Chok Wen Li, Consultant, Cyber ​​Security Certification Center, Singapore Cyber ​​Security Agency, Singapore

How do you use technology / politics to improve the lives of citizens? Tell us about your role or your organization.

As a certifier with the Cybersecurity Certification Center of the Cyber ​​Security Agency of Singapore (CSA), I assess and certify IT products. This involves examining the product for vulnerabilities and security weaknesses. Simply put, it would be about “hacking” computer products (with the agreement and cooperation of the manufacturers themselves) to discover vulnerabilities.

Another important part of my job is to raise cybersecurity awareness and encourage the use of more secure products. I am grateful for the opportunities to conduct hacking demonstrations to students at recruitment fairs and on Singapore TV shows such as Frontline and Punk’d etc. It’s interesting to watch the surprise reactions from the audience when they see that these devices could be hacked, and it’s a lot easier than they thought.

Personally, I see the importance of promoting cybersecurity awareness and making cybersecurity easier and more accessible to the general public, like my family and friends, so that they can better protect themselves from online scams and protect their own. private life. This is what I have always wanted to do and I am grateful that I can do it in my job.

What has been the most significant project you have worked on this year?

I am happy to be part of the team that conceived, designed and launched the Cybersecurity Labeling Scheme (CLS). This is a world first with a four-level rating system for smart products. We were inspired by the Singapore National Environment Agency (NEA) five-check energy label indicating the energy efficiency of household appliances. Likewise, our Cybersecurity Label from 1 * to 4 * offers transparency and visibility to consumers on the cybersecurity measures implemented in the product. Consumers would be more aware of product safety and thus able to make more informed decisions about the safety level of devices. In addition, it also encourages manufacturers to develop products that are safer and that could help them gain better market access.

Most importantly, our hope is to improve the hygiene of cybersecurity in smart devices, leading to a more secure cyberspace for all so that we can all enjoy the benefits of digitization.

What is an unexpected learning of 2021?

I am an active volunteer at Jurong Spring Community Club, focusing on making friendships and planning events for seniors. I am also happy to teach them how to browse the internet
without issue. Thank you for having the unexpected opportunity to host my first speaking webinar (in Chinese!)

Additionally, I had the opportunity to appear on Singapore’s MediaCorp Chinese news show, Frontline, to show how cybercriminals have carried out phishing attacks against unsuspecting audiences.

Beyond the technical work, I learned how to make cybersecurity easier for the public to understand and I had the chance to practice my public speaking!

What is your favorite memory from last year?

This would be the launch of CLS during Singapore International Cyber ​​Week (SICW) 2020. It was a difficult journey for my team as we had no benchmark models and we never thought we could successfully launch the program. We encountered difficulties in developing the requirements for each CLS level and in selecting an appropriate reference standard that would generally be adopted globally to facilitate mutual recognition with other countries. It was also crucial to have a delicate balance in the difficulty of the requirements and at the same time the requirements should be achievable so that manufacturers remain motivated to meet the requirements and continue to develop better and safer products.

Additionally, SICW 2020 has been hosted virtually due to the Covid-19 pandemic; we had to overcome and adapt to unforeseen changes. I’m glad we did and it was gratifying to see consumers, manufacturers and the ecosystem benefit from CLS.

What tool or technique are you eager to explore in 2022?

I would say it is difficult to limit yourself to one tool or one technique. I’ve always enjoyed learning new things and hacking different things. For example, now that everything is almost digitized or virtualized, I want to explore areas such as Software Defined Networks (SDN), Network Function Virtualization (NFV), and 5G to broaden the range of network products to be evaluated. With the rapid pace of technological advancements, I’m also keen to examine how our team could do things more efficiently, like taking advantage of software analytics tools, automation, or even AI / AI. machine learning.

What are your priorities for 2022?

I would like to continue to deepen my technical skills and at the same time reach out to more people to promote cybersecurity awareness.

I also look forward to the new Graduate Certificate Program in Material Safety Assessment and Certification offered by Nanyang Technological University (NTU) in collaboration with CSA. I think this program would provide me with the knowledge and skills about physical hardware attacks and how to defend against them – an area that I haven’t really mastered yet.

Who are the mentors and heroes that inspire you?

My parents were the best mentors of my life. They taught me to follow my passion, not to give up during the trials and to take small steps towards my goal. I see my teammates as heroes who dare to dream, work towards our goal and celebrate our achievements together.

Cybersecurity can be difficult due to the rapid evolution of technology and yet it is also the fascinating part of cybersecurity as we always have the opportunity to learn, unlearn and relearn.

What wakes you up in the morning?

Cybersecurity covers a wide range of areas ranging from network, cryptography, hardware, software and many more. It offers endless learning possibilities.

Learning new skills every day is what gets me up in the morning. Additionally, I find it meaningful and meaningful in my assessment / certification work as it helps protect individuals and the nation from cyber incidents.

Finally, sharing my knowledge with the public to help them better understand cybersecurity and stay safe in the digital world, also gives me a boost of energy in the morning!