All presented examples and incidents described have been anonymised to maintain & protect privacy.

Through the survey feedback, many participants appreciate the practicality of use cases over what has taken place, what was carried out, how and why did it happened. I believed its a good learning lesson for me as it is for all of you.

 Thank you to our guest speaker, Mr Chua Zongfu and fellow members for the participation. Join us for the next “Learning Never Stops” event brought to you by (ISC)² Singapore Chapter!

(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #02 on 24 Feb 2021:

Webinar Topic :Democratizing External Cyber Threat Intelligence

Speaker: Alon Arvatz

What an incredible couple of days into Year of OX as we usher our first ever "Ox-spicious webinar" with Mr. Alon Arvatz, Co-Founder and Chief Products & Strategy Officer of Intsights, hosted by Mr. Anthony Lim, Director Advocate, ExCo 2020 – 2021 of (ISC)² Singapore Chapter. Arvatz shared his thought leadership in External Cyber Threat Intelligence on market trends and complications in the marketplace, challenges organizations face today, and key considerations and recommendations for organizations to adopt an effective External Cyber Threat Intelligence.

According to Arvatz, there are misconceptions about the usage, adoption and understanding of Threat Intelligence. He spoke about the "confusing marketplace" as many information security vendors featuring the term “Threat Intelligence” on their websites. He addressed several common misunderstandings such as equating Indicators of Compromise (IoCs) with Threat Intelligence. It’s paramount to have a different mindset by gaining perspectives from an attacker’s point-of-view.

Like most users, the Internet is what we experience through social media, news channels, mobile applications, emails and web browsers every day. However, there are a large number of expansive services which operates in the background and the “web” as most users know it, is just one part of a much bigger ecosystem. Differences between Clear Web vs. Deep Web vs. Dark Web were clearly articulated.

He advised that organizations and cyber security professionals need to have a clear distinction between “Data”, “Information” and “Intelligence”; that we should strive to deliver “Intelligence” which provides more relevancy, instead of "Data" and "Information". Rather than just providing actionable intelligence, we should also be looking at providing remediation and response, by performing “take downs”. These take downs can be categorized into 2 approaches.

  1. External e.g. taking down malicious contents - phishing sites, fake mobile apps, GitHub codes etc.
  2. Internal e.g. connecting to security devices to remove threats - resetting passwords etc.

Arvatz ended his presentation by underlining the importance visualization and UX design to provide instant understanding of threats, maximize investment value, reduce overheads on security operations teams, as well as a live demo on several use cases.

Lots of questions from webinar attendees during Q&A and Alon Arvatz responded with ease and shared his experiences and point of views on how Intsights had revolutionized the cybersecurity operations with its external threat protection platform, collaborating with cyber security vendors, registrars etc.

Before we wrapped up our session, we re-visited some key takeaway messages with a fun and entertaining Kahoot Quiz Challenge.

Congratulations to all quiz winners! We will be in touch with the prizes sponsored by Intsights.

Thank you to our special guest speaker, Alon Arvatz of Intsights, sponsors, members and friends for your continuous support and making our first cyber security conference of the year 2021 an unforgettable and memorable event.

Join us for the next “Learning Never Stops” event brought to you by (ISC)² Singapore Chapter!

(ISC)2 Singapore Chapter LearningNeverStops Virtual Sharing #01 on 20 Jan 2021:

Webinar Topic :Adopting a Zero-Trust Approach in your Security Organisation in the midst of COVID-19 and SoloriGate

Speaker: Aloysius Cheang