Mr Chong Rong Hwa is a Principal Cybersecurity Specialist in GovTech responsible in leading the GovTech Red Team (ethical hackers), to discover security vulnerabilities in identified Nationwide and Governmentwide critical projects. With his in-depth attacker and defenders’ experience, he takes on the role of Cybersecurity Product Manager, responsible in researching and building advanced cybersecurity products to help organisations gain asymmetric advantage over adversary tactics at a greater scale.

Prior to joining GovTech, he was the architect and senior manager of MVX core engine at FireEye, a global cybersecurity company. He led and orchestrated multiple research teams of varying cybersecurity domains (Windows, Macintosh, Android, iOS and Lateral Movements) in achieving high quality detection for FireEye core products. To ensure that the team was ahead of the cybersecurity threat landscape, he would regularly conduct threat landscape scanning and reverse-engineering of high-profile malware.

Mr Chong earned his degree in Computer Engineering from Nanyang Technological University (Singapore), specialising in the area of Image Processing, Digital Signals Processing and Information Security & Cryptography.

Presentation Synopsis
Red Teaming - A Holistic Approach To Assessing The Effectiveness Of Your Cybersecurity Ecosystem
According to a report released by IBM in 2016, the healthcare sector is ranked among the top five industry sectors that experienced the highest incidences of cyberattacks. In 2017, the world witnessed the biggest ransomware attack, WannaCry, exploiting vulnerable systems globally. But the worst hit was on United Kingdom’s National Health Service, where employees were forced to revert to pen and paper and resort to using their own mobile devices after key systems, including telephones, were affected. This incident brought upon great realisation that cyberattacks affect not only patient data but it can also put human lives at risk. 

The healthcare space continues to digitise all of its information and use more Internet of Things (IoT) healthcare solutions, and these continue to attract more attention from cyberthreat actors. Thus, cybersecurity needs to become part of the organisational culture in both healthcare providers and medtech companies. But as they slowly get implemented into the organisation, how can they be assessed for its effectiveness? 

We will share on the holistic approach of Red Teaming, which helps organisations uncover IT security weaknesses as a whole, rather than in silos. The talk will focus on the Social Engineering and behavior change aspects, which has always been the most challenging for organisations to tackle.