THE
SOCIETY
ISSUE two 2015 The Magazine of the Singapore Computer Society
Securing the Enterprise
Security
MCI (P) 198/07/2015
03 Plugging the cyber security hole
06 ensuring the security of the digital enterprise
MOVE FAST WITHOUT BREAKING THINGS Learn how to increase velocity of innovation while mitigating SDLC risks Download the white paper at http://ser.so/mfwbt
To know more, visit us at www.serena.com youtube.com/serenasoftware facebook.com/serena.software
twitter.com/serenasoftware linkedin.com/company/serena-software
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
1
EDITOR’S MESSAGE
Securing the enterprise Tan Teng Cheong Editor Senior Member, SCS tengcheong.tan@scs.org.sg
A
lthough it may not be obvious to the casual end user, Enterprise IT departments today are facing an evergrowing and never-ending onslaught of new and existing forms of security threats. Users, whether authorised or not, are introducing physical threats to datacentres and networks, as well as threats to software applications and even malicious software. As a society for IT professionals, we at SCS do not just cover topics that have already gone mainstream, but take the lead in going deep into serious and often classified topics such as “Securing the Enterprise”.
Another SCS Member, Dr Steven Wong from Singapore Institute of Technology, elaborates on how the Internet of Things (IoT) might heighten the security threat to your enterprise. As well, we share the reasons the winners of our inaugural Best Tech Companies to Work For awards were picked, and new insights gleaned from our latest Infocomm Survey done last year.
For this issue, we have collated some good and thought-provoking articles from our contributors for your education and entertainment.
Additionally, as we recently revised our Vision and Mission statements for the Society, we will present these to you.
Senior SCS Member Freddy Tan from Singtel reveals the latest threats to information security and offers advice on how to deal with these. Philip Kwa and Yum Shoen Liang, both Senior Members from our Infocomm Security Special Interest Group, explain why they think people are often the weakest link for an enterprise’s cyber security.
Happy reading — and remember — share this magazine with as many other people as possible.
Editor Tan Teng Cheong
Editorial Support Leong Hoi Lan
Contributing Writers Chong Chee Wah Philip Kwa Suren Rastogi Freddy Tan Tommy Tien Dr Steven Wong John Yong Yum Shoen Liang
Advertising Sales & Admin Leong Hoi Lan For ad sales enquiries, Tel: 6226 2567 ext 12 Email: hoilan.leong@scs.org.sg Mailing Address 53 Neil Road Singapore 088891
Columnist Chandra Sekar Veerappan Contributing Photographer Foo Ce Wei
Email scs.secretariat@scs.org.sg Editorial & Design Oculus Design Pte Ltd
It has been produced with lots of heart and hard work. Bring it to your office and leave it in your reception area for someone else to enjoy.
Feedback We value your feedback on this magazine. Simply email scs.secretariat@scs.org.sg with your comments to help us produce an even more interesting and relevant magazine for you in subsequent issues. You are welcome to submit articles for consideration of inclusion.
The IT Society is the official publication of the Singapore Computer Society. Any part of this publication may be reproduced as long as credit is given to the publisher, Singapore Computer Society. The views expressed herein do not necessarily reflect the views of the Society.
For advertising enquiries, please call 6226 2567 or email scs.secretariat@scs.org.sg.
Attribution-Noncommercial-Share Alike 3.0
CONTENTS REGULAR 01 Editor’s Message: Securing The Enterprise
05
THOUGHT LEADERSHIP 03 Plugging the Cyber Security Hole 04 Collision of Enterprise Security and the Internet of Things (IoT) 06 Ensuring the Security of the Digital Enterprise PEOPLE 08 Following That Dream 09 Watching Over The Nation’s Cyber Security PROFESSIONAL DEVELOPMENT 10 Start A New SIG Today! 11 It’s All About People 13 Fewer ICT Professionals Planning to Leave Industry 14 Steer Your Career with SCS Professional Certifications! HAPPENINGS 16 Newly Co-Opted Executive Council Members for 2015/2016 17 Five Secrets To Building A Successful Career 18 Reviewing Our Reason for Being 19 Jubilant Team IHIS Wins SCS Bowling Tournament 2015 20 Calendar of Events THE LITE SIDE 20 SCS Quiz
09
11
19
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
3
THOUGHT LEADERSHIP
Plugging the Cyber Security Hole What are the latest threats to information security and how should we deal with them? Freddy Tan advises. Freddy Tan
Senior Member, SCS Director, Security Division, Singtel
T
he volume and speed of attacks on computer systems have increased significantly. Just last year alone, organisations such as Sony lost a massive amount of data to attackers, and more than 145 million eBay users were affected by a massive hack of its systems. The European Central Bank had personal data stolen, and a SingPass vulnerability resulted in 1,500 user IDs and passwords accessed. Millions of computers are interconnected through the Internet, and companies run on more complex networks and use virtualisation, cloud computing and mobility technologies – all of which introduce security vulnerabilities.
Complex Threats
Cyber attackers intent on stealing corporate data and state secrets fall into three groups: those stealing intellectual property and confidential corporate data; those with political motivations stealing intelligence from governments; and those seeking fame. One of the biggest cyber security challenges for the region is advanced persistent threats (APT). Southeast Asian companies regularly attract the interest of cyber spies and criminals looking to steal information about the region’s growing industry sectors— energy, telecommunications, high-tech, transportation, and finance. According to the 2014 Threat Report by FireEye subsidiary, Mandiant, attackers remained undetected on victims’ networks for a median period of 205 days in 2014, down marginally from 229 days in 2013. Furthermore, 69% of organisations was only alerted to the attacks by an external party. Today’s attacks utilise the latest zero-day vulnerabilities, commercial quality toolkits,
and social engineering techniques, such as blending polymorphism and personalisation that appear unknown to signature-based tools and seem authentic enough to bypass spam filters and fool victims.
should have certified ICT professionals, industry-accredited processes, and security operations facilities to effectively detect, deter and mitigate any potential damage caused by cyber attacks.
No longer can next-generation firewalls, intrusion prevention systems (IPS), anti-virus (AV), and security gateways alone adequately protect organisations from the new generation of threats that may appear over multiple stages across several threat vectors. Cyber criminals would use a combination of Web, email, and file-based attack vectors in a staged attack, making it harder to be detected.
Operational Security
Regardless of the attack method, cyber criminals can have a costly and damaging effect on business operations, workforce productivity and even your company’s reputation.
