After 15 years at MINDEF, the CEO of Red Alpha Cybersecurity talks about doing his part for Digital Defence. 

“I think Artificial Intelligence (AI) is a double-edged sword. As we develop it to perform more automated tasks, more jobs don’t require human intervention. It frees us to focus on other important things. In that sense, AI improves people’s livelihood significantly.

But while we’re harnessing its potential, there are threat actors that use AI for malicious purposes. So we need to keep up with their tactics to successfully defend against them. It’s an arms race, but at the end of the day, that’s the reality of any revolutionary technological change.

I worked for the Ministry of Defence (MINDEF) for 15 years. And in those years, I had the privilege of doing a variety of cybersecurity roles. But I didn’t think that I would join MINDEF at the start. My interest in cybersecurity really began by chance.

When I was in Officer Cadet School, I met an instructor who had just come back from a peacekeeping operation in Timor-Leste. I was inspired to be like him. So I applied to sign on in the Singapore Armed Forces and was offered an award to study computer engineering.

After I graduated, the organisation decided that maybe a more IT-related job in MINDEF would be a better fit. The idea was interesting to me, and I took the plunge. I signed on with a slightly different goal, but in the end, that’s how my cybersecurity career took off.

As cybersecurity practitioners in MINDEF, we were aware of the looming dangers and threats very early on. But when the Cyber Security Agency was set up in Singapore back in 2015, that’s when the general populace knew that cybersecurity was a national issue.

And two years later, cybersecurity incidents in Singapore – like the WannaCry ransomware attack; the 2018 SingHealth cyber attack; and the loss of personal data of our NSMen on MINDEF Internet-facing systems – further raised the public’s awareness of cybersecurity.

People started to realise that cybersecurity isn’t just something they read in the papers or off the Internet. They can’t just think, ‘Singapore is a small country. I’m an unknown individual. It won’t happen to me’. The truth is, it can happen to anybody who is not careful or aware.

My 15 years in MINDEF were very fulfilling. I have no regrets signing on, but one of the persistent issues we faced was the lack of skilled manpower in cybersecurity. My colleagues and I generally worked long hours, although we didn’t mind it because we really enjoyed the work.

When Red Alpha approached me to join them, they shared their mission of training people from all walks of life to be cybersecurity practitioners. I thought their method of introducing new talents to the industry was a great way to solve this shortage of manpower.

Red Alpha’s model is to recruit talents from all backgrounds. You don’t need to have any experience in IT, but you need to demonstrate aptitude and attitude in order to go through their training. Creating this sustainable pipeline of talents sounded like a worthwhile endeavour, so I took a leap of faith and joined them.

80 percent of our talents at Red Alpha are mid-careerists. Usually, if someone wants to make a career pivot, they need to pay for a training programme, make time to acquire the necessary skill sets, and then find jobs on their own.

In fact, we pay them a monthly salary of about $2,500 throughout their six months of training. Once they complete their training, we will place them in full-time jobs in the cybersecurity industry through our network of hiring partners.

Every talent who comes on board has a story, and we’re proud of all of them, because even with the right attitude and aptitude, the learning curve is very steep. An example of a talent we have is Howard, a former national bowler who won SEA Games gold for Singapore.

When he decided to explore other career possibilities other than bowling, he was not sure which direction he wanted to go. He applied for Red Alpha, and was surprised to discover he had excellent potential in cybersecurity.

With that, he dived into the world of cybersecurity, worked really hard during training to pick up the skills, and he’s now a security engineer at Kiteworks, a cybersecurity solutions company.

I think becoming a father has somewhat changed or impacted my outlook on cybersecurity. My daughter’s two this year, so she’ll be part of the future generation of digital natives. I’ll really need to educate her and guide her on her online activities.

Don’t be too obsessed with the online world, don’t entertain certain messaging requests from strangers, don’t engage in cyberbullying or get too affected by comments that people make online. You know, those kinds of things.

But the great thing is, ever since Digital Defence was added as one of the six pillars of Singapore’s Total Defence, the importance of it is taught to kids in primary and secondary schools. It’s nice to know that students are taught how to protect themselves and the nation online.

I think the general populace understand what is required of them as part of citizen defence, especially in this day and age where we are seeing a rise in cyber scamming, phishing emails, as well as ransomware.

You don’t need to be a computing expert to practise good cybersecurity habits, like using complex passwords for every account, and not immediately clicking suspicious emails and giving away privileged information.

Developing cybersecurity habits over a period of time is like knowing that you should wash your hands after you use the washroom, or wearing a mask in public if you are not feeling well.  We cannot stop the digital revolution, but everyone has a part to play in cybersecurity.” – Benjamin Tan, CEO of Red Alpha Cybersecurity

Interview by Arman Shah