Safeguarding online safety in today’s digital world

By Ryan Arcadio

In today’s digital world where data is said to be the new oil, passwords serve an invaluable function: protecting our information online—from confidential company emails to personal photos and messages. Accordingly, whenever we sign up for a new social media platform, we are often encouraged to use “strong” passwords with unexpected character combinations.

Despite this, ‘123456’ remains the most common password even in 2020—with over 2.5 million people worldwide using the numerical string. Weak passwords like this take less than a second to crack, making it easy for hackers to collect sensitive information.

However, passwords are but the tip of the iceberg when it comes to effective cybersecurity practices in Singapore. From the moment we log onto our computers, an intricate—yet unseen network—of cybersecurity measures ranging from firewalls to antivirus systems to intrusion detectors help keep our digital data safe from prying eyes.

To promote better password habits and encourage people to take cybersecurity and personal data protection more seriously, Intel Security created World Password Day in 2013. This year, we highlight the inspiring story of chemist-turned-cybersecurity consultant Mr Tan Wenliang—a proud alumnus of the Cyber Security Associates and Technologists (CSAT) Programme under the TechSkills Accelerator initiative in Singapore. The programme is supported by the Infocomm Media Development Associate (IMDA) and Cyber Security Agency of Singapore.

Now working as a Senior Associate at professional services PwC Singapore, learn about how Mr Tan improves companies’ digital defences on a daily—and pick up some good cyber hygiene habits along the way!

Making the big switch

Mr Tan entered the high-stakes world of cybersecurity after years of experiencing the effects of digitalisation first-hand. However, his passion for the field only became apparent shortly after earning his chemistry degree at the Nanyang Technology University, Singapore.  

“While in university, I explored potential career options within the same field such as in research and quality control, but I wasn't certain if these were career paths that I would like to pursue. I was keen to explore the tech sector and chanced upon the CSAT programme,” the 29-year-old recalled.

With two tracks under the programme, CSAT collaborates with training partners to train and upskill fresh ICT professionals or even mid-career professionals for cybersecurity job roles. The Associates track, specifically, caters to fresh ICT and engineering professionals with three years or less of work experience. Through the CSAT programme, Mr Tan was able to successfully apply for PwC Singapore and join the firm’s cybersecurity team as an associate in 2017.

“PwC Singapore has a strong coaching culture where each individual has a coach guiding you in your career trajectory as well as throughout the various client engagements that make up the core of our work,” he shared.

Following three years of dedicated work, Mr Tan has since risen to the rank of senior associate. In his current role, he reviews their client’s IT environment and controls against industry standards and best practices—ensuring personal data protection and identifying gaps in their frameworks in the process. After assessing their client’s overall systems, he and his team then give recommendations to resolve these cybersecurity gaps.

Boosting digital defences

In line with today’s celebration, one of the most common cybersecurity mistakes he has observed in his career revolves around—you guessed it, weak passwords. From individual Internet users to big conglomerates, the passwords they use are typically too short and easy to guess using known personal information, which predictably makes them bait for hackers.

With COVID-19 accelerating digitalisation, more and more cybercriminals are exploiting the increase in digital activities to steal data and disrupt critical infrastructure. As more activities shift online, individuals and companies in Singapore need to be more vigilant than ever by adopting the best practices in cyber security. On top of best practices like multi-factor authentication, where two or more unique pieces of evidence are required prior to login, organisations can also leverage single sign-on (SSO) solutions to reduce password use. After all, the more passwords to be remembered, the more likely password hygiene suffers.

Proving that there is indeed beauty in simplicity, SSO solutions allow the use of a single set of login credentials to access multiple applications. Though at first glance SSO may seem riskier, it reduces the number of entry points that can be breached by hackers. Implementing privileged access management (PAM) systems could also help secure high-value data by allowing users to only receive the necessary level of access required by their job function.

All in all, safeguarding digital data has proven to be a very fulfilling cybersecurity career for Mr Tan. “I’ve had the opportunity to work with organisations within the public sector and it’s very meaningful to see my projects being utilised by people every day. It gives me a sense of satisfaction to know that the work I have done has contributed to the security of our systems and personal data,” he concluded.