Wednesday, December 25, 2019

What you need to know about Diploma in Infocomm Security Managemet (DISM, S54)

Diploma Course
Studying for an IT security-related diploma is a significant investment of your time, money and resources. It is better to understand the value that you would be able to generate with the course. The information provided here is to help all students to make the correct decision.

Key Points about DISM
Below are the three key points about DISM course.

1. Broad-based Curriculum
The Curriculum plays a major role in the learning process. DISM focuses on three main skill sets: Offensive, Defensive and Investigative.

The first year include the general curriculum where students establish the fundamentals of information technology that includes computer architecture and operating system, networking fundamentals, linux administration, etc. The second year has more security related modules such as Ethical Hacking and Defences, Applied Cryptography, Digital Forensics & Investigation, etc. Third year is the most crucial year when you put all the skills and knowledge together to do your final year project plus some modules.

2. Lots of Stress
It can be quite stressful during term time as students are required to go through the curriculum and meeting all the assessment requirements of modules.

3. Lots of Programming Assignments 
The misconception students have is that they assume that the course has minimal programming requirements. In actual fact, programming knowledge and skills are very important in this course. As such, students need to prepare themselves and have the correct expectations before they begin to feel the pressure of the requirements from the modules' assignments, especially to those who did not like programming modules.

So, which course? 
Consider your interest, your academic strengths, your desired career, and the diploma course that would help you reach your aims and career goals.

More information on DISM 
Click this URL for more information on Diploma in Infocomm Security Management (DISM) S54.

Tuesday, December 24, 2019

FIVE (5) Things You Probably Didn't Know About Our Course (DISM)

1. DISM is different from secondary school because …
Unlike a typical classroom lesson, lessons here are pretty much hands on! At DISM, we train you to combat cyber crime by putting you through different scenarios of cyber crime. Each scenario has its own set of challenges and you will have to adopt different strategies to solve them. We also have a league competition where students pit their skills against one another and are awarded points on completion of each scenario. Apart from winning points, students often feel a great sense of achievement once they have conquered a scenario!

2. A lot of your time will be spent in …
The Cyber Wargame Centre! As the name suggests, it is literally a game of war in cyberspace. During lessons, you will be given cyber crime scenarios to tackle. In every scenario, there will always be the good guys (defenders), the bad guys (attackers) and the cops (investigators). You will play any one of these roles and will attempt to penetrate enemy defences, defend yourself against intruders, or be the detective to find out how and why the cyber crime took place.

3. A lot of your time will be spent on …
Finding security vulnerabilities! This is where you start looking for loopholes in computer systems - both your own and others. Once you have discovered these loopholes, you’ll then have to figure out how to “patch” these holes up. In the professional world, companies often conduct security assessments to test the strength of their security network and to plug any gaps that they might find.

4. The fun thing about DISM is …
You’ll get to play the role of cyber cop! By playing detective, you’ll enter a cyber crime situation to find out how and why the crime could have happened. Once you have found the answers, you will then be able to advise people on how to prevent similar situations from happening.

5. To do well in this profession, you must be able to…
Work in a group and under stress! You will often be working in a team to stop cybercrime, so your ability to communicate with your teammates could determine the success or failure of the mission. Also, cybercrimes must be stopped quickly. It is therefore important that you work quickly and not lose focus!

Monday, December 23, 2019

Choosing an Infocomm Security Diploma Course

Diploma Course
Studying for an infocomm security diploma is a significant investment of your time, money and resources. It is better to understand the value that you would be able to generate with the course. A common concern seen among students is the choice between Infocomm Security Management versus  IT security centric (network security or forensics focused) diploma courses. There is no one fit solution for all students. You have to consider various factors before selecting one over the other including their track records.

The background of a student plays the most important role in choosing the diploma course. For example, students with interests and strong foundation in networking would naturally choose network security related diploma course. But many students who just completed their GCE “O” level may not have yet to realise their area of interest and may not be able to decide on which course to choose. For those students who are interested in IT security, it is advisable to build their foundations before they move on to specialise in a specific IT security field.

Holistic Education
SP's holistic education equips students with a total skill set, consisting of technical skills, knowledge skills and soft skills. This is done through our unique scenario-based training in DISM which will develop critical thinking skills of students and help them to become a life-long learner. The General Education (GenEd) modules emphasise the cultivation of life-skills such as teamwork, resilience, problem-solving and decision-making. The Education and Career Guidance (ECG) modules provide a structured and comprehensive system to help you make better and informed education and career choices in school and beyond graduation.

