Road to InfoSec Professional
A Students-Lead Joint IHL Event Sponsored by ISACA Singapore
On 30th March 2013, Infocomm Security (InfoSec) students from Singapore Polytechnic, Temasek Polytechic and Nanyang Polytechnic gathered at Singapore Management University (SMU) for a joint Institute of Higher Learning (IHL) event organised with support from ISACA Singapore Chapter. The theme for this event was "Road to InfoSec Professional", which served as a platform for students from the various IHLs to network and share their knowledge in the field of InfoSec. In addition to networking opportunities, the event featured lightning talks from the student leaders themselves and a sharing session by professionals in the field.
To start off the event Mr Tong Seng Chee, ISACA Singapore Director of Academic Outreach, gave an opening address to the participants. During his address, he emphasised on the importance of InfoSec in the present times and the need to constantly improve ourselves in this field. Continuing from his opening address, Mr Tong also proceeded to share his past experiences and knowledge with the audience.
Several other professionals present at the event also chipped in and shared on how they developed their skills in the field over the years. One of the professionals present was none other than Mr Leonard Ong, the President of ISACA SG. During his sharing, Mr Ong touched on his early days in the industry and described his learning process over the years. Other speakers included Ryan Baxendale, a security consultant and veteran penetration tester at security-assessment.com and Teh Kaiwen, IT Youth of the Year Award winner.
After an enriching session by the professionals, the participants of the event were provided with an opportunity to network with each other over some light refreshments. This session effectively gave rise to numerous interesting conversations among both the students and professionals. Additionally, the lively atmosphere was enhanced by a mini inter-IHL quiz organized for the student participants, which added greater depth and quality to the interactions within students. As this section of the event went on, friendships were budding and bonding were forged.
Next in the lineup was the Lightning talks by the students leaders. These talks served to be a platform for students to share their experience in their niche areas in the field of InfoSec. The talks started off with a lighthearted sharing by Nikolas Tay, a first year student from Singapore Polytechnic (SP) about his journey in the field of InfoSec. During his speech, he addressed some of the common difficulties faced by newcomers to the field by providing some sound advice based on his personal experience.
Following this was a talk by Jeremy Heng and Ku Wee Kiat, two SP students who participate actively in Capture The Flag (CTF) competitions under the name Nandy Narwhals. Jeremy started off with the topic of Breaking Python Sandboxes, a presentation inspired by a puzzle in a recent competition. The presentation included a live demonstration of the concept which garnered a significant amount of interest within the audience. In the next portion, Wee Kiat presented the crowd with a unique presentation on the topic of Binary Visualization. During the course of his presentation, Wee Kiat touched on the various methods of analyzing files through visuals as opposed to other conventional methods.
Among the speakers were two groups from Temasek Polytechnic (TP) who brought two facinating topics to the table. The first group showcased a tool solely developed by students from TP, the Facebook Forensics Toolkit v2.0. The group touched on how data can easily be retrieved from social networks such as Facebook and archived into well organized "case files". Given the current popularity of social media, such a tool would prove extremely useful for gathering evidence against criminals during investigation of crimes. The second presentation entitled Cold Boot Project delved into the realm of digital forensics. The presentation was an analysis of data degradation within the Random Access Memory (RAM) of a computer over time (from the time when power has been cut off).
The next talk was conducted by Chia Yong Xiang from Nanyang Polytechnic. In his talk "Password Audit (On The Cloud)", Yong Xiang highlighted the significant role of could computing in the field of password audit and effectively illustrated the techniques used to carry it out. In addition, Yong Xiang also provided the audience with some interesting cloud password cracking services for the audience to try out.
To conclude the session, Ng Choon Heng from SP touched on a topic which took a different perspective towards security compared to the earlier talks: Social Engineering. In his talk entitled "Social Engineering - Psychological Manipulation", Choon Heng presented the crowd with a refreshing take on security as he tackled one of the most neglected areas of security, the human element. In addition, Choon Heng also highlighted some real life examples of successful social engineering, further emphasising that such attacks are relavant in today's InfoSec industry.
With the conclusion of the lightning talks, Mr Tong took the stage once again and gave a closing speech to the attendees along with presenting tokens of appreciation to the student president of each polytechnic present. The top four winners of the IHL Trivia Quiz also received their prizes, iPod Shuffles, from the event organizer, putting an ending note to this lovely afternoon.
Let us hope such event gets carried on in years to come and even become an everlasting tradition among ISACA Student Groups from various IHLs in Singapore.
Article adapted from writeup by Nikolas Tay (SP)
Event photos courtesy of James Lai Zhiyuan (NYP)