EXCO Blog 


  • 6 Apr 2020 11:26 PMNeha Malhotra

    1. Members-get-Members referral promotion

    To all (ISC)2 Singapore Chapter Member,

    We are launching the long awaited member referral program this year! 

    This is in appreciation of your efforts in helping to build a vibrant Security Professional community in Singapore, by referring your friends and peers to join our local (ISC)2 Singapore Chapter. 

    We are rewarding you with the following Member-get-Members benefits:

    From now to September 30, 2020:

    1) Existing chapter member refers ONE new paid member to sign-up – rewarded with ONE year chapter membership extension.

    2) Existing chapter member refers TWO new paid members to sign-up - rewarded with TWO years chapter membership extension.

    3) Existing chapter member refers THREE or more new member to sign-up – reward with TWO years chapter membership and vie for the TOP Member Referral Award.

    How to Participate:

    1. Have your friends sign-up at https://lnkd.in/fnBt9uT

    2. Complete the “(ISC)2 Member Referral” field with your full name and (ISC)2 ID

    3. Send us an email membership@isc2chapter.sg with your full name, (ISC)2 ID and your friend’s name.

    4. Once the new member sign-up process and payment are completed, we will notify you of the membership extension.

    2) Be A Chapter Ambassador

    In line with the Members referral program, be a Chapter Ambassador and be recognized as one. Existing chapter member who has referred THREE or more new member to sign-up will be recognized as a Chapter Ambassador. The member will be listed on the chapter’s website Honors Roll for Chapter Ambassadors. This is in addition to being rewarded with TWO years chapter membership and the opportunity to vie for the TOP Member Referral Award.


  • 6 Apr 2020 11:17 PMNeha Malhotra

    Complimentary (ISC)2 Singapore Chapter membership for one-year (2020) for newly certified members

    Congratulations to all Singapore residents who have successfully been certified as “associate member” or “professional member” of (ISC)2 on/from January 1, 2020. 

    On behalf of (ISC)2 Singapore Chapter, we are pleased to offer you complimentary (ISC)2 Singapore Chapter membership for one year (2020).

    Should you be interested in taking up this offer, please send the following details to membership@ISC2chapter.sg to receive a promotional code for complimentary membership when you register online:

    • Name
    • (ISC)2 member ID
    • Certification type (i.e. CISSP, CCSP, etc)
    • Date of certification

    Don’t miss out on this special offer which is limited to the first 300 applicants!

  • 2 Apr 2020 11:22 PMHeng Chye (Carter) Tan

    Hi all,

    we have created a forum within the (ISC)2 Singapore Chapter website for the System Security Certified Professional (SSCP) Study Group.

    I would like to share that SSCP is a great starting point for Associate members or student members to start pursuing their Cyber Security certifications.

    Some Professional members who are already CISSP certified might ask what are the difference between SSCP and CISSP? The SSCP is designed for the technical practitioner. It covers how to incorporate, build, design and apply security to technology.

    The CISSP was designed with leaders in mind. It emphasizes how to build a program and apply concepts of security to the business. SSCP tends to focus on technical application, and CISSP on the business alignment of that application. Another important point to consider is depth and breadth: SSCP has more depth; CISSP has more breadth. 

    Therefore to be endorsed and Certified as a SSCP, it only requires one year of experience a year of cumulative, paid, full-time work experience in one of the seven domains.

    For the CISSP, candidates must have at least five years of cumulative, paid, full-time work experience in two of the certification’s eight domains.

    Even though I was CISSP certified before I got my CCSP and SSCP certifications, I went for my SSCP because I want to test the depth of my skills as a technical practioner. Well I can say it's up to every individual's resolution and preferences. 

    If you have friends that who would like to have a career change to the Cyber Security field, SSCP training and certification is definitely a good start. Join our chapter as we have certified members who facilitate the Study Group. 

    To access to the forum, please follow the following steps:

    1. Login to the portal

    2. Navigate to the right selection for more options

    3. Point to Forums 

    4. Click on Professional Forums

    Our Chapter EXCOs will be assisting and moderating the study group. Please read through the guide, sharing points and ground rules that I have stated within the forum. 

    Looking forward to help more (ISC)2 Singapore Chapter Members to achieve their SSCP certification. 


  • 27 Mar 2020 5:33 PMHeng Chye (Carter) Tan

    Hi all,

    we have created a forum within the (ISC)2 Singapore Chapter website for the Certified Information System Security Professional (CISSP) Study Group. To access to the forum, please follow the following steps:

    1. Login to the portal

    2. Navigate to the right selection for more options

    3. Point to Forums 

    4. Click on Professional Forums

    Our Chapter EXCOs will be assisting and moderating the study group. Please read through the guide, sharing points and ground rules that I have stated within the forum. 

