Meharun Nisha, Systems Engineer, SingCERT (NCIRC), Cyber Security Agency of Singapore, Singapore
By Yun Xuan Poon
Women in GovTech Special Report 2021.
As a Systems Engineer with the Singapore Computer Emergency Response Team (SingCERT) under the Cyber Security Agency of Singapore (CSA)’s National Cyber Incident Response Centre, I play a part in protecting Singapore’s cyberspace by responding to incidents affecting the public, private businesses, and international CERTs.
On a typical workday, I triage and analyse information that is reported to SingCERT to identify the nature of the incident. As part of analysis, I leverage different resources and tools to gather and verify data. I also work closely with other CSA divisions, government agencies and national CERTs to exchange information and correlate indicators. Based on the analysis findings, I provide advice to the affected parties to resolve the incident with appropriate remediation measures, and recommendations on best practices that can be taken to protect against similar threats.
For specific cyber incident investigations, I work with the incident response team with various technical knowledge to examine and analyse artefacts for evidence. In addition to that, I also publish advisories and alerts to highlight vulnerabilities and cyber threats that impact Singapore's cyberspace.
What was the most impactful project you worked on this year?
One of the projects that I had worked on this year was the 16th ASEAN CERT Incident Drill (ACID). ACID is an annual exercise – hosted by Singapore since 2006 - that aims to strengthen the cybersecurity preparedness and cooperation between CERTs in ASEAN Member States (AMS) and Dialogue Partners. The drill exercise requires CERT teams to investigate, analyse, and recommend remediation and mitigation measures in their reports.
As an organiser, I liaised with various stakeholders to coordinate the exercise as ACID was held in conjunction with the opening of the ASEAN-Singapore Cybersecurity Centre of Excellence (ASCCE) at the sixth Singapore International Cyber Week. In addition, I worked with my team to brainstorm and design a series of scenario injects and developed artefacts based on the prevailing cybersecurity threat.
It was particularly impactful to my team when participating CERT teams provided positive feedback that the exercise was well designed and beneficial to their learning. CERT teams also reflected that they were able to incorporate the relevant measures into their incident response plans.
What is one unexpected learning from 2021?
I represented CSA in the IMDA Digital Pod webinar for seniors as part of the SG Cyber Safe Seniors Programme. With the effort of CSA and its co-partners such as Infocomm Media Development Authority (IMDA) and Singapore Police Force (SPF), the programme was extended to the Tamil speaking community for the first time.
The programme focused on raising awareness of cybersecurity and encouraging the adoption of good cyber hygiene practices. While I am usually confident in my Tamil speaking skills, it was interesting to learn to use the language to present cybersecurity concepts in a simplified manner – a departure from the complex cybersecurity jargon and terminologies in my day job - that would not confuse the seniors.
What’s your favourite memory from the past year?
CSA’s social activities committee organises charity events and volunteer drives. Last year, the committee collaborated with Lions Home for The Elders to do an e-volunteering session for the residents. As a volunteer, we had to encourage the residents to do their upper body exercises through fun segments including a Baby Shark song and dance. It was extremely heart-warming to watch the residents enjoying themselves remotely despite the pandemic restrictions.
What’s a tool or technique you’re excited to explore in 2022?
I’m keen to explore and incorporate the use of Artificial Intelligence (AI) in the detection of cyber incidents. One example could be the detection of phishing threats. As SingCERT receives a high volume of cases that involve suspected phishing websites and emails, we are required to manually investigate and verify the legitimacy of each phishing threat. The use of AI could facilitate the detection of phishing threats, and reduce the time taken to verify and act on such findings.
What are your priorities for 2022?
I aim to stay relevant in this fast-evolving world of cybersecurity and keep a lookout for new and emerging trends. It would be interesting to explore and understand the latest tactics, techniques, and procedures (TTP) that are deployed by threat actors and cyber criminals. This will ensure that I am better prepared in my response to cyber incidents.
Who are the mentors and heroes that inspire you?
While there are no specific mentors or heroes that I follow, I recently came across an interview of Jonathan Tiong, a National University of Singapore (NUS) valedictorian who has spinal muscular atrophy. As it is a progressive disease, he takes one day at a time. He is also very careful with how he spends his energy and does not waste it on unnecessary things. His simple yet profound outlook on life has been an inspiration in my approach to my life as well.
What gets you up in the morning?
The alarm clock, mostly. Jokes aside, knowing that every day is a fresh opportunity keeps me excited and motivated.