IT AND TECHNOLOGY | AREAS OF WORK
cybersecurity A global increase in the number of cyberattacks has led to a growing demand for specialists.
W
ith companies and organisations becoming more and more reliant on IT and technology for transactions and communications, cybersecurity has grown to become a key concern. For this reason, specialists – who work to safeguard all systems connected to the Internet, including software, hardware and data, from cyberattacks, and aim to limit risk and protect assets through developing a range of technologies, processes and operations – are in great demand.
Career overview Job opportunities tend to fall under one of the following three roles in this sector: • Consulting: This involves providing clients with risk assessments before advising and counselling them on the various strategies that can help keep their businesses safe from harm • Engineering: Builders of the community, security engineers are responsible for planning and building IT systems strong enough to withstand any cyber threats • Operations: The “guards” of the system, operational security experts monitor the systems for any signs of threat While specialists are usually hired by firms that render their services to other companies, some organisations, such as banks and online-based businesses, do invest in their own in-house cybersecurity teams.
52
STEM Career Guide 2022
Depending on the area of work, there are very different work styles. For instance, consulting and engineering work tends to be project or client-based, and can last between 12 to 24 months. Work is done in teams of varying size, and graduates often find themselves guided by mentors. The operational security side, however, can anticipate a steeper learning curve, especially if a talent for investigative work is shown. Work can be found at security operations centres, where constant surveillance over systems is run for clients. Digital forensics is an alternative. Here, infected machines or systems are examined; or penetration testing is conducted, running simulated attacks on systems to check susceptibilities. Work in this area tends to be more client-facing than other areas, however. For career progression, graduates are encouraged to invest in professional certifications or related courses.
Singapore has also taken a hard stance on cyberattacks, connecting incidents to loss of not just reputation, but also money, data theft and fraud. To that end, in 2019, the Government Bug Bounty Programme (BBP) was introduced with the goal of pinpointing vulnerabilities in selected systems. This initiative was quickly followed by the Vulnerability Disclosure Programme (VDP).
Pros and cons A dynamic industry Life in this sector is hardly ever dull; graduates have the chance to work with a variety of clients ranging from government bodies to commercial businesses. Irregular working hours Keeping one step ahead of cyber criminals can be difficult, and because problems and threats can pop up at any time, extra hours may be needed in times of emergency.
Trends and developments Where resources were traditionally concentrated on guarding vital system components and other parts were left open to less dangerous risks, the changing nature of cyberattacks have prompted a new, more proactive approach. Thus, with viruses and phishing attempts on the rise, and valuable data at stake, large and small organisations have begun changing their stance.
Required skills
• An eye for detail • Critical thinking skills • Problem-solving skills • Trustworthiness (discretion is tantamount to ensure client confidentiality)