Singapore Polytechnic launches academy to train adult learners cyber security skills

Gamechanging 
Good! Good! "Babe", your speciality...

babe   Gamechanging 

Cyber security are always evolving.

When new technologies emerge, new securities need to catch up.

No 1 - For eg. When physical servers and network operating system (NOS) are used – security hardening of NOS will be needed.

But when server virtualisation are introduced, security hardening of NOS no longer suffice as attack and security breaches will come by attacking the Virtualisation server such as the ESX servers and the Virtual Machines (VM) before reaching the NOS that resides in the VM.

Thus security hardening will need to take care of ESX servers and VM hardening for examples.

 
No 2 - Before the advent of cloud computing, traditional network are defended by “defense in depth” and “end-point security”.

With the advent of cloud computing, traditional network security defense can no longer applied as all services from network, virtual network, server, virtual server, provision of storage space become virtual, provision of CPU resources, memory, harddisk space, VLANs etc become virtual.

Even firewall, NAT, routing, PAT, IPS, endpoint security, host IDS etc become virtualised and not by physical security devices.

No 3 – Before the advent of WiFi Wireless LAN, Wired LAN are protected by wired network “defense in depth” and “end-point security”.

But with the advent of WiFi Wireless LAN, traditional network “defense in depth” and “end-point security” cannot fully applied.

It require WiFi Wireless LAN security mechanism – notably IEEE 802.11i – security defense suite comprising authentication such as 802.1x port security access (can also be used by Wired LAN) and Radius or Tacas authentication using EAP (Extensible Authentication Protocol class of protocols such as EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-MD5 etc). and encryption cryptography such as AES, 3DES, DES etc.

No 4 – Before the advent of mobile devices such as smartphones, tablets, notebooks – there is no need for security mechanism to protect against such mobile devices. But with the advent of such mobile devices that are used not only for private usage, it is also used for corporate work.

But private used will be subjected to whooping attacks from Internet and need to be content with Trojans, phishing sites, malware, spyware, viruses etc.

Thus the advent of BYOD (Bring Your Own Device), VDI (Virtual Desktop Infrastructure), IPSec VPN, SSL VPN etc to secure the access.

No 5 – Before the advent of VoIP (Voice over IP), people are using analogue phone using PSTN and PABX.

With the advent of VoIP, voice call are IP based and sit on the same network as the IP data network in a different VLAN – the voice VLANs.

Analogue PABX become IP PABX. Sniffing on and recording of voice call become easier especially it go to Internet like skype.

Encryption end to end of voice call become important end to end. This is the same for voice call setup.

This is the same for video conferencing that adopt the IP based video call that are going through the network or Internet whereby the whole meeting session can be hijack or recorded if no security protection.

 

The list can go on and on…………… no breath already…..

To conclude, IT infrastructure design and IT security is forever a catch up games – it is never ending – like police catch thief……  cat and mouse games.

To be a good security IT personnel, first need to be a good IT infrastructure personnel to understand the underlying infrastructure technology – for IT infrastructure security professional.

And to be a good IT application personnel, there is a need to understand the underlying application technology – for IT Application security professional.

老王卖瓜，自赞自夸。Buy lah! Buy lah!

 

babe  babe 

Note :- To complement IT infrastructure security defense - infrastructure design is extremely important.

And Infrastructure is not only a science, but also an art.

Without a good infrastructure design, not possible to have a good infrastructure security – as they go hand-in-hand.

An analogy, to determine how to secure our house we need to design our house first.
For eg. the way of securing a bungalow and a flat will be different.

To secure a bungalow, there is need to be a spiked gate to prevent people from jumping over. The gate should be automatic or manual.
CCTV will need to be put at the front yard and the backyard. 
Door will need to be secured. Fencing around the house will be needed.

The security of bungalow and a flat is starkly difference.

Similarly, when design a network and system, the design of network and system need to be robust, reliable, easy to secured - before IT security can be ascertained what to put in to secured the IT infrastructure.

The person who design the network and system need to be very experienced.

Thus hackers will normally begin by probing and sniffing for information on how the network are build. How the system are build etc - before they can determine how to hack the system by probing what security are in place and how to bypass and hack them.

Gamechanging  babe 

"When new technologies emerge, new securities need to catch up."

No.6 - What when Google Glass arrives at the workplace?

No.7 - What when people start driving fully internet connected Self-Driving Car?

 

babe  Gamechanging 

No 6. Google Glass will not be allowed in places that do presentation of copyrights, secured places etc

No 7. If hackers hack in and take over the control of your car, your safety are at his mercy. Even DDOS will render the car going haywire. Thus unless the securities to protect this technology is solid.

IP technology provide alot of capabilities and open up alot of possibilities. But it can be abused by hackers in the Internet - who do it out of mischief, malicious intent or greed for money.

This however provide new jobs for IT security people and IT infrastructure people to protect and prevent against abused.