What has been the most exciting thing that you worked on in 2017?
As the Ministry’s Chief Information Security Officer (CISO), I had to engage various stakeholders to establish the Ministry’s overall ICT security strategy and ensure it aligned with agencies’ business needs. I was heartened by the positive support of agencies for the cybersecurity measures that we had to implement.
It was also challenging for me in my other role as the Chairman of the Ministry’s Cybersecurity Expert Group supporting the Public Service Transformation. I had to and am responsible for developing progressive and pragmatic policies to strengthen the Ministry and our statutory boards’ cybersecurity posture to facilitate digital transformation.
What technology particularly interests you for 2018?
The use of Artificial Intelligence, Data Analytics and Machine Learning in the cyber domain to comb for Indicators of Attack, Zero-Day Exploits and Abnormal Behaviours will be interesting areas to look out for.
If you were to share one piece of advice that you learned in 2017, what would it be?
Provide early warnings and break bad news to your stakeholders and management early. Keeping bad news to yourself is stressful. Let them share your burden and leverage their influence to help you contain and remediate the situation when it is still manageable.
Best of all, it helps build confidence both ways – stakeholders are assured that you will not give them a rude surprise, and you can lean on them when you need help.
What was the greatest challenge that you overcame in 2017?
For a newcomer to the Ministry, I had to quickly nurture good relationships with stakeholders – from the rank-and-file to senior management – so as to garner their support for “perceived” unpopular cybersecurity measures. I am glad that everyone was very supportive in recognising the importance of cybersecurity to our daily operations.
Who inspired you in 2017, and why?
There are many people who inspired me. I would like to cite my bosses, the Security Monitoring specialists and fellow CISOs from the GovTech’s Cyber Security Group. They are the unseen angels protecting the whole-of-government ICT infrastructure and systems.
They work selflessly beyond working hours and sometimes throughout the night when responding to heightened threat situations, often at the expense of their social and family time.
Whenever I had to scramble in the wee hours, I knew that I was not alone and I could rely on the Security Monitoring specialists and my CISO colleagues for their support and advice.