Securing Yourself
Today, to ensure sufficient protection against this new generation of attacks, enterprises should adopt next-generation protection, meaning, signature-less, proactive, and in real time. You need a holistic IT security risk management programme that covers the perimeter, network infrastructure, system and application, access control, and have policies in place and educate your staff. Consider multilayer security, with centralised management of worldwide sites, together with critical monitoring and audit checks. Advanced security practices can be expensive and can divert IT resources from other business and operational requirements. As a result, a growing number of organisations are outsourcing their IT security programmes. The security service provider
Running your business operations effectively depends on securing the three key components of day-to-day business: users, data and assets. An integrated approach to security will ensure that your operations and teams can run smoothly.
Securing Your Users
Your staff, customers, partners and suppliers are the users of your IT infrastructure. To protect their access to the Web, cloud, and your network assets, set access rights and levels, and secure their remote access to business applications and online transactions with two-factor authentication (2FA). Secure their mobile devices against potential threats by using Mobile Device Management (MDM) to administer them. Deploy and enforce Bring Your Own Device (BYOD) policies and ensure compliance with them. Align internal processes, organisational structure and employee awareness with security objectives.
Protecting Data
Protect your corporate email and website by having secure email and Web gateways. Safeguard your online servers from Internetbased attacks with Distributed Denial of Service (DDoS) protection solutions. Decide on the level of security needed to protect various data types and then deploy Data Loss Prevention (DLP) to detect the improper use of data.
4
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
THOUGHT LEADERSHIP Keep Your Assets Safe
Deploy Intrusion Prevention against external attacks and unauthorised access and an Application Firewall for application and userbased control within your organisation for the security of critical business functions and transactions. The Security Incidents and Events Monitoring service effectively monitors and correlates your security events, providing insights into your security health posture and logging security events for audit and compliance purposes.
Preemptive Protection
Complement your operational security strategy with an analytical and predictive strategy. Analytical security is about understanding your enemy proactively and being ready to counter attacks any time. Predictive security moves you beyond reacting to threats. Advanced analytics can help to anticipate threats before they materialise. Singtel is working with partners to develop an Asia-Pacific Cyber Security Competency
Centre (ACE), a platform to convene global technology providers, start-ups, research institutions, institutes of higher learning, partners, customers and service providers to invest in the next generation of security capabilities. Having suitable security protection will not only protect your corporate data and credibility, but also maintain that trusted relationship with your customers and ensure business continuity.
Maturity Model
The following table can serve as a structure for organisations to plan for security capabilities. • AWARE You are aware of the importance of guarding against security threats and have put in place all-inclusive solutions to perform multiple security functions such as network firewall, content filtering anti-virus and antispam protection.
• DEFINED You have defined security policy, controls and responsibilities, and have identified point solutions such as web and email gateways to guard against vicious attacks.
• MANAGED You constantly evaluate and update security, with insights from security incidents and events monitoring.
• OPTIMISED You have put in place organisational structures, processes and enforcement monitoring to ensure the utmost confidentiality, integrity and availability of your critical information assets. Risks are monitored 24x7.
Adapted from Executive Networks Media
Collision of Enterprise Security and the Internet of Things (IoT) The Internet of Things (IoT) could be the next big hype in the evolution of the internet and this development might heighten the security threat to your enterprise. Dr Steven Wong explains why. Dr. Steven Wong Member, SCS Associate Professor & Programme Director Singapore Institute of Technology
N
ot long ago, corporate networks were well secured behind perimeter defences such as firewalls and Intrusion Detection Systems. The efficacy of such perimeter security measures has weakened in the last decade with the rapid developments in wireless communications and mobile computing, where boundaries between corporate and personal private networks are increasingly blurred.
This is more evident with the increased adoption of Bring-Your-Own-Devices (BYOD) by many organisations and their allowing employees to work from home. It is not uncommon for people to access their emails or browse their work documents using their personal devices or smartphones at home, therefore any compromises in the user’s home network and personal devices might
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
5
THOUGHT LEADERSHIP This could enable any malware within the watch to start retrieving data from the computer or, worse, allow some malicious software to be installed in the corporate computer that may then spread and compromise the security of other machines in the network.
impact the security of potentially sensitive corporate information. Moreover, dealing with these information security threats is becoming more challenging with the dawn of the Internet-of-Things.
Why IoT Heightens Risk
The vision for IoT is that everyday objects, processes, the environment and people will be interconnected to the internet in the near future. This includes everything from systems for surveillance monitoring, electronic door access control, temperature/lightning, building monitoring, etc, to consumer electronic products such as fridges and kettles. A breach in these IoT devices might potentially cause confidential corporate information to be compromised even if the information is not residing within the same device or network. For example, if a hacker gains access to an internet-enabled surveillance camera at an employee’s home, it may be possible for sensitive corporate information to be recorded and captured by the camera whilst the employee is working on it at home. Similar risks will also be present with the adoption of IoT within the enterprise. Some examples of IoT security risk in businesses include the ability of intruders/hackers to: a) gain unlawful access to offices by overriding the electronic door systems b) jeopardise business operations by manipulating the building infrastructure control systems such as the airconditioning c) unlawful tracking and monitoring of business activities that occur within a competitor’s office premises
d) mining of sensor information from compromised IoT devices to perform big data analysis, thus gaining insights to confidential business operations e) bridging the perimeter defence of the enterprise network through contaminated IoT devices. Even though there seems be many security risks brought about by IoT that might potentially hinder its adoption, a recent report by Tripwire summarising a study involving over 400 IT professionals and 300 CISO, CIO and directors shows that almost 67% of them believes that business efficiencies will force them to adopt IoT devices in the near future. Thus, the security risks associated with IoT will ultimately be a concern for these businesses.
Preparing for IoT
To prepare for this, enterprises could start taking some steps to mitigate these risks. Here are some of the recommendations: 1) Promote greater awareness of information security among employees and encourage them to keep security in mind, not only within an enterprise’s premises, devices or networks, but also with their own personal smart and IoT devices as these could compromise the security of the enterprise. Employees should understand the potential risks associated with the interconnection of personal and corporate devices. For example, some IoT devices such as health/ activity monitoring watches can be charged via USB and an employee could plug a compromised watch into a corporate computer for convenience.
2) Enforce data protection for sensitive information through encryption. This can be data stored in a personal computer or even data aggregated by the various IoT devices. For example, in Windows 8, a folder can be easily encrypted by changing its properties using the following steps (taken from the Microsoft Website): a. Right-click the folder or file you want to decrypt, and then click Properties. b. Click the General tab, and then click Advanced. c. Clear the Encrypted contents to secure data check box, click OK, and then click OK again. 3) Keep updated by tracking papers on best practices by most security organisations and consortiums. An example is the “Security Guidance for Early Adopters of the Internet of Things (IoT)” paper published by the Cloud Security Alliance in April 2015. This document of more than 50 pages provides a good overview of the security risks in IoT and recommends security controls for the adoption of IoT in organisations. 4) Upskill the existing workforce in the knowledge of IoT security through workshops or Continuing Education and Training (CET) programmes offered by various organisations and institutions such as the Singapore Computer Society. Enterprises with limited headcounts and budgets could consider hiring interns from relevant Information Security programmes offered at various institutes of higher learning (such as the Information Security Degree Programme at the Singapore Institute of Technology) to supplement and “refresh” the security know-how of their IT departments. Like all things in Information Security, there is no “silver bullet” to protect against all threats and risks arising from the adoption of the IoT. However, not taking any pre-emptive mitigating measures by assuming that IoT will always remain an unmaterialised hype may not be the wisest choice. In my view, the worlds of Enterprise Security and IoT may already have collided.
