With the kind of security breaches and attacks that we are witnessing in this era, it becomes of Prior importance that we prioritize security at the top. Hey everyone. My name is Henry Surya. Juan. And you're listening to the
tekhelet journal. The show will be bringing you the greatest technical leaders practitioners and thought leaders in the industry to discuss about their Journey ideas and practices that we all can learn and apply to build a highly performing technical team and to make an impact in your personal work. So let's dive into our Journal. Hello everyone. Welcome to a new episode of the tekhelet journal with me Ojos, Henry Surya. Where 01 before we start today's episode.
If you would like to get notified for a new episode on your email inbox. You can now have it by subscribing to the tekhelet journal mailing list. You can go to the tekhelet journal dot death website, and submit your email address by being a subscriber. You also won't miss any important news, and updates from me including potential giveaway contest.
In the upcoming week. Also, if you are enjoying and benefiting from these podcasts, so much, consider becoming a patron of the tekhelet journal by visiting the tekhelet journal dot f /, Patron. It is patr 0n. I will sincerely appreciate your support so much and your valuable support will help me to make the production of the upcoming episodes. More sustainable and frequent as a patron you'll also get exclusive access to Patron.
Only contents. Including direct personal access to me. So please, pledge your support at tekhelet Journal dot f / Patron. So, in this episode, I have the pleasure to have a conversation with Neha Malhotra sneha just recently won the top. 20 women in cybersecurity in Singapore for 2020, which is an amazing accomplishment. I saw her LinkedIn post about her winning the award and I decided to personally invite her to join me for this episode to share with us.
Journey for winning the award. And also importantly, to educate us on cyber security, including some of the resources where we can learn more about it. Further Neha is also very active in the community and volunteering, and she is passionate about championing women to thrive in cyber security and Technology. It is very inspiring to hear what she has done. And I hope all of you can get inspired by her as well. So let's jump right into the episode. Come to the piglet, you know,
mija. Thank you so much Henry. I'm pleased to be here ready thrilled. I saw a link in post recently in which that I saw you just recently won the top. 20 women in cybersecurity in Singapore for 2020. Congratulations for that. Thank you so much. It seems like a major award. So can you probably share with the audience here? What is the word all about? What's the background? And then, how did you actually win the word? Sure. I think that's a very pleasant.
And I feel very honored to have made it to the list of top 20, women in cybersecurity in Singapore about the award just to coat the winners of this award represent 2020 role models who have made significant contributions Advance the industry and shape the path for future generations of professionals among other vital contributions.
I think to this second part, what really helped me to get to this level and be recognized is my overall career Journey, how I have paved my Into cyber security by self learning and have made the most of whatever opportunities I got. And also, my involvement with the community.
So I have this drive to better myself and always been on the quest to keep learning together with taking a measured actions and whether it was changing roles or to move up to learn cybersecurity to get to the level. I could be trusted to drive cyber security initiatives and programs with big Banks, like BNP Paribas, Deutsche Bank, and now credit. So he's I think it's very
important to take charge. I've worked on driving implementation of area cyber security, initiatives controls and processes with the form Style. Just mentioned about. I've worked closely with audit governance risk and compliance as well and have worked on several Regulatory remediations and including Mas Regulators that usually we deal with and I've worked on using security Frameworks as well as updating policies and standards. So, over the years in addition to Applications.
Security. I got a great opportunity to work with in identity and access management on privileged access management. And as part of my program manager role. I've worked also with different jobs. I got opportunities to work on driving encryption for data at rest data in transit. Then with blogging and detection using security information and
event management tools. I did some real time analysis on security, alerts generated by applications and network Hardware. So I've worked with in various kind of domains. Including vulnerability management network security and to drive a various implementations of security tools, processes and controls. And then about my various community activities. I really love volunteering. So I've been doing volunteering since several years in various forms, but specific to
cybersecurity. For instance. I have been volunteering with a lot of communities with in Singapore including cyber security agency of Singapore. So last year, they had a camp. Painting called cold safe online. I was a cyber Champion for the same and the purpose was to raise cyber awareness and bring it to the crown to all the people. Because at times, we are living in each individual across all age. Group need to have that basic cyber hygiene knowledge and should know the basics.