Broad-based Curriculum
The Curriculum plays a major role in the learning process. DISM focuses on three main skill sets: OffensiveDefensive and Investigative. The first year include the general curriculum where students establish the fundamentals of information technology that includes Fundamentals of Computing, Fundamentals of Programming, Network Fundamentals, Linux Administration & Security, etc.

The second year has more security related modules such as Ethical Hacking and Defences, Applied Cryptography, Digital Forensics and Investigation, Secure Coding, etc. Third year is the most crucial year when you put all the skills and knowledge together to do your final year project plus some modules including Malware Reverse Engineering and Security Policy & Incident Management. Students are also required to do a 22-week internship programme to gain practical real-world experience.

Career Goals
The essays and Interviews would have forced you to think about your career goals in detail. When you are being asked about your career aspiration, you would be expected to think of something related to your long-term and short-term career goals, as well as objectives, based on your career path planning. It is very important for one to plan ahead. If you choose a diploma course that is too specific (such as network security or forensics centric) at the early stage, you have to consider the job prospects and opportunities. In other words, your choice of jobs will be limited.

In Singapore, almost all IT security related jobs require the practitioners to be multi-skilled, that is, the ability to perform multiple IT security related tasks in a single job. So it means that DISM's broad-based training gives you the competitive edge you need to secure a job.

Post-Diploma Options 
Diploma holders have many pathways. The common belief among students is that one should go for a bachelor degree in a University. However, the degree route may not be the immediate choice to some of the diploma graduates due to factors such as financial and other constraints. One of the post-diploma options is to enrol into an Earn and Learn Programme (ELP).

Under the SkillsFuture, the Earn and Learn Programme (ELP) in Cyber Security is one of the many options that DISM students can consider. It is a work-study programme that provides student on-the-job training while studying for a Specialist Diploma in Cyber Security, that equips participants with advanced skillsets in Penetration Testing, Incident Response and Forensics Investigation. Singapore Polytechnic is the programme manager appointed by the relevant authorities to run the Specialist Diploma in Cyber Security (ELP).

So, which course? 
Consider your interest, your academic strengths, post-diploma options, your desired career, and the diploma course that would help you reach your career goals.

Choose Diploma in Infocomm Security Management (DISM) S54.

Tuesday, December 10, 2019

SP Cyber Physical Security Environment (CPSE)

9 Dec 2019. As part of DISM's efforts to enhance our offering of security training, we have brought in the vendor to conduct the product familiarisation to our staff and students on our newly acquired Cyber Physical Security Environment (CPSE).

We have seen many industrial organisations are moving rapidly into operational technology (OT) environments. OT in the manufacturing processes involve a lot of interconnected systems and data analytics, SCADA, industrial control systems (ICS), Industrial Internet of Things (IIOT) and smart sensors. As such, it is important to secure the infrastructure to reduce the OT security risks.
The CPSE training conducted by the product vendor.
The City Scape, which will be part of DISM's Operational Technology (OT) training platform.
With this in mind, DISM will be introducing Operational Technology (OT) security related modules in our training curriculum. In due time, we hope our graduates will play an important role in the workforce to support and defend the Operational Technology (OT) environments to ensure that they are secure, safe, and resilient against cyber threats.

Saturday, December 7, 2019

United Nations Cybersecurity Challenge @ Vienna, Austria

During the school vacation (5 -6 December), two of our DISM Year-3 students, Davis Zheng and Ashley were selected to attend the HACKATHON event @ Vienna, Austria on ‘Countering Terrorist Use of the Internet and Social Media through Digital and Cyber-Security Solutions’.

The event was organised by the United Nations Counter-Terrorism Centre (UNCCT), within the United Nations Office of Counter-Terrorism (UNOCT), in collaboration with the Office of Information and Communication Technology (OICT).

The finalists consisted of 35 young professionals from 16 countries grouped into 13 teams.
The event was hosted by AIT Austrian Institute of Technology GmbH.
Davis Zheng and Ashley Tan.

This event provided opportunity for the participants to network and exchange ideas. It was a great platform for the participants to pitch their projects to the panel of judges from UN. We look forward to seeing more such hackathon events and all participants would have experienced professional growth as a direct result of the hackathon participation.