6
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
THOUGHT LEADERSHIP
Ensuring the Security of the Digital Enterprise People are often the weakest link for an enterprise’s cyber security.Two of our members offer guidelines on turning this weak link into the company’s strongest defence. Philip Kwa (CITPM)
Senior Member, SCS Chairman, SCS Infocomm Security Special Interest Group
Yum Shoen Liang (CITPM) Senior Member, SCS Secretary, SCS Infocomm Security Special Interest Group
I
n the mid 1990s, less than 5% of businesses in Singapore used infocomm technology (ICT) solutions. Today, many SMEs, their employees and business partners tap “enterprise mobility solutions”, “virtualised infrastructure” and “cloud services”, often without realising it. Many of us share business documents, photographs of projects, and plans in the “cloud”, but say we do not use any cloud services! These services provide cost-effective business environments to manage the company, allowing employees to access company and HR data and services anytime, anywhere. They also offer a convenient and efficient way to transact business. However this heterogeneous ICT environment also opens up more ways for compromising the business. The potential targets and attack surfaces have now increased tremendously as have the technical complexities of cyberattacks. Traditional perimeter defence security techniques are still necessary to provide a level of protection to the intranet, but they are no longer completely effective. A study of Japanese castles will reveal similarities between the techniques used to protect them and the many perimeter defence techniques employed today. Packet inspection, firewall, VPN, bandwidth throttling, defence in depth, honeypots, DMZs, etc, are all techniques found in many Japanese castles such as Osaka Castle, albeit, known by different terms. History shows that these defence systems can be compromised and,
Are you guilty of these? Real-life user behaviour vs cybersecurity. Most of us are diligent about keeping ourselves safe in real life, but what about cybersecurity in the workplace? What we would not do in real life Leave a $8000 diamond ring lying about in public Guard ATM PINS diligently Not sharing spoons while eating Make family matters public
very often, it was the human factor that accounted for this.
Humans, the weakest link
Enterprises today are investing in cybersecurity technology such as Enterprise Mobility Management (EMM) to protect employee privacy and mitigate risks to the enterprise arising from the use of varied devices. However mitigating enterprise security risks is not just about investing in state-of-the-art technologies, but also about adopting practices addressing the human elements, such as user behaviour. According to PwC, 60% of data breaches is attributed to employees and business partners. The 2015 State of SMB Security Report shows that 77% of IT professionals said employees are the single weakest link in their security infrastructure. This is especially true among larger organisations (83%). Another survey, commissioned by Sungard Availability Services, found that employee
What we tend to do at work
Use company notebooks to “chope” a seat at a hawker centre
Write company intranet passwords on blackboards Share thumbdrives without checking if they are compromised Discuss business matters on social media
behaviour, such as being careless with mobile devices and having poor password hygiene, constitutes one of the biggest risks to company cyber security efforts. We will not leave our $8000 diamond ring lying about in public, but think nothing about using a company notebook to “chope” a seat at a hawker centre! We guard our ATM PINS diligently, but write the passwords to our company intranet on the blackboard. We use the same notebooks to access online games, questionable websites, and for business. We will not share spoons when eating, but quite happily share thumb drives without checking if the thumb drives are compromised. Most of us will not talk about family matters in public, but quite happily discuss business matters on social media. Employee education in cybersecurity can reduce cybersecurity risks significantly and it is not expensive to implement.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
7
THOUGHT LEADERSHIP Educating your employees
Security measures add value only when used in harmony. In developing an employee education programme on cybersecurity, companies can follow the stages used to organise security measures:Knowing a THREAT can develop • Threats are anything that can disrupt or have a negative impact on your business. Knowing they exist is a good start for any employee. Let your employees and business partners know they are the weakness link in a cyber attack, but are at the same time, also the best defence. They should know their obligations, the role they play, and actions needed to take to minimise compromise when an attack occurs, or after an attack. Have regular and focused sessions with employees to update them on the different cyber threats. • Give specific instructions on what a strong password is – more than 8 characters, start with numeric, include characters; don’t use your mistress’s name; don’t input it onto your mobile phone; don’t use the same password for social media and your company system; don’t use cyber cafés for business etc. You can write all your different complex passwords in a small book, but secure that book.
• Educate your employees and key business partners on basic security best practices, such as email creation, disposal of assets and shredding of documents, security policies within the organisation, incident response procedures. Detecting an INCIDENT • This is when a security breach has happened in the business process or infected device. A demonstration of what these can look like is useful. • Cyber attacks come in different forms, such as phishing, malware intrusion, social engineering. Train your employees to recognise these and on the ways to handle them.
of reporting INCIDENTS early, so that DAMAGE control can be activated. RECOVERING from such incidents • What are company procedures, especially if you do not have an in-house IT team? What do you require the compromised employee to do? Was it just one business proposal that was compromised or your entire supplier list and costing data? It takes a long time to build up your defences and only a short time for these to crumble if there are weaknesses. The consequence is often catastrophic. It would be naïve to think that only larger companies are targeted.
• Clarify to whom they need to report a breach or attack:— the boss, CIO, CSO or their immediate supervisor? Containing, repairing the DAMAGE • Tell your employees what they should do before and what your company will do when the INCIDENT has occurred. Let them know the company rules on such matters. One US MNC in Singapore fines its employees $20 for every document found on their desks after office hours. Overall, it is best to inculcate a healthy attitude
Cybersecurity: Four stages of employee education Employees – the weakest link and best defence in cyber attacks. Good cybersecurity education is inexpensive, and can significantly reduce risks of attacks. Here are some steps organisations can take to develop robust security measures. STAGE 1
STAGE 3
Educate employees to: - Know their roles and obligations and actions to take to minimise compromise - Keep up-to-date on different cyber security threats through regular focused sessions
Educate employees on: -Handling such incidents - Company regulations - Reporting incidents early for timely damage control
Knowing a threat can develop
STAGE 2
Containing, repairing damage
STAGE 4
Detecting an incident
Recovering
Train employees to recognise and handle: - Phishing - Malware intrusion - Social engineering - etc
Evaluate: - What are the company procedures? - What was the extent of the compromise? - What should the compromised employee do?