For instance, about email and web browser protection, using antivirus importance of two-factor authentication and setting. Right? Kind of passwords recognizing phishing email. Not to fall prey to scams and you know, so on and so forth. So very basic for each individual that uses internet.
Also, I try to get involved with the community like Association of Information, Security Professionals, and I also volunteer with is e Square, Singapore chapter as a communications director on their exco. So that's a governing body for cyber security training and certifications. And I even brought security to Google developers space. Inaugural event that was focused on fostering speak. Our culture amongst women.
So the objective of my two-minute speaker pitch was completely focused on and application Securities since Their audience was mostly from development background. So I thought, why not? And I'm a part of events from women in Security in Singapore. So yeah, I'm trying to do my best learn and share as much as possible in and out of my day job just focusing on good work. Irrespective of any expectations, but it feels great when the efforts get recognized.
Wow, hearing what you staring. So, so many contributions you have done to community and its really well deserve. I would say, so I have a few things from the things that you share. The first one is about the go safe online campaign, right? Where you teach people about cyber security cyber awareness. We all know due to this pandemic. I think the digital adoption somehow gets accelerated and I think it's very important for all of us to be more aware about cybersecurity.
Can you share with us some of the tips or maybe some of the things that That you normally share for people especially those who are not really much aware of cybersecurity. What needs to be focused on or what needs to be implemented for them to be secure in their Digital Book life these days. Yeah. Definitely, that's a great question. So as part of, for instance, the the awareness campaign that we did, it was for everyone. Those people who do not know technology those from various
backgrounds. So those even who are retired, but they have to use online banking. They have an email where they do receive. Emails or they do have a phone where they receive phone calls. Nowadays fishing is not just limited to emails as we know. So just to have that awareness created. So what we did was, you know, have had games for all of those important things so that people can really get involved into and get to know what you're trying to convey.
So for instance we had games where in there were emails for them to recognize which one is a phishing email and what are the kind of various factors that we can look into an email for instance. Students, who is the sender? Is there any urgency that it is? Implying a pain? Is there a link? Is it asking you your bank details? Is this person? Whoever is the cepting. You trying to give you a free
award or reward? So all of these factors we we try to bring in in the form of a game and that was really a good eye-opener for the Masters. I would say similar to that. As you mentioned. We all use phones. So having a good secure application to detect any malware is and not to Click on any links that we do not know about checking each and every email ID where it is coming from. Just the basic things at least to have an anti-virus installed in your home computers, having
right? Kind of password. So people usually have smaller length passwords, but they think that if they make it complicated it is difficult to break. But we have so many easy ways that can be used these days to have the passwords hacked within seconds or milliseconds. Their Brute Force attack or dictionary attack. So there's so many other kind of password attack. So the only factor that helps with the passwords is the
length. The length of the password has to be a 12 or 13 character long, at least and obviously a mix of characters and special characters and so on. So all of these, I think are the basic things that every individual should know about. Not to use the same password for different accounts. Also, never to use public Wi-Fi to log into bank accounts always having Cups of our hard disks or whatever data that is important to us. And then being vigilant on recognizing fake sites.
Are, you know, especially banking sites being aware of and recognizing HTTP, https, the difference between those and not to click the link that comes from unknown sources and hover over the link to see what it is, you know, is it ready what it claims to be? So these are some of the important things for people who are not really aware of cyber security, but they must take care of Yeah, thanks for sharing
hearing what you're saying. It seems like you have dealt a lot with cyber security throughout your career, maybe in your personal. I even. So can you share with me? What makes you interested in? Cyber security? Yeah, sure. I think while I like to manage projects or programs, working with in cyber security, industry is so exciting. And a total Game Changer. We living in the times of digital transformation and more. So in covid times where everyone is now, moving on to Little platform.
And while with every new technology, there comes some benefit. It also has some security challenges and Tech Innovations are going to happen all the time. There will always be an Associated security challenge to be tackled. So there is a no dull moment here and that is what makes me so interested in to cybersecurity. I think my ingrained inquisitive and risk-based approach in life in general, that is completely aligned with the cybersecurity challenges. It's such a diverse field.