Wednesday, November 27, 2019

Launch of AiSP Ladies in Cyber Mentorship Programme

The Association of Information Security Professionals (AiSP) on 26 Nov 19 launched a Singapore-first mentorship programme that would groom female cybersecurity professionals in Singapore. The event's Guest of Honour was Ms Sim Ann, Senior Minister of State for Communications and Information.
AiSP’s Ladies in Cyber Mentorship programme would allow mentors the opportunity to share their life lessons and work experience with interested students from Institutes of Higher Learning (IHLs) in Singapore over one year, while providing them with guidance to enter and advance in the cyber workforce.
DISM students in launch of Ladies in Cyber Mentorship Programme
Students under the programme would be able to hear about their mentors’ work goals, skills, career progression strategies, education pathways and approaches to solving work related problems. This would definitely help the students to set their goals and directions for their own professional growth.

Monday, November 18, 2019

United Nations Cybersecurity Online Challenge 2019

Two of our Year-3 students, Davis Zheng and Ashley Tan participated in the United Nations Cybersecurity Online Challenge 2019.

They are being selected to attend the on-site hackathon event at Vienna, Austria from 5 - 6 December 2019.

Thursday, November 7, 2019

AISP's Inaugural Student Volunteer Recognition Programme (SVRP) Award Ceremony 2019

6 Nov 2019. The Association of Information Security Professionals' (AISP) Inaugural Student Volunteer Recognition Programme (SVRP) Award Ceremony was held in the evening at Life Long Learning Institute Event Hall. This is the first award ceremony that recognised students who had volunteered in cybersecurity related initiatives as well as their leadership skills demonstrated in school and within the community.

The Guest-Of-Honour (GOH) was Ms Sim Ann, Senior Minister of State for MCI & MCCY.
Speech by the Guest-Of-Honour (GOH) Ms Sim Ann, Senior Minister of State for MCI & MCCY.
AISP received more than 100 nominations from 9 Institutes of Higher Learning (IHLs). There were 5 Gold Awards' recipients. In total, Singapore Polytechnic's students received 2 Gold, 17 Silver and 7 Bronze awards.
Gold award recipient, DISM year-3 student, Hoo Jun Hong.

Gold award recipient, DISM graduate (class 2019) Zhu Yongze. 
Yongze with DISM Lecturer, Mr Boris Choo (left) and DISM Course Chair (right), Samson Yeow.
DISM group photograph
SVRP group photograph

Saturday, November 2, 2019

Mindef Bug Bounty Appreciation Event 2019

1 Nov 2019. "The Ministry of Defence (MINDEF) has successfully concluded its second Bug Bounty Programme (BBP) that ran from 30 September 2019 to 21 October 2019...... A total of 305 white hat hackers from around the world, comprising 134 local and 171 international white hat hackers, participated in this year's BBP. Of the 52 vulnerability ("bug") reports submitted, 20 were deemed valid, resulting in a total bounty payout of US$16,000."

A group of DISM students participated in this bug bounty programme and has benefited from this event. We hope that our students will continue to participate in this programme and play an active role in helping to secure our national networks and systems.
Samson Yeow, DISM Course Chair, receiving the token of appreciation on behalf of SP, from the Defence Cyber Chief Brigadier-General (BG) Mark Tan at the Mindef Bug Bounty Appreciation Event.

Thursday, October 3, 2019

Cyber Security Standards Workshop - Singapore Manufacturing Federation

3 Oct 2019. This workshop aims to bring cyber security awareness among Singapore companies embarking on the Industry 4.0 journey. It will give an overview of key international cybersecurity standards such as IEC 62443, use cases and how to mitigate cybersecurity risks through standards in their organizations.

The workshop is organized by IEC Conformity Assessment for Electrotechnical Equipment and Components (IECEE) and Singapore Manufacturing Federation – Standards Development Organization (SMF-SDO); and supported by Cybersecurity Agency of Singapore (CSA) and Enterprise Singapore.

Our industry partner, Mr Thomas Quek of REDCON Security Advisors LLP, is speaking at a "LIVE Demonstration" in one of the sessions. SP students from the Gryphon Team (Special Interest Group) of Diploma in Infocomm Security Management (DISM) course is supporting the session by performing the live demonstration.