Clarify who to report breach to: - CIO, CSO, immediate supervisor?
To connect with the Infocomm Security Special Interest Group and keep track of our activities, please visit www.scs.org.sg/SIG/sig-is.php
8
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
PEOPLE
Following That Dream
The courage to steer his ship out of a safe harbour has landed entrepreneur Chong Chee Wah on exciting new shores.
D
aring to get out of his comfort zone to follow his dreams is what makes Chong Chee Wah the ground-breaking entrepreneur he is today. The founder of TreeBox Solutions, a leading mobile secure communications provider across Asia Pacific, Mr Chong left a well-paid post as Program Manager in DSO National Laboratories’ information security lab and turned down several job offers — including several with five-figure salaries — to pursue his own vision nearly six years ago.
I looked back at my life and achievements. I was about 36 years old then and I could see that my life had gone through major changes every 12 years.”
“If I believe myself to be a ship, I have to sail out to sea. The only way for me to find new land is to lose sight of the harbour that has kept me safe,” Mr Chong explains, adding that reading Brazilian author Paolo Coelho’s book, The Alchemist, which a friend recommended to him, changed his life.
A PSC scholar who holds an Electrical Engineering degree from the National University of Singapore, Mr Chong had been drawn to science, mathematics and computers from young. “I am a strong believer that as engineers, we can create useful and practical solutions for mankind and generate wealth for the country.”
“It resonated with me. The key take-away for me was: as long as I continue to search, I will eventually find it,” he says. Already taken with the idea of change, Mr Chong received a further push to do so when he tuned in to a Channel 8 programme on Singaporeans overseas. On the particular segment he watched, host Belinda Lee interviewed a Singaporean who had given up a huge salary with a foreign bank to undertake social entrepreneurship at the United Nations. His inspiration? The Alchemist.
Life in 12-year Blocks
“I remember telling my wife that this was a sign,” Mr Chong recalls. “The uncertainties out at sea would pose new challenges that would start a new learning curve in my next 12-year block,” he continues. Now 43 years old, Mr Chong explains that he has been living life in 12-year blocks so far. “A twelve-year block coincides with a complete cycle of the Chinese Zodiac. I was born in the year of the Rat, the first animal in the Chinese zodiac. The first major event in my childhood also happened at age 12 – PSLE. After I had been in DSO for 10 years and two with the Ministry of Defence before that,
Mr Chong considers a block of 12 years to be a good time frame for him to refocus and set new targets and goals. “It is long enough for me to execute my intended plans and also enough for me to switch paths to the next cycle,” he points out.
An Engineer at Heart
After graduation, he served at the Ministry of Defence’s Directorate of R&D as a Country Manager, looking at building defence technology relationships with foreign countries. At the end of the two-year posting, he chose to go to DSO National Laboratories to pursue a Defence R&D Engineering. Specialising in Information Security, he stayed on for a decade, during which time he spearheaded many initiatives in enhancements of communications and security. Guidance from “a very good boss and mentor” still resonates with him today.
Returns on Risk Taking
When he decided to leave DSO to start his own venture capital firm, many were shocked, but his bold move has been vindicated. Today, he has added 11 other start-ups to his portfolio, including founding Clearbridge Accelerator, a premier MedTech Incubator in Singapore and a pioneer Incubator under the National Research Foundation’s Technology Incubation Scheme (TIS). TreeBox Solutions, which he founded in 2011, has developed the highly successful secure mobile communications solution,
OnTalk. The app encrypts voice calls, instant messaging, attachments and the mobile content generated on mobile devices. In selecting the start-ups to support, Mr Chong always looks at the founding team or founders. “Technology can change. Business can change. But it is the founders who must have the ability to overcome the challenges and the desire to win,” he points out.
The Next 12 Years
Now that he is more than half-way through his current 12-year phase in life, Mr Chong acknowledges that he has given the next block of years some thought. “I have certain plans I would like to execute. I believe it will be a very different 12 years and I want to experience different things. I would like to help more people,” he divulges. Work aside, Mr Chong devotes as much time as he can spare to his wife and two daughters. “My biggest regret in my entrepreneurship journey is the family time that I have had to sacrifice. … I know that my wife has also made big sacrifices as well. But family bonding time is our top priority. As my younger daughter plays netball, we all enjoy watching netball together with her. That has become one of our favourite family activities.”
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
9
PEOPLE
Watching Over The Nation’s Cyber Security To cyber security veteran John Yong, ensuring Singapore’s cyber security and creating awareness amongst Singaporeans is of the utmost importance.
J
ohn Yong, Director, Infocomm Security Group, Infocomm Development Authority (IDA) of Singapore has devoted 36 years of his career to the field of cyber security. He was recently made a Fellow of the Singapore Computer Society and appointed a member of the Executive Board of Advisors to Information Systems Technology and Design (ISTD), Singapore University of Technology and Design (SUTD). He was also a recipient of the ASEAN CIO/ CSO 2013 Award, which honours outstanding Chief Information and Chief Security Officers in the ASEAN region. Like Singapore, Mr Yong has gone through many hardships before arriving at where he is today. He considers himself the “result of a very good government system”, having benefited from the training that was provided over the years, he explains.
Military led to cyber security path
Joining the military as a regular was what led him onto the path of cyber security. Having an interest in computers and electronics, he was placed in a department tasked with ensuring computer security for the army and making soldiers aware of security risks. Twelve years later, Mr Yong, who had meanwhile attained his Master’s degree in Computer Science from University of Salford in the UK, was transferred to the National Computer Board (NCB), where he had the opportunity to “dive deep into some issues which were never discussed in the commercial space”.
It was the start of the 90s and Singapore was becoming an ‘intelligent’ island with e-communication established between government departments and between the government and citizens.
Entering business objectives into equation
In the mid-90s, after working for about 16 years with the government, Mr Yong went into the private sector to widen his exposure. In the private sector, Mr Yong had the opportunity to practise risk assessment and how to pitch system risks against business objectives. He worked in MNCs, banks and consulting firms, which gave him different perspectives on the various aspects of cyber security and valuable knowledge he could bring back with him to the civil service. Over the years, Singapore’s cyber security landscape has matured, Mr Yong observes. Awareness of the significance of cyber security is higher among Singaporeans than among the population in any other country, he believes. However he feels there is still much room for improvement in terms of catching up with countries such as Israel, China or the United States, in terms of technology.
Nurturing cyber security professionals
Mr Yong’s hope is to see Singapore become a cyber security superpower one day — a vision reflected in the National Cyber Security Masterplan 3, which, amongst other targets, has $130 million allocated to R&D in the field and to nurturing a pool of highly qualified cyber security professionals.