And there's something for everyone to contribute to. It's become so important today and it's so evolving. And there's continuous changes and challenges and it's become. One of the things are very, very Prime importance for all the businesses alike. Right? I mean, not just bigger Banks, or bigger organizations, even smes are getting affected so much with data breaches. And so on that, we look at in news every other day.
So a lot of action will happen in the next 10. 20, 30 Years also and I'm very blessed to be a part. Of this industry where we get to solve challenges posed by individuals. And also I think I love to learn about emerging Technologies. Every technology as I mentioned. It brings in some kind of Digital Risk and you name it and you have it. I have a security word attached to it these days, right, you know, Cloud security container security, you talk of plums in security or iot ecosystem
security. So it's kind of field, which keeps us always. So excited with learning every new things every day. And how to implement those, you know, into protecting identifying or detecting or even responding and recovering from the cyber attacks or the vulnerabilities that threatened the confidentiality or Integrity or availability of the business or client data or triggers any misuse. So it's really a prime importance more than ever before.
And I guess I'm totally fascinated by this field altogether. So many different fields. Is there a point like, where did you start initially which area? You start with in the beginning. Oh, yes. So quick flash back on my 15 years of career journey. I was a science student and I was very good in mathematics and I found coding pretty easy and scoring in my school. So I went on to complete my engineering degree in computer
technology. And my first job in India was of a software developer, I transition between various Technologies and jobs in the initial few years and gradually, I took responsibilities more into business analysis and IT project management because that gives us Us, a holistic view of the business. So that's something that I really like doing. Finally. When I found myself within the identity and access management domain of information security that was the time.
I realized, I finally found the purpose and direction to my career within the engineering team earlier. And even before I worked with in security teams for security projects. I was in a way working on applications with focus on security as a developer as well. Like, I was aware of many of the controls from over ASP, top 10. Like Open web application security project and other aspects of secure configurations etcetera.
I was also working like on remediations from time to time like we had some initiative to remove all hard-coded passwords very very long back and I knew the importance of backups replicas and effective change management practices, and I used to work like to provide evidence to internal external audit teams and working on Regulatory Compliance requirements from Mas or so on. And even with Thin my role with the identity and access management role that I had, I
was the so delicate tea. So is like technical information security officer. So for those applications, I was working on risk assessments and regulatory requirements and so on and gradually, as I moved to roles and jobs, I got opportunity to manage various cybersecurity projects and then of course, I accelerated my learning into this field and did some relevant certifications and the learning Remains the way of life specially in this. Industry.
Yes, the last Point here, for those of listeners who are thinking of switching as well. Like, from engineering, you know, software development into other areas specifically security. Is there any tips for them that you can share? How did you do that? I would say that, yes. I understand that. Sometimes when we are within the engineering, we are too focused just into the design architecture or development of
applications, right? And what I would suggest is to get to know the larger business purpose to focus on, what is the value. Value that your applications are
providing to the business. So for me, it so happened that when I moved on to be a role, even when I was within the engineering role, I was quite focused on the security, but actually, if you want to make a transition, you can maybe try to get into a b-roll business, analyst role or a project manager role where in you to interact more with the business, more with the stakeholders and the internal Auditors and you are working on to get broader insights about the breadth and
depth of a Domain. And if you happen to be fortunate to be in an information security domain, I would definitely say You must leverage on it. And if you are not into a cybersecurity domain, then definitely, there are other ways. If you have a learning appetite, no one can stop one to get to where they want to be. There's so much to do with insecurity. There is the myth that the security is all about hacking but it is not believe me.
There is a entire area of security policies governance risk and compliance, which is Where we usually start with developing the Frameworks and so on. And then we have identity and access management, which is also crucial to Cloud security, for instance. And then we have application security people who are developers who are working within applications, should try to find out, are there any vulnerabilities within the applications? They are designing or
developing. So there is threat modeling that they can start with. I, I did a course in threat modeling last year, which was really insightful. There is a huge amount of data security. Prevention of breaches as well. These days that is in huge demand. So if you are, for instance, into analytics, you can also work into security. There's a huge demand of data scientists because we have like huge events and data, you know, millions of events processed by
organizations every day. So the data scientists automation, experts are in huge demand as well. And then, there is like other areas, like the security awareness trainings, which are so important and also a part of driving campaigns. Ernst fishing and so on. So that is again, one area that someone can explore. If you are good into coding and you're very good at problem-solving, you can go into malware protection or analysis
of malware. And then there is a huge domain called cryptography, where we learn. How do we protect our data by encryption? And so on so forth. And in this digital forensics, their cyber security security operations, there's so much for everyone to do in there. There is threat hunting a lot of Central authentication and risk management.