Wednesday, October 2, 2019

DISM Project Showcase @ SICW 2019

2 Oct 2019. Our DISM students were involved in the SICW Project Showcase for IHLs. The project entitled CompSAT, a user-friendly web application that allows the users to learn more about Personal Data Protection Act (PDPA) as well as to perform the PDPA compliance self-assessment test for organisation to assess their PDPA readiness and posture.
CompSAT Poster
From L to R: DISM students Jerrod Sim,
Ng Jing Fang, Aloysus Koh and Joseph Lim. 
PDPA video screen.
CompSAT Dashboard.

Tuesday, October 1, 2019

Singapore Cyber Conquest (GovWare 2019)

1 Oct 2019. The Singapore Cyber Conquest is a highlight of GovWare, open only to students of Institutes of Higher Learning (IHLs) in Singapore and ASEAN to challenge their cybersecurity capabilities in a near real-world cyber range.

Participants will race against time to complete a diverse range of cybersecurity challenges that will put their cybersecurity skills and knowledge to the ultimate test.

The following three teams from SP are participating in the Cyber Conquest, namely:

  1. SP Team 1 km/s
  2. SP Team 2 Duck2.0
  3. SP Team 3 Loading

Glad to see our DISM graduates representing Universities participating in the competition too.

Wish all participants have a good game!!!

Monday, September 2, 2019

Bug Hunting Exercise @ SP, by YESWEHACK.com

2 Sep 2019. In the afternoon, DISM students continued with the Bug Hunting Exercise at Cyber Wargame Centre (CWC). Two web-based applications were hosted on the network for students to try out their skills to identify vulnerabilities in the application systems. It was quite an eventful day as the instructors (Lucas and Kevin) and students were able to identify quite a few vulnerabilities such as directory listing, user enumeration, IDOR, XSS, privilege escalation, etc.

The bug hunting exercise will help the students to understand the process of bug hunting as well as to appreciate that this approach is more efficient way to security testing.

Bug Bounty Workshop @ SP, by YESWEHACK.com

2 Sep 2019. DISM Gryphon SIG (Special Interest Group) has organised a workshop for our students. The half-day workshop in the morning on Bug Bounty is conducted by Lucas and Kevin from YESWEHACK.com @ SP Cyber Wargame Centre (CWC).

This is the first Bug Bounty workshop conducted by YESWEHACK.com for IHL in Singapore.

Lucas (aka BitK) with students @ T2034

Kevin with students @ T2033

Saturday, August 24, 2019

Pioneer batch of NSF cyber specialists graduates - Straitstimes.com

23 Aug 2019. Fifty-six full-time national servicemen from the pioneer batch of cyber specialists graduated yesterday.

The Cyber NSF Scheme received its first intake last December, and the NSFs underwent a 35-week course at the Cyber Defence School at Stagmont Camp in Choa Chu Kang.

In the middle, Cyber Specialist Tan Jia Le, who received one of 13 Golden Bayonets. He is a graduate from the SP Diploma in Infocomm Security Management (DISM) course. 
Third Sergeant Tan Jia Le decided to sign up for the scheme in his third year of diploma studies in Infocomm Security Management at Singapore Polytechnic.

"When I heard about the scheme, I thought it was perfect for me. I could use what I learnt, constantly upgrade my skills, and earn university credits at the same time," said 3SG Tan, 20, who received one of 13 Golden Bayonets, awarded to the top specialist cadet graduates from each vocation.

As he has now graduated to become a full-fledged specialist, 3SG Tan, a regular serviceman, will perform advanced cyber roles for Mindef and the Singapore Armed Forces such as threat monitoring for signs of intrusion, making sure there is no suspicious traffic, as well as responding to cyber incidents.

For further details, please visit this URL.

Thursday, July 18, 2019

9 out of 93 PSC scholarship recipients in 2019 are polytechnic graduates, an all-time high - straitstimes.com

SP’s Diploma in Infocomm Security Management graduate, Teo Chuan Kai, as one of nine poly graduates who received the Public Service Commission (PSC) scholarship this year.

This is the highest number of polytechnic recipients yet. Chuan Kai shared how he got a taste of polytechnic life after taking up a five-day advance elective module on cyber security in secondary school. Despite qualifying for a junior college, Chuan Kai decided to enrol in SP due to the interesting modules in the polytechnic curriculum. 

He also shared how his internship experience at GovTech gave him opportunities to nurture his interest in cyber-security and public service. Chuan Kai will be reading information security at the National University of Singapore.

Source: straitstimes.com for more details.