10
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
PEOPLE Currently, there are only about 1,000 cyber security professionals out of 150,000 ICT professionals. The five local polytechnics produce 200-240 Diploma holders in cyber security each year, but there are no degree courses in this subject. However, by the end of 2015, the Singapore Institute of Technology (SIT) will be offering undergraduate degree courses in this field, with a few other universities following suit in 2016.
As someone who regularly guides young entrants to the field, Mr Yong (pictured below) cherishes employees who think: “I am Singaporean, I care about Singapore.” Security, he points out, is not as much about having technical skills as having people with solid values. “You can buy technical skills, but you can’t buy loyalty,” says Mr Yong.
Mr Yong, who sits on the SUTD Executive Board of Advisors, has worked on relevant curricula that are mapped against society’s needs. In order to give fresh graduates the experience they need to land their first job, IDA offers grants to organisations that are hiring in the field to encourage more on-the-job training. Moving forward, SCS can serve as a platform for the voice of ‘buyers’ of cyber security, says Mr Yong, who joined the Society as a member and later became an Executive Council member and started its first Special Interest Group. It can also educate buyers on the technology available and cost-effectiveness of various options. Additionally, he believes SCS can facilitate professional development through the professional certifications it offers.
PROFESSIONAL DEVELOPMENT
Start A New SIG Today!
Are you passionate about an emerging technology or a new area in ICM? You can start your own Special Interest Group (SIG) in 3 Simple Steps!
1.
Submit Your Proposal Let us know your interests, plans and objectives for your new Special Interest Group.
2.
Have a Chat with Us Share with us your plans for your new SIG.
Here is what SCS will do to help you get your own SIG off the ground: √ Connecting you with like-minded industry professionals √ Providing event publicity and secretariat support √ Offering the use of venue for committee meetings and events √ And much more! Why wait? Drop us a line at scs.secretariat@scs.org.sg or call SCS secretariat on 6226 2567 today! Information on the following SIGs can be found at https://www.scs.org.sg/SIG/sig-homepage.php • Enterprise Cloud Computing & Virtualisation • Healthcare IT • Infocomm Security • Open Source Software in Innovation and Collaboration • Supply Chain Management
3.
Form a Committee Enlist a committee of 3-5 passionate, like-minded members.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
11
PROFESSIONAL DEVELOPMENT
It’s All About People
Winners of our first-ever “10 Best Tech Companies to Work For” Awards show they put their people above all else.
B
eing “all about people” is essentially what makes an organisation stand out as an employer. This approach of putting people first is exactly what all the winners of our inaugural “Best Tech Company to Work For” Award have demonstrated. The award, which was announced at the recent Infocomm Professional Development Forum (IPDF) 2015, was conceived to promote best practices within the Infocomm industry and recognise remarkable talent development practices displayed by organisations in three main categories namely large organisations/MNCs, midsized organisations and start-ups/small sized organisations. After our panel of appraisers went through eight rigorous months of groundwork, multiple evaluations and judging processes, ten companies emerged as winners for displaying commitment in fostering a conducive and collaborative work environment. They could also show several impressive testimonials from employees on how they can make their voices heard through multiple channels ranging from daily scrum meetings to bi-monthly birthday lunches in the office. Many of the “Best Tech Companies to Work For” also earned credit for nurturing their employees through the provision of skills training and even overseas office exchange programmes.
Timely launch
With the emphasis Prime Minister Lee Hsien Loong has placed on nurturing talent in building a Smart Nation, SCS feels that launching this innovative award programme was indeed a timely initiative and a well-deserved tribute to outstanding tech companies for their commitment to attracting and retaining talent in the ICM sector.
Defining Best Practices
The awards champion exemplary qualities such as robust talent development, enviable corporate culture and innovation excellence. Our panel of distinguished judges, all experts in their respective industries, assessed the organisations using five key pillars as reference points. They are: Innovation, Human Resource Management, Human Resource Development, People Culture and Financial Stability. Two of the key criteria, Human Resource Management and Human Resource Development, were set to align with the Human Resource Workforce Skills Qualifications (HR WSQ ) framework developed by the Singapore Workforce Development Agency (WDA). After an intense judging process, four organisations emerged winners while six other companies made the prestigious list of the “10 Best Tech Companies to Work For in Singapore”.
And the Winners Are….
The 10 Best Tech Companies to Work For in Singapore are: (Listed alphabetically) • Adventus Singapore • CommGate • JustCommodity Software Solutions (Winner, Mid-sized organisations category) • LinkedIn Corporation • Microsoft Operations (Winner, Large organisations/ MNCs category) • Paywhere • Red Hat • Tagit • TreeBox Solutions (Winner, Start-ups/ Small-sized organisations category) • Ubisoft Singapore (Winner, Large organisations/ MNCs category) We thank the Singapore Workforce Development Agency (WDA), the Infocomm Development Authority of Singapore (IDA), SPRING Singapore, and e2i (Employment and Employability Institute), for their relentless support in making our vision come to fruition. As Singapore progresses towards being a Smart Nation, this inaugural award programme will surely continue to inspire tech companies to pursue and implement innovative practices and contribute to an enthusiastic and dynamic workforce. After all, it is the aspiration of the ICM industry to make a lasting impact.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
13
PROFESSIONAL DEVELOPMENT
Fewer ICT Professionals Planning to Leave Industry Survey results suggest that a smaller percentage of our fellow ICT professionals would like to leave the industry.
S
ignificantly fewer ICT professionals appear to want to leave the industry, according to the SCS Infocomm Survey 2014 conducted between July and September last year. Of those who responded, 17% expressed the intention of leaving the infocomm profession, down from 26% in 2011. On average, across the four surveys done between 2009 and 2014, about 21% of ICT professionals indicated an intention to leave the infocomm profession (Figure 1). 100% 90% 80% 70% 60%
20%
22%
30%
23%
50%
54%
17%
26%
22%
61%
51%
10% 0%
2009
2010
Disagree
Retain
Salary
Salary
Career Advancement
Career Advancement
Rate of change in Infocomm work
Respect & Prestige
Demand for Infocomm jobs
Rate of change in technologies
Opportunity to be a change agent
Rate of change in Infocomm work
Table 1: Attraction to and Retention in the ICT Profession
40% 20%
Attract
23%
50% 30%
Top 5 reasons for ICT Students
Neutral
2011
Agree
2014
Figure 1: Turnaway Intentions (2009 – 2014)
Are ICT Professionals Satisfied with their Jobs?
Our survey also tracks the levels of ICT professionals’ job satisfaction. Across the four surveys conducted between 2009 and 2014, job satisfaction levels of ICT professionals have remained stable over the years at an average of 66% (Figure 2). In 2014, 67% of ICT professionals reported that they were satisfied with their ICT jobs.
