Early this month, Communications and Information Minister, Yaacob Ibrahim said in an interview that Singapore is short of cybersecurity experts and many young people prefer going to the banking and financial industries instead of a back end job.
Is Singapore really short of cybersecurity experts?
As a cyber security professional myself, i cannot say that i fully agree with the minister on this. First and foremost, the number of students over the years taking up security courses be it from government institutions or private schools are increasing. The number of graduates from schools that offered these courses are also increasing. From a private education perspectives, every year thousands of students graduated from Kaplan, SMF, Informatics, MDIS, PSB Academy, SIM...and many more. These are just some of the many private schools that offer courses involving IT and Cyber Security. So definitely, there are many security graduates...but the question is..where are they?
Singapore Poly Graduates got 3rd in HITB CTF Competition (Kuala Lumpur)
Realizing it or not,there were students who participated and got 3rd in the CTF competition in Kuala Lumpur back in 2012. (Yes i was there to witness them) There were many teams from Vietnam, Japan, Netherlands and many more and to have our local lads getting the 3rd place is an achievement worth noticing. So yes, i would say the schools are doing it right, exposing to such real life competitions to understand the way of the hack. A proud achievement to both the poly students and Singapore security community as well.
Source: http://tinyurl.com/mbwe8tw
Is it Not Sexy?
The minister stated that young people do not find the job 'sexy'. On the contrary, people who have work in the security field especially the ones who do the dirty work (not the paper pushers) be it in support, operations and engineering know very well that a career in the security industry is a very very SEXY job! Whenever i type commands in Linux or Unix terminals, it just feels right. Whenever somebody manage to hack or defend, the feeling is orgasmic! Whenever someone manage to troubleshoot and found the root cause of an issue, it feels awesome! Those who dont feel that way are the ones who work for the sake of work. To be in a security field, one needs to have passion and interest..especially dedication...
How to move forward?
The question is, what then should the government do to entice people into taking up career in security? In my opinion, the government should start with organizing conferences to the public. Interest of a subject starts from young and if they attended such conference, who knows that event will change their mindset and start their journey to be a security professional. I got interested in hacking when i saw the movie 'Wargames' and 'Operation Takedown' not to mention 'Hackers' starring the spicy Angelina Jolie.
The ministry of defense should also publicize advertisements about cyber warriors protecting Singapore. With all the advertisement about the military defending the land, sea and air..isnt it time for an advertisement about cyber military defending the cyber space?
Government should also organize cyber security competitions such as Hacking competitions or Forensic competitions. Many of these potential hackers are hungry to test out systems and servers in the internet but most of them have to be calm and contain their urge because its illegal to scan or penetrate a system without permission! Recently Symantec organized 2 CTF events which greatly benefit the potential hackers to showcase their skills and talents. The recent one which was held in Suntec this year was opened to public and many people participated from different companies. Some were professionals from overseas and the winners were locals. This goes to show that Singapore has indeed a pool of talented individuals in the security community. If the government encourage such competitions, not only would they benefit the interests of the people into security, the government can also recruit these talented individuals and provide them scholarships to study or a position to work in a security related position.
Is it difficult to organize a Cyber Forensic Competition?
ReplyDeleteHi lee7, not really. There have been many Cyber Forensic competition held online and offline. You can see one organized by SANS in the link below: http://pen-testing.sans.org/holiday-challenge/2013
DeleteAll it takes is a simulation of the hacking incident, saved the events in a PCAP file and let people analyze it.
Another one here organized annually by DC: https://cybersecuritychallenge.org.uk/digital-forensics-challenge-2013.php
Thanks. I have to find a partner to co-organise this in Singapore then.
DeleteWhat is your nature of business? Perhaps i can give a tip or two on how this.
DeleteI am from a education provider offering such a degree course.
ReplyDeleteDo you have a linkedIn page? Perhaps we can connect and discuss about this further. (if you are interested that is.)
DeleteMy comment of 12 March was deleted ("This comment has been removed by a blog administrator."). If my comment violated some terms and conditions of using the site, please provide a reference to those terms and conditions. If not, and my comment was deleted only because I expressed disagreement with the blog author, then it would be helpful to state publicly that such disagreement is not allowed. Thank you.
ReplyDeletei preferred if your comment was not filled with sarcasm and hostility. i appreciate feedbacks but if you start off by insulting the author with sarcastic remarks then it is in my interest and right to remove it especially when one comments through anonymity. Please be respectful for i wished nothing but a healthy discussion. Thank you.
ReplyDelete