Introducing digital forensics in schools key to cybersecurity's future
newsmaker SINGAPORE--Digital forensics can help curb cybercrime by giving companies the additional knowledge, and should be taught in schools early to cultivate the students' passion.
This will go some way to address the talent crunch in the industry, according to Vrizlynn Thing, the acting head of the cybercrime, security and intelligence (CSI) department at the Institute for Infocomm Research (I2R).
As CSI's acting head, Thing decides on the department's research direction and focus to help the industry "stay ahead of the game" in the areas of cybercrime, cyberattacks and cybersecurity. I2R is a research arm under the government's Agency for Science, Technology and Research (A*STAR).
Thing, who is also an adjunct assistant professor at the National University of Singapore's School of computing, told ZDNet Asia she has been trying to introduce digital forensics into the undergraduate and postgraduate curriculum.
The subject should be taught to students before they enter the workforce as it can give additional insights to develop new technologies, and to help them preventive and defensive action against cyberattacks, Thing explained, in an interview here Wednesday.
Thing currently teaches two IT security modules "Systems Security" and "Advanced Topics in Information Security" at the postgraduate level, and introduces certain topics in digital forensics during class. This is to increase their awareness of the field and attract students to work in IT security research in the future, she explained.
At the undergraduate level, she proposes exploratory research projects in digital forensics and IT security, and selects outstanding students to work on them by conducting research literature and surveys.
Other than universities, they should be introduced into the education system before university, namely in polytechnics, at a more basic level, to cultivate interest and passion in individuals, she pointed out.
Acknowledging she enjoyed science and technology topics as an adolescent because it "fed her curiosity", and would read widely outside her classroom textbooks, she noted this spurred her IT security career, which she calls "playing [her] part in contributing to society".
Q: How did you first get into digital forensics?
Thing: After receiving my PhD in computing from Imperial College in 2008, I2R asked me to set up their fourth research lab whose research areas must not overlap with the current three labs. I proposed digital forensics, they accepted it and I became the head of the lab. I covered systems forensics, mobile device forensics, critical threat intelligence, cybercrime and security attacks evolvement and understanding.
What exactly does I2R's CSI department do?
Basically, we conduct research on existing unresolved problems within the industry and roll out technological solutions for them. We start by engaging industry and potential partners to know who is involved is what areas and understand what security problems they face such as credit card fraud. We then try to understand these problems, brainstorm on how to solve them through approaches proposed by our team.
If we decide it is possible to solve it, the next step would be to evaluate it theoretically, work with it on a preliminary level to see how it gets solved. After that, we tell our industry partners about the idea, walk them through the process on how we solve it. We then write a formal proposal and get them to collaborate with us.
For example, we worked with Visa and PayPal last year and came up with two very successful fraud detection technologies, though I cannot really go into details.
With your background in research and digital forensics, how does it help you develop technologies to solve security issues?
Companies always think IT security is about prevention and protection, but nothing is secure and cyberattacks are often unexpected. Digital forensics can give us the knowledge, which we can apply into the solutions we are developing, so the companies can take preventive and defensive actions against any unexpected cyberattacks and cybercrime. It improves the way we mitigate and respond to cyberattacks.
Research is something we have to work on because we need deep science to move it towards technology and solutions for the industry. It's how we use science and transform it into a solution for an industry, putting them in a better position to defend cyberattacks.
What do you see lacking in the IT Security industry?
I see a shortage of talent. I was at RSA Conference in San Francisco this year, where there were discussions that combating cybercrime was not easy due to the lack of security professionals. However, I believe there are solutions to solve such problems.
IT security and digital forensics are specialized fields but with a background in engineering and computer science, fresh graduates can still pick it up. We can play our part by generating their interest before they enter the working force.
So passion for cybersecurity should be instilled at a young age?
Yes, in fact passion is more important than technical skills when it comes to IT security. security professionals must realize the importance of cybersecurity in today's world and how they can "change the world", and since the youth today are "tomorrow's security professionals", this passion should be groomed at an early age. Even technical skills are necessary in pursuing a security career, interest and passion takes them even further, and motivate you to solve all issues faced by the industry.
As you head the nation's cybercrime, security and intelligence (CSI) department, how do you view the security landscape?
The number of cyberattacks and cybercrime is ongoing, will rise and not go down. It is a competition between us and the attackers which is set to become steeper, as there are more enabling tools for hackers. Data is becoming digitized and cybercriminals are using digital means to steal information. Critical infrastructure is also becoming dependent on technology. As technology advances, cybercriminals use technology enablers to be innovative, and we always have to catch up by working on newer ways to mitigate and respond to them.
What is your definition of an innovative technology then?
It is not about coming up with a silver bullet, but something that is better than previous technologies and is able to counter attacks better. If it is an idea or solution which is obvious, many people will be working on it so it is not considered innovative. The cybercriminals will be able to think of it, so innovation is when you try your best, think out of the box, come up with something more advanced and not so readily available. That is not easy, of course.
What's your advice for the industry when it comes to security?
Right now, the public is more security aware compared to the past after security incidents keep making headlines in the past few years. That said, we still need to continuously attract talents into the field and make sure we stay ahead. It is a united effort, not based on one person or organization alone, and it is very important we come together to solve this problem and try our best to solve it.