Steven Wong, associate professor and program director,SIT, and president of AiSP, speaking at Computerworld Singapore Security Summit 2017.
Cybersecurity is finally getting the attention it deserves, as cyberattacks increase in number, get more complex, and do more damage than before.
Steven Wong, associate professor and program director, Singapore Institute of Technology (SIT), and president of the Association of Information Security Professionals (AiSP), shares his thoughts with Computerworld Singapore on the state of cybersecurity in Singapore. He also highlighted the importance of inculcating good cybersecurity habits since young, and having skilled cybersecurity specialists to combat cyberthreats.
Computerworld Singapore: The WannaCry ransomware attacks recently made a lot of headlines globally. What are your thoughts on WannaCry?
Steven Wong: The scale of the recent WannaCry attack was not something we've experienced in the past. The rate of expansion was worrying. Ransomware attacks usually keep their targets small because it is more difficult to trace, but WannaCry was a large-scale attack. This attack is a wakeup call for many professionals in the industry, especially for IT/security teams that have limited time and resources.
In general, how ready is Singapore to deal with cyber threats?
Steven Wong: Singapore is not doing too badly, although it is difficult to rank. The WannaCry ransomware did affect us, but if gives me some comfort knowing that we are in good hands, as a lot of measures are being taken to ensure that we are wary of cyberthreats.
For example, organisations are educating their employees on cybersecurity. Even students are given training and classes on cybersecurity in schools to raise awareness. That is good for a start, as it shows that Singapore is not taking this topic for granted.
Why is it important to teach young people about cybersecurity?
Steven Wong: [Today's] young kids and teenagers are very digital savvy, but many of them may not realise the extent of cybersecurity vulnerabilities that are part of the digital equipments they are using such as mobile phones and laptops.
If they have the mindset to secure their devices [such as by using passwords or patching] since young, it becomes a habit. Eventually, through education, they will be aware of cyberthreats, and can do more to prevent further damage to their devices when they face a cyberattack.
They will no longer need reminders to protect their devices. They will also be cautious and proactively report cyberattacks when they happen. This will help [lighten the workload of] cybersecurity professionals and perhaps enable security teams to better trace hackers behind cyberattacks.
In your keynote at the Computerworld Singapore Security Summit, you mentioned that it is necessary to have the right cybersecurity specialist within an organisation. Why do you think so, and what can organisations do to protect themselves against future attacks?
Steven Wong: A lot of IT professionals in organisations can deal with the technical aspects such as fixing random computer systems, but they don't know how to mitigate a cyber attack.
Sign up for CIO Asia eNewsletters.