Our 2014 survey also sheds light on other issues of ICT professionals and students in Singapore and their needs. Here is a look at some of these.
100%
What Attracts People to the ICT industry?
60%
Survey results in Table 1 below indicate that for most ICT professionals and students, “salaries in the ICT profession compared with salaries in other occupations” remain the top ranking factor in attracting them to and retaining them in the ICT industry. However, “respect & prestige” as a factor has risen over the past years to be among the top five reasons attracting and retaining them in the industry. Top 5 reasons for ICT Professionals Attract
Retain
Salary
Salary
Career Advancement
Career Advancement
Respect & Prestige
Respect & Prestige
Choose where one works
Rate of change in infocomm work
Opportunity to do broad/ varied work
Need for a balanced lifestyle
90% 80% 70%
66%
66%
23%
24%
10%
10%
63%
67%
22%
21%
15%
12%
50%
40% 30% 20% 10%
0%
2009
2010 Disagree
2011 Neutral
2014 Agree
Figure 2: Job Satisfaction (2009 – 2014)
14
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
PROFESSIONAL DEVELOPMENT What are the Competency Requirements of our ICT Professionals?
The survey shows that IT managers rate soft skills as the skill most required in their current jobs and for progression to the next level. IT technical professionals rate technical skills as the most required in their current jobs, but soft skills as the skills most required for progression to the next level (Table 2).
Current Job Role
Technical
Business
Industry
Interpersonal
CIO
3
1
4
2
ICT Project Management
4
2
3
1
ICT Management
3
2
4
1
ICT Sales and Marketing
3
1
4
2
System Development
2
2
4
1
ICT Services
1
2
4
3
Others
3
2
4
1
Table 2: Rank of Skills for Progression to the Next Level
Interested in finding out more about the survey results? Visit InfoPier (www.infopier.sg) today for the summary!
Steer Your Career with SCS Professional Certifications! Explore SCS’s suite of certifications and courses NOW to chart your own path to success!
B
enchmark your competencies through SCS’s suite of industryrecognised certifications and courses today! Supported by the government bodies and industry partners, SCS certifications provide an avenue for your professional development.
"Singapore is building the world’s first Smart Nation, and technology will play a crucial role in making this journey possible. There will be a critical need to continue building Singapore's tech talent. Technology changes rapidly and tech professionals should constantly keep in pace with the skills demand brought about by these changes. I would like to encourage our tech professionals to continue to upskill themselves by taking on the various CITREP endorsed certifications to further develop their careers.”
“In today’s fast-moving Information and Communications Technology (ICT) sector, new career opportunities abound for ICT professionals who keep themselves abreast with emerging technologies. The Singapore Workforce Development Agency (WDA) is pleased to collaborate with the Singapore Computer Society (SCS) to align the professional certifications such as CITPM, COMIT, CITBCM and CSTP to the National Infocomm Competency Framework (NICF) and equip ICT professionals with industry-relevant skills that would enable them to future-proof their skills and advance in their careers.”
Mr Khoong Hock Yun
Ms Julia Ng
Assistant Chief Executive, Development Group IDA
Senior Director, Enterprise Development Group WDA
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
15
PROFESSIONAL DEVELOPMENT
Certification in IT Project Management (ITPM)
Certification in Outsourcing Management for IT
Certification in IT Business Continuity Management
Growing demands from businesses and organisations for outsourcing services have given rise to the need to have a benchmark for IT outsourcing competencies. This would help ensure that outsourced IT projects are managed with the right skill sets for organisations to meet their business objectives.
Get the holistic CITBCM certification that is highly recognised by IT business continuity managers as a mark of quality and professionalism. The certification course covers the three strategic areas of IT Disaster Recovery (ITDR), Data Centre (DC) and Business Continuity Management (BCM).
Certified Software Testing Professional
Certified Software Quality Analyst
Certified Manager of Software Quality
Trained and competent testers and practitioners with practical knowledge are now needed more than ever. Familiarise yourself with the integrated testing cycle, and acquire knowledge of leading industry tools and up-to-date technologies to test software for quality control and security assurance.
Learn and implement the best practices for building quality software throughout the application life cycle to replicate successful IT project results every time. Acquire knowledge of good quality management for your IT projects, including Quality Planning and Control Practices.
Calling all experienced professionals who have proven skill mastery in quality planning and execution, quality management and communications and relationships! This certification is next level up the quality assurance ladder. Get it to do justice to your quality assurance expertise.
1-2, 7-9 October 2015 4-6, 12-13 November 2015 Training Provider: COMAT Training Services
5-9 October 2015 Training Provider: Institute of Systems Science, National University of Singapore An essential qualification for those who want to carve a career in IT project management, this certification raises your professionalism in ITPM and provides a valuable path for IT project management professionals to attain a recognised qualification.
16-20 & 26 November 2015 Training Provider: Nanyang Polytechnic
7-9 October 2015 Training Provider: Institute of Systems Science, National University of Singapore
3 – 5 November 2015 Training provider: Quality Assurance Institute (QAI)
9-12 November 2015 Training Provider: Organisation Resilience Management
Assessment available all year round Training provider: Quality Assurance Institute (QAI)
Other Professional Development Workshops Not to Be Missed! Secure Software Development Model (SSDM) Workshop (2-days)
Secure Software Development Model For Banking & Finance (SDBF) Workshop (2-days)
Safeguard your applications from hackers by having an integrated, secure development process in place. Acquire the know-how in the five process areas of secure development that is also employed by Motorola Software!
Get your IT infrastructure ready and have its recoverability bolstered for the eventuality of a cyber disaster. Gain insights into various practices and regulatory requirements for the finance industry in relation to secure software development.
