bjectivesbout Usponsorsewsast Eventsontact Us

ogin-TECCirrororumsinks

 

Epitaph

 

Thank you for visiting SIG^2’s portal.  It has been close to 3 years since SIG^2 took a walk into the pages of history.  I may not be the most appropriate person to write an epitaph for the organisation, but I can see no other who could and would do it.

 

I was one of the co-founder of SIG^2 in 2001, and became the first elected President since 2002.   As a young engineer, I was enthusiastic and passionate about information security.  As the first and de facto information security interest group officially registered with the Registrar of Societies in Singapore, I saw my fate, that of my peers as intimately intertwined with the fortunes of SIG^2.  It was an exciting dawn for information security and we see that there might be a chance that SIG^2 would eventually evolved into a professional society for information security professionals at the same level as the Law Society of Singapore and the Institute of Certified Public Accountants of Singapore.  We were there to make it happen; and in a way, it did - in the form of the Association of Information Security Professionals ("AISP") in 2008, a result where SIG^2 could proudly state that we are induction step that prove that AISP was possible and necessary, and was instrumental in defining much of the workings of AISP and seen to the formation of it; and in doing so, "transited" to the new era.

 

SIG^2 had many firsts.  She was the first official interest group for information security professionals; at the epitome of her time, membership numbered slightly over 1,000.   She was the first host for the many world famous blackhats that came to Singapore; and cultured a rich information security research community in Singapore that had many internationally projects that produced world-class research papers.  She was the first to outreach to the neglected lot of information security professionals in Singapore with monthly or even bi-weekly events, regular newsletter updates and support to both local and international information security conferences, some as far as USA.  As the pioneer in information security community in Asia-Pacific, she became a reference model for many like-minded groups in Asia-Pacific, from Malaysia to Indonesia, from Philippines to HK and China; and SIG^2 had a hand in the formation of many of these communities and had close relationship with them till the end of days.  As a young organisation, we were dynamic in making use of resources, but that did not stop us from having fun either; we had two or three of our AGM held in the now defunct nightspot, The NewsRoom in Robertson Quay with free flow of beer!

 

Slowly, SIG^2 became to play an important part in charting the information security strategy of the Nation.  We were invited to the committees of various National-Level working group and partook in the inaugural Chief Security Officer Roundtable which plotted the first information security master-plan.  Besides, we became the bridge between the blackhats and the whitehats, and eventually became the conduit from information security to technology; and in latter years, business.   But despite how well SIG^2 was doing we still felt that we need to be recognised as an official professional association and own our own career roadmap, knowledge base and a tiered membership that corresponds with the professionals' level of experience with strict inspection of his credentials as well as ethnics, akin to the CPA of the accountants.  And we this strict control in place, we can manage the quality and quantity of information security professionals in Singapore and potentially worldwide, if our model is proven effective and we could grow in the mould of ACCA, making use of our relationship with the information security bodies regionally to promote the growth of a worldwide body for a professional association of information security professionals.  Besides making Singapore into a global powerhouse in the form of a information security hub, more importantly it also create additional value for Singapore information security professionals because for once our credentials will be recognised at an international level, trans-border, which is important as the nature of the job is that information security professionals are constantly on the move.  And we see the form and hope, that will take SIG^2 and the information security professionals further, in AISP. 

 

The formation of AISP took several years.  SIG^2 had become a stout voice in determining the form and direction of the new professional organisation.  Originally it was to form as a Chapter under the Singapore Computer Society ("SCS"), but SIG^2 was originally planned to be formed under SCS initially too, but we strived as an independent organisation so we did not see eye to eye with IDA on taking a step back.  After 1 year of lobbying, we took IDA back to the negotiating table and AISP (then called project "AINSEP", which is another acronym for Association of Information Security Professional) became to take shape as an independent organisation formed under the auspices of IDA and SCS where these two organisations will be represented on the board of directors of AISP.  In acknowledging that Singapore is too small for 2 information security interest groups or bodies, and to make the wait for the launch of AISP to be even sweeter, SIG^2 had agreed to become dormant for the whole year of 2007.  SIG^2 refused to be transited in totality to AISP and coerced all our members to become AISP members.  This is because it is for the information security community to recognise the value of AISP; if AISP is doing the right things, information security professionals will sign up for it willingly.  Furthermore, as the purpose is the manage the quality and quantity of information security professionals, it makes sense to start everything afresh and with a set of stringent recruitment policies.  And there are still many proud SIG^2 members out there wearing that SIG^2 t-shirt - they do not take it kindly that SIG^2 is gone and replaced by AISP, so let's not agitate them even further :)

 

I shall end this with a nice little prose from our ex-VP, Mr. Clement Leong.  IT Security.  By enthusiasts, for enthusiasts.  Forever!

 

 

Aloysius Cheang, Fall 2010

 

 

 

POP THREE
I just want to be out there
to be awed by how the WAN links criss-crosses the seabed
and realise how this NIC is just a niche
to see what beckons beyond the edge
will i finally be whizzing with the light
or just still be chugging like on a 10 BaseT net?

the application is calling
the layers are gossiping
i might be the next one to go
envelopes awaiting: presentation, network and data link
but i'm still stuck here, lingering
because of this IPSEC key exchange thing

the application is still calling
finally the key is ready
all its hundred and twenty eight bits
my envelope is forming
coated with illegible writings
why must this mess get between me and my exit

swoosh!
from darkness to green NIC and the blue ethereal
clones of myself appeared, am i still real ?
all seeking the gateway, looking for deliverance
some dived into IPs and are forever slienced
whatever remained found the default, and poofed into vanishment

what is this new world where RIPs are not needed
how do i move when not a single OSPF is chattered
but i do move, i do move
in droves and multitudes, funny looking mates, we all move
so autonomous, but what to do

hey! clones of myself are siphoned off this tap!
this is not even my destination yet!
how can they do that, what the heck
trust someone to have the cheek bullying a little packet

my unintelligible coat gave a slight flutter
"worry not, about that hedious sniffer,
he can copy, snoop and even capture
he might even huddle the world's computers over
but never will he read what's beneath this cipher"

from blue to green to darkness
the envelopes are stripped to see what is offered
layers passed me till the ultimate seventh
felt like speedy ascension through the heavens
"Did i do ok? Was i compromised ? there were bad guys sniffing like i'm on
Wi-Fi!"
"Fret not, my child. Kiddies can't even spell SSL.
None messes with us, whom muster on the hundred and tenth door of the house."