So you have to find what you're good at and then leverage on it, build up from there identify the gaps read or, you know, trained on those get into some online trainings. Participate in networking events. The events that we have for awareness, for cybersecurity. We also have a lot of technical workshops that are free that you can attend with, in Singapore community. So there's no end to learning. There's just an attitude that is required and the drive. Right, right.
There are so many things. We need to learn. Are there any favorite resources? Or maybe top people that you follow from the industry? Where you get the knowledge about the latest cybersecurity trends or maybe even threats. Yes for me to start with my learning. I started to read the nist cybersecurity Frameworks and they have Frameworks for
everything for risk management. And so on Nest is National Institute of Standards and Technology's, there are so many blogs out there that you can subscribe to like information secure. The magazine is, for very basic information updates that if you want to have daily into your mailbox, then you can follow a lot of security enthusiasts on the Twitter. If you are on social media, and there are C is controls, you know, she is, is Center for Internet Security that you can start with.
C is 20 is what they call their controls, to be the basic ones. So it contains like basic foundational, and organizational categories. And they list all of these areas that I mentioned about in General. So there are a good courses on edx udemy. And there is cyber read it and from Sans Institute as well. You know, there are many resources like cyber Aces Dot, o--, r-- g--. And then for news in general, you can subscribe with thread post.
Then there is a hacker news and then their newsletters from various sources, and there are many times free courses available that you can just leverage on. You can even start to reading with some white papers, or some risk management. Headlines, like, we have. For mes Amis is monetary authority of Singapore. So, we have masked ERM like technology risk management guidelines, which is also something that's a really good starting point for any individual.
Who wants to explore more into risk management and cyber security. Once the person has sufficient work experience that's required for some certifications. You can build up, you know, from there to get, for instance, what I benefit from was the learning path to cissp certification. And I learned a lot about the very domains within the security and the exam also inculcate. So kind of discipline more than
anything else. So I think one has to just figure out which area is of interest and then they can build up on that with all the valuable learning resources. Wow, there's so many places that we can all start to learn about this cybersecurity in the beginning. You shared a lot about your community contribution volunteering, right? And also working in the industry. So what makes you so Interested in doing a lot of volunteering and Community contributions. Yeah. I think that's something that
comes from within. I kind of like to get involved with the community and to give back is something that's inherent in me. I mean if it was not for cybersecurity or technology, I used to do other volunteering work with other associations in Singapore. I really like to add value and encourage people. And specially, you know, the younger generation to leverage on their skills and to build up from there.
And I also try to Mentor a few women in specific because as we know that women are usually lack that kind of confidence, even if they possess the skills. So I think getting there and helping out people is something that's kind of really good way even to learn ourselves because even with the kind of campaign that I mentioned about, it gave me so much happiness and it was such a great opportunity for me to connect with individuals on the ground level. As in PV, just through our day
job. And if that is all we Doing. I think it's a real big gap in there. There has to be something out of your day job that you must be. Actively involved in that keeps you active that keeps you Humane, that keeps you very grounded and I think some of these also come from my core values and being spiritually inclined person that I am. So yeah, I think it really gives me a great deal of happiness. I have also always volunteered with an organization CSR programs at present.
Also, I volunteer as a mentor Or for halogen Foundation that our form supports, it is basically to support building young leaders and entrepreneurs. It is very important to help and collaborate with the community and Henry. You also do so much collaboration yourself. I mean, I'm truly amazed by your initiatives. So we definitely get further inspiration when we look at our peers and it's really great that more people follow the path, right? Thanks for sharing all that.
So I want to pick out one thing that you mentioned. Just now about women lacking confidence. The industry, what do you think are some of the probably root causes of this lack of confidence? I think there can be multiple