Insights on Cybersecurity (2021)

Insights on Cybersecurity (2021)

Insights on Cybersecurity

The Discovery+ Series is a series of events, delivered through online digital solutions, which give students the chance to speak directly with working professionals, and learn about careers they aspire to enter. Given the developments in the COVID-19 situation, Advisory is keen to provide support to the many students who are experiencing woes in this time of disruptions, by digitalising professional mentorship.

The Discover+ Panel on Cybersecurity, held on 1 June, was graced by Dr. Steven Wong (Moderator), Associate Professor and Director, Projects, Office of Provost, Singapore Institute of Technology; Alina Tan, Senior Cybersecurity Engineer, Land Transport Authority; Lee Wei Min, Consultant, Critical Information Infrastructure, Cyber Security Agency of Singapore ; and Sugar Chan, Senior Consultant, Boston Consulting Group. Attendees included students at various levels of education with a desire to know the different career paths in Cybersecurity, and how to best position themselves for such roles.

What are the educational qualifications required to embark on a career in the cybersecurity industry?

Technical degrees such as computer science and computer engineering degrees will give you a good foundation to build upon and help you understand the technical side of cybersecurity better, though it is not necessarily a requirement for one to excel in the field. In fact, there are other non-technical aspects of cybersecurity which non-technical degree holders can explore.

There are various avenues, such as Information Technology (IT)-related and cybersecurity courses that anyone can take up to get an idea of what the cybersecurity industry is like. It ultimately boils down to how passionate you are and your willingness to learn more about the industry.

What do companies look for in potential cybersecurity professional candidates?

A candidate’s attitude is one of the key attributes that cybersecurity companies look for during the hiring process. Candidates should demonstrate deep interest in cybersecurity and be aware of the latest incidents and emerging trends in the industry. Given the ever-evolving nature of the industry, candidates should be able to work dynamically, be quick to adapt to changes, and have the tenacity to constantly learn and pick up new skills. Last but not least, having an inquisitive mindset and the ability to think out of the box is very important as well.

Given that the cybersecurity industry is male-dominated, are women cybersecurity professionals disadvantaged?

Being a woman in the cybersecurity industry is not a disadvantage, but rather, an advantage as it is an opportunity to stand out and showcase your skills. In fact, many companies are now looking at strategies to bring in more women into the industry. The cybersecurity industry is a level playing field where professionals do not see each other by gender, but rather, by specialisation. Women are also able to take up leadership positions in the industry as well.

Additionally, there are women in the cybersecurity industry who run mentorship programmes for girls who are keen on taking up a career in cybersecurity and are willing to share their experiences and stories.

How has the age of digitalisation changed the cybersecurity landscape?

The advancement of technology has opened up greater avenues for hackers to attack and manipulate networks and systems. One must understand the risks behind implementing cutting-edge technology like Artificial Intelligence and the Internet of Things, as such technologies may not necessarily have security controls in place. Given the ever-evolving nature of technology, new cyber threats are constantly emerging everyday too. Hence, it is imperative for cybersecurity professionals to be able to work dynamically and adapt to changes easily.

How does the maturity level of Singapore’s cybersecurity compare to that of countries abroad?

Singapore’s cybersecurity is in a relatively good position, especially within the Asia Pacific region. The government has come up with various regulations and guidelines to promote cybersecurity across different industries, such as the Cybersecurity Act. They have also collaborated with various associations, such as the Singapore Computer Society, to ensure a strong talent pipeline for the cybersecurity industry. Moreover, it has been noted that companies in Singapore often take the initiative beyond simply adhering to regulations to seek ways to bolster their cybersecurity.

However, compared to larger countries abroad, Singapore’s cybersecurity field is still developing as we continue to utilise cyber frameworks from other countries.

Will the cybersecurity industry last in the future?

Cybersecurity will always be here to stay as technology continues to evolve and advance. However, some roles in the industry, such as data analysts, may be replaced by artificial intelligence in the future. Thus, it is important to keep an eye out on key emerging trends and constantly upskill oneself in order to not remain stagnant.

Given that companies often look out for experienced cybersecurity professionals, how should one embark on a career in the cybersecurity industry without any prior work experience?

Firstly, it is important to pitch to your interviewers that you are willing to learn and strive to work harder than the other candidates despite not having the expertise or prior work experience. Interview questions such as “what can you provide to the company?” and “why should the company hire you?” are great opportunities for you to tell the interviewer what you can offer as a value-add to the company.

Secondly, networking with people in the cybersecurity industry is incredibly helpful in landing an interview in a cybersecurity company. Getting to know these professionals demonstrates your interest in the industry and may convince them to pass your CV to their hiring manager. In fact, Singapore has many cybersecurity associations and close-knitted communities of cybersecurity professionals that you can join to expand your network. These associations include Div0, Association of Information Security Professionals (AiSP) and Singapore Computer Society (SCS).

Any other advice for anyone looking to enter the cybersecurity industry?

Keep an open mind and never be afraid to fail. Cybersecurity is an extremely large field, so do not be disheartened if you feel that you are lacking in knowledge in certain aspects. Instead, you can seek mentorship through programmes held by the aforementioned cybersecurity associations, and keep yourself up to date with ongoing trends in the industry. There are also many conferences and dialogues which are now being held online, and are good opportunities for you to listen to the views of industry experts and be informed of emerging technologies and cyber threats in the field.