    Looking forward to help more (ISC)2 Singapore Chapter Members to achieve their CISSP certification. 


  • 27 Mar 2020 5:06 PMHeng Chye (Carter) Tan

    Hi fellow members,

    there has been two updates in the (ISC)2 CCSP Study Group forum and I have provided some resources that interested candidates can refer to. These resources are free for download and is useful for your preparation for CCSP exam. 

    In subsequent updates, I will start to pose some key focus questions to get a sense of interested candidate's understanding of Domain 1 of the CCSP based on the (ISC)2 Official Study Guide. 

    Get involved and exchange views and sharing of knowledge everyone. Cheers!

  • 23 Mar 2020 12:17 PMHeng Chye (Carter) Tan

    Hi all,

    we have created a forum within the (ISC)2 Singapore Chapter website for the Certified Cloud Security Professional (CCSP) Study Group. To access to the forum, please follow the following steps:

    1. Login to the portal

    2. Navigate to the right selection for more options

    3. Point to Forums 

    4. Click on Professional Forums

    Our Chapter EXCOs who are accredited with CCSP will be assisting and moderating the study group. Please read through the guide, sharing points and ground rules that I have stated within the forum. 

    Looking forward to help our (ISC)2 Singapore Chapter Members to achieve their CCSP certification. 

  • 7 Mar 2020 10:40 PMNeha Malhotra
    The World Health Organisation (WHO) has declared a public health emergency of international concern over the Novel Coronavirus (COVID-19).
    Effective 7th Feb 2020, Singapore Ministry of Health (MOH) raised the DORSCON  - 'Disease Outbreak Response System Condition' Level to ORANGE. All major industry conferences have been postponed or cancelled, including BlackHat Asia 2020, Cyber Attack 2020 and Google Cloud Next '20.

    Following the government advisory to cancel or defer large gatherings, (ISC)2 Singapore Chapter is planning to organize the next event as a webinar instead of a members' gathering if the situation remains same.

    We will keep you posted as soon as the agenda for our next event is finalized. Stay tuned!

  • 7 Mar 2020 10:36 PMNeha Malhotra

    Cisco Systems has patched two high-severity vulnerabilities in its popular Webex video conferencing platform, which if exploited could allow an attacker to execute code on affected systems.

    Two multimedia players tied to the Webex platform are impacted. First is the Cisco Webex Network Recording Player, used to play back Advanced Recording Format (ARF) files on the Windows operating system. ARF files contain data from a recorded online meeting, such as video data and a list of attendees. Cisco Webex Player is also affected, which used to play back Webex Recording Format (WRF) files on the Windows OS. WRF files contain audio and video recordings, typically used for demonstrations, training and conferencing.

    The vulnerabilities (CVE-2020-3127 and CVE-2020-3128) are both 7.8 out of 10.0 on the CVSS scale, making them high-severity. They stem from an insufficient validation of non-detailed, “certain elements” within a Webex recording that is stored in either ARF or WRF, said Cisco.

    For more information, please visit:

    https://threatpost.com/high-severity-cisco-webex-flaws-fixed/153462/

  • 4 Mar 2020 11:27 PMAlice Lee

    @carter they heard one of our conversation topics yesterday - IOT security, not the part of Ah Long (loan shark). I shall discuss the “Ah Long” in next session. Carter was asking who responsibility is for the IOT security. I argued it is the regulatory bodies or the government. Just like electrical appliances selling in  Singapore are required to compliant to specified safety standard. IOT devices should have the same restriction to protect the internet as well as IOT users. If all can still remember the Mirai botnet attack in Oct 2016. It brought down huge parts of internet, especially at the east coast of USA. Globally, hundreds of thousands of vulnerable IOT devices were hijacked and used as botnet to launch powerful DDOS attack

    Connected IOT devices are expected to reach 41.6 billion by 2025 per IDC’s latest study. This projected number seems to change drastically over the years. It worked out to be 5.13 connected device per person on earth, based on 8.1 billion population. This is a huge number, you can imaging the scale of damage it can bring if the connected IOT devices are not secure. It is timely that Singapore government is addressing the issue. This will help to level the playing field for the IOT devices manufacturers, incentified them to design security into their products, such as secure boot, digitally signed firmware/software, security patch update and secure authentication login.

    The next important step is to educate consumers on IOT Security. It is cool to have a smart home, with smart light, smart fridge, CCTV and etc, it helps to improve efficiency and life style. But what if adversary can view and control your smart home remotely? how many consumers understand the important of protecting their IOT devices, and have the technical knowledge to do so ?

    May be IOT Security can be our coming event topic : ). Pls vote if you like to participate.

     


<< First  < Prev   1   2   Next >  Last >> 

© Copyright . ISC2 Singapore Chapter. All Rights Reserved.


Powered by Wild Apricot Membership Software