#WorkinginCSA: Guarding Against Cybersecurity Threats and Vulnerabilities

02 Dec 2021

Staff Feature Matthias Lum

Meet Matthias Lum, a systems engineer with the Singapore Computer Emergency Response Team (SingCERT), as he shares more about joining CSA’s Cybersecurity Development Programme (CSDP) and his current role in facilitating the detection, resolution, and prevention of cybersecurity incidents in Singapore. 

1. What sparked your interest in cybersecurity, and why did you join CSA’s Cybersecurity Development Programme (CSDP)?

Although I majored in computer science, my interest in cybersecurity was sparked during a university internship, when my mentor performed a SQL injection and exploited my poorly configured database. From then on, I started to appreciate the importance of cybersecurity in allowing us to fully enjoy the benefits of IT and digitalisation.

I chose to join the CSDP as I was drawn to the programme’s format of continuous learning, both academically and while on the job. I also liked the idea of embarking on this journey with a group of peers who would eventually become my colleagues. In hindsight, that aspect of the programme has been very useful in helping me assimilate well into the agency and through my interactions with my peers, I have been able to gain a better understanding of the roles played by the different departments in CSA.
 
2. You are currently a systems engineer with SingCERT. Tell us what you do there.
 
As part of the Singapore Computer Emergency Response Team (SingCERT) that facilitates the detection, resolution, and prevention of cybersecurity incidents for the Singapore constituency, the scope of my daily work is quite varied. There are days where I respond to cybersecurity incidents reported by businesses or members of the public. This includes conducting basic triaging such as analysing email headers, malicious URLs or attachments, and providing affected entities with the relevant mitigation and remediation advice for their business email compromise or ransomware incidents. Every incident is unique and there is something to learn from handling each incident.
 
There are also days where I work with my team to publish alerts and advisories to raise public awareness of the latest cybersecurity threats and trends and to alert them of new vulnerabilities in products and services. 
 
Besides these, I have also had the opportunity to contribute in policy formulation for issues related to SingCERT’s scope.
 
3. Any memorable experience with CSA so far?

There is rarely a dull moment for me in SingCERT, as incidents come in various shapes and forms. Moreover, as part of our work, we often interact with members of the public and we have first-hand information on trending cyber threats and attacks that may be affecting the community. The work we do at SingCERT contributes to helping individuals and businesses as we are looking out for threats and vulnerabilities, alerting them to these, and providing guidance for incident response and recovery.

Among the myriad of experiences, my most memorable was an ASEAN CERTs tabletop exercise in 2021 where participants from different national CERTs shared their responses to various scenarios, such as simulated incidents or the handling of vulnerabilities. The exercise provided the platform for CERTs to share their experiences, best practices and lessons learned, and also allowed me to get to know my counterparts in other national CERTs. That was definitely a memorable and eye-opening experience for me. 

4. What advice do you have for those with non-STEM or non-cybersecurity backgrounds but are interested in this industry?

For a start, having lots of passion for cybersecurity helps! 

If you are interested in the “techie” stuff, there’s a multitude of courses available online (many of them are free! 😊) that you can explore to see if there are any particular aspects that you want to deep dive further into, such as digital forensics or penetration testing. 

If you currently have a non-STEM (Science, Technology, Engineering) or non-cybersecurity background, or are less technically inclined, fret not! Cybersecurity is a multi-disciplinary and all-encompassing field. The knowledge from both STEM and non-STEM domains can have many applications in cybersecurity. In CSA alone, we have divisions working on developing a vibrant cyber ecosystem, enabling a safer cyberspace, and enhancing international cyber cooperation, among others. Many of these roles require engagement with the industry, formulating and implementing policies, and establishing partnerships as we chart our path towards a more cyber resilient nation. You might just find your non-STEM background to be invaluable to one of these roles.

5. How do you unwind from work?

Being in nature helps me relax. Sometimes, I dry-press flowers that I find on hikes to preserve them. I also like to create mini terrariums using recycled glass cups and bottles.

Recently I picked up a hobby of creating cute animal images using HTML, CSS, and SVG. This has also been helpful in brushing up my knowledge on front end development languages. Recently, I designed this amateurish image that can be seen at this link. SVG shapes and images are expressed in mathematical calculations, and it has given me an interesting perspective about art and math.