February 2016
February 2016
For further information and funding for the certifications, contact the SCS secretariat on 6226 2567 or email scs.secretariat@scs.org.sg
16
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
HAPPENINGS
Newly Co-Opted Executive Council Members for 2015/2016 To better serve our members, the SCS Executive Council and respective Chapter Councils have co-opted some members into the team. Let’s take a look at members who just joined us. SCS EXECUTIVE COUNCIL June Koh, MSCS IDA
Prof Miao Chun Yan, MSCS NTU
Ong Chin Ann, SMSCS MINDEF
Harish Pillay, FSCS Red Hat Asia Pacific
Deep Singhania, SMSCS Emerio
Yeo Teck Guan, SMSCS Singapore Pools
SCS-BUSINESS ANALYTICS CHAPTER EXECUTIVE COUNCIL Vicky Abhishek, MSCS The Coca-Cola Company
Manik Bhandari, MSCS Accenture
Eveline Lim, MSCS IDA
Jonah Ong, MSCS Land Transport Authority
Ta Wee An Andy, MSCS MOH Holdings
Wai Foon Un, MSCS Integrated Health Information Systems
SCS-BUSINESS CONTINUITY GROUP EXECUTIVE COUNCIL Raju Chellam, SMSCS Dell
Samuel David, MSCS Seed System
Thomas Kok, MSCS DBS Bank
Christopher Lim, SMSCS Raiffeisen Bank
Lok Ee Choon, MSCS Arete Consultancy
Sasanka Sahu, MSCS Acclivis Technologies and Solutions
Jasper Tan, SMSCS IBM Singapore
Serena Yong, MSCS Integrated Health Information Systems
SCS-CERTIFIED IT PROJECT MANAGERS’ CHAPTER EXECUTIVE COUNCIL
SCS-QUALITY ASSURANCE CHAPTER EXECUTIVE COUNCIL
Dr Adam Chee, MSCS Binary HealthCare
Corinna Toh Yee Ling, MSCS G&W Group Chong Fung Tshu, MSCS Integrated Health Information Systems
SCS-INTERACTIVE DIGITAL MEDIA CHAPTER EXECUTIVE COUNCIL Dr Koh Wee Lit, MSCS Red Hare Studios
Nicholas Seow, MSCS Integrated Health Information Systems
Bryan Tan, MSCS Pinsent Masons
Olivier de Rotalier, SMSCS Ubisoft Singapore
SCS-MOBILE & WIRELESS CHAPTER EXECUTIVE COUNCIL Charu Mahajan, MSCS Accenture
Andy Ho Hean Yoong, MSCS MOH Holdings
Ng Chin Kong, MSCS Land Transport Authority
Tan Shui Min, MSCS Integrated Health Information Systems
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
17
HAPPENINGS
Five Secrets To Building A Successful Career Consider five key factors when deciding on the job to set you off on the right career path, say ITYC members Tommy Tien and Suren Rastogi. Tommy Tien
Member, SCS Committee Member SCS IT Youth Council
Suren Rastogi
Member, SCS Co-opted Member SCS IT Youth Council
B
uilding a career takes hard work, patience and the right attitude, but is extremely rewarding in the long run. There are few, if any, shortcuts in the professional world, a fact youth and young professionals must understand and accept. Building a successful career is about making the right choices and here is what you need to consider: 1. Know What You Want To Do Employees who are “trying out a role” to see if they like it usually do not perform as well as those who know exactly what they want. The first group tends to focus on the pros and cons of the job, putting a higher weightage on the negative aspects. More often than not, they job hop in the early years of their careers, which reflects poorly on their résumés. On the flip side, employees who know what they want from their careers tend to focus on excelling in their jobs, and their better performance reflects this. The challenge many youths face is in knowing what they want for a career, and the type of company they want to work for. The youth of today have more opportunities than previous generations to know what they want to do. Building a career is like mastering real estate — establish a strong foundation in a specific skill and build both vertically and horizontally from that. Do one to three internships to explore career opportunities, join school-organised career and networking
sessions, and talk to industry professionals to find out more about job options. 2. Don’t Chase The Money;The Money Will Come A lot of youths rule out jobs because of salary considerations, sometimes even for a S$100 – S$400 difference in monthly salary. While money is important, it should not be the key consideration. Remember that you will spend most of your time at work. If you pick a job for the money, rather than for what you want to achieve and your own personal growth, you will be sacrificing developing the right skills for future career progression. When starting out, embark on a career path that will help you develop your skills, learn and excel. With hard work and good performance, the rewards and money will automatically come your way. 3. #DigitalHygiene This refers to your digital profile. Most employers do a search online to gain insights on the type of person you are. They are specifically looking for information related to the job you applied for: for example, do you read or follow news from the industry?
By the time you graduate, your skill sets have become less relevant. Keep up to date with the industry and job you want. There are plenty of online websites, such as coursera.com, where you can learn valuable industry skills quickly. If you are not sure where to invest or what skills to build, read, talk to your professors and network with industry professionals to better understand employers’ current needs and prepare yourself for the workplace. 5. No Substitution For Hard Work The final secret is, there is no substitution for hard work. Connections, networking, freeloading may take you one or two rungs up the ladder, but only hard work will get you to the top. Most importantly, getting work beyond business-as-usual means higher exposure and honing various skills. This makes you more employable and you could achieve more without putting your daily work aside.
Do you know what your digital profile looks like? Do your own search, adjust your privacy settings and be mindful of what you share online, especially on Facebook and Twitter. Employers have been known to reject applicants based on information they have put online. 4. Prepare For The Workplace The technology industry is moving so fast that school curricula are unable to keep pace.
To find out more about building a successful career, take a look at our past YES! Youth Engagement Series at https://www.infopier.sg/scs-gallery To connect with the IT Youth Council, visit: https://www.facebook.com/ITYouthCouncil
18
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
HAPPENINGS
Reviewing Our Reason for Being
SCS’s reconsidered vision and mission statements reflect the aspirations of a younger generation of infocomm professionals and the evolving ICT landscape. It isn’t surprising therefore that the SCS Executive Council has been reconsidering what the Society stands for and whether our original reason for being still reflects the voice of the infocomm community.
Deconstructing the Vision
Previous Vision: To be the premier society for infocomm professionals and centre of excellence for professional development With the previous vision being 15 years old now and things being vastly different after so many years, we felt a reassessment was in order and therefore called a meeting on 16 May where more than 40 leaders of the various SCS committees gathered to voice their opinions on first, whether a change was in order, and second, how the current SCS’s fundamental existence is relevant and what this means to our organisation’s projection into the future. The voting was unanimous to refresh our vision and here’s where we are today — with revised vision and updated mission statements couched in new language and a wider context. The thinking was that SCS, having been at the forefront of the infocomm ecosystem for the past 48 years, has grown purposefully and thus gained a strong sense of confidence and purpose that needs to be expressed in this context. We feel that SCS has already achieved the status of a professional body every infocomm professional aspires to be a part of, with an unrivalled ranking of being the industry’s go-to certification entity. The next leap is really to accelerate the advancement of Singapore’s infocomm & digital media framework through our society’s dynamic leadership and Vision, implemented through our similarly amended Mission.
A
s with infocomm professionals who constantly need to upgrade their skills and domain knowledge to maintain relevance in a fast-changing environment, so too the organisation entrusted to champion this special breed of talent crucial to any modern organisation. Members will have witnessed over the recent years that SCS has upped the ante not only on growing its membership, which now exceeds 32,000, but has also raised the standard of professional certification and qualification, increased access to valuable infocomm resources, multichannel and platform engagement with members, and improved the “softer” aspects of what makes membership with us interesting. These include catering to a growing demand for chapters and special interest groups (SIG), while increasing the variety of youth and social activities, as well as reaching out beyond the confines of the SCS to government, industry and educational bodies.
Web: www.scs.org.sg
THE MAGAZINE OF THE SINGAPORE COMPUTER SOCIETY
19
HAPPENINGS Mission Possible
Previous Mission: Leading the Way, Value-Added Society, Speak Up You will have noticed that we have largely left the mission statement intact save for a few minor tweaks. That’s because the words still encompass the unfaltering undertakings essential to realising our vision past and present. Leading the Way starts the ball rolling by realising that with the new generation of digitally connected and empowered professionals joining the ICT ranks, there is less of a need for SCS to provide opportunities for them to contribute, but more of a need to play a bigger role in harnessing their collective intellect, enthusiasm and commitment to shape the industry with one SCS voice.
Force for Good
So what does all this wordsmithing really mean for our members? It simply means that SCS has come of (some would say, The 3rd) age, and, with our renewed impetus, we are now a powerful 32,000-strong force for good. Members and members-to-be can look forward to joining SCS to be even more instrumental in Singapore’s journey post-SG50 and definitely towards a smart SG2065.
Value adding, though an often overused phrase, remains pertinent in our case for making our members’ careers our first priority. Without qualified, empowered and engaged infocomm professionals, where would the industry be? What we’ve augmented to our mission statement is ‘Digital Media’ to reflect its inclusion in ICT and blurring lines between ICT and digital media. As for Being The Voice, SCS intends to emphasise engaging the community first, then engaging on behalf of the community for positive change.
Jubilant Team IHIS Wins SCS Bowling Tournament 2015 SCS Bowling Tournament 2015 offered a morning of rolling fun for all.
T
he atmosphere in Lane 7 at SuperBowl, SAFRA Mount Faber on 23 May was jubilant. And no wonder. Team IHIS One had just clinched the winning strike, anchoring 100 pin-falls ahead of their closest opponents, Team Lane Assassins. The team champions of SCS Bowling Tournament 2015 had a relatively comfortable victory although their closest competitor was led by double-individual trophy winner (Ladies), Ms Ong She-Na. Both Ms Ong and Mr Wee Hong Ee from the champion team had excellent final games, bagging the High Game titles for their respective individual categories. Mr Nicholas Chia (Team Pin Pushers) took home the High Series (Men) trophy with a total pinfall of 688, proving that consistency is the keystone of a stellar performance.
SCS and our supporting partners extend our heartiest congratulations to our Bowling Tournament winners:
SCS Vice President, Tan Teng Cheong (left) and the winning team, IHiS One
Supported by JustCommodity Software Solutions, the SCS Bowling Tournament 2015 witnessed the gathering of 120 bowlers (from 30 teams) for a morning of rolling fun. Each team comprised four bowling SCS members and their friends. Every team player had to complete three games. The total individual and team scores were tabulated to see who emerged at the top of their leagues.
Team Category Champion 1st Runner-up 2nd Runner-up 3rd Runner-up
Winning Team IHIS ONE LANES ASSASSINS NYP-2 FRIENDS AND FAMILIES
Individual Category
Winner
High Game (Men)
Mr Wee Hong Ee
High Game (Ladies) High Series (Ladies) High Series (Men)
Ms Ong She-Na Ms Ong She-Na
Mr Nicholas Chia
SCS would like to thank JustCommodity Software Solutions for co-sponsoring this event and all the players for supporting this unforgettable event.
20
THE IT SOCIETY — Issue Two 2015
Facebook: www.facebook.com/SingaporeComputerSociety
HAPPENINGS
Calendar of Events OCTOBER 2015 SEPTEMBER 2015 4 SEP 9 SEP 9-10 SEP 16 SEP 17 SEP 18 SEP 22 SEP 23 SEP 29 SEP 30 SEP
7 OCT
CITPM Preview Session
Launch of Student Chapter @ Singapore Institute of Technology (SIT) cum Panel discussion on How to Jumpstart Your Career in ICM Launch of Apple Tree App at Young Tech Fest
Launch of Student Chapter @ Singapore University of Technology and Design (SUTD) CITBCM Preview Session
Seminar on Ensuring Quality of Geospatial Data Executive Visit to Microsoft Cybercrime Satellite Centre COMIT Preview Session
16 OCT 20 OCT 28 OCT
Project Management Clinic on Managing Project Risks IDEAS series on Education Analytics
Cloud Computing Chapter 1st Annual General Meeting Launch of SCS Cloud Computing Chapter in conjunction with CloudAsia 2015
NOVEMBER 2015
IDEAS on Data Science Software Site Visit to Brandtology
15 OCT
YES! Youth Engagement Series on Shaping the Future with Wearable Technology
3-5 NOV
CSQA Preparatory Workshop & Certification
20 NOV
IDEAS series
21 NOV
YES! Youth Engagement Series in conjunction with Launch of Technopreneurship SIG
18 NOV
SCS Member Movie Night
THE LITE SIDE
1. 2014’s Heartbleed bug is a serious vulnerability in... A) Open AES B) Open SSH C) Open SSL D) Open RSA 2. Implementing _______ will help you protect your information assets in cyber space, comply with regulatory obligations and thrive by assuring your customers and stakeholders that they are cyber secure. A) ISO 25001 B) ISO 26001 C) ISO 29001 D) None of the above 3. TOR is ________. A) An ultra secure email B) A 64-bit new ARM mobile processor C) A secure web browser D) None of the above
9. Amazon S3 is an online storage web service. What is S3? A) Super Storage Service B) Simple Sure Service C) Simple Super Storage D) None of the above 10. Identify this Game logo:
5. What is the single maxmimum capacity of a hard disk (as of 2014)? A) 8 TB B) 16 TB C) 32 TB D) 60 TB 6. Project Brillo is the ________. A) Code name for BMW’s OS for self driving cars B) Code name for IBM’s OS for Drones C) Code name for Google’s OS IoT devices D) Code name for Windows 10 based OS for IoT 7. A six-digit Hex colour code (Example : #ADD8E6) defines values of Red, Blue, and Green in what order? A) #RRBBGG B) #GGRRBB C) #RRGGBB D) #BBRRGG
8. ______ is the market leader in mobile phone chips. A) Samsung B) Apple C) MediaTek D) Qualcomm
A) 3M B) Autodesk C) Linux Foundation D) Wolfram Alpha
Answers: 1 C 2 D (Ans: ISO 27001) 3 D (Ans: Anonymous communication network) 4 C 5 A 6 C 7 C 8 D 9 D (Ans: Simple Storage Service) 10 D
4. A DNS translates a domain name into which of the following? A) A binary code B) A Hex C) An IP Address D) A URL
RIC CUR
ALIGNED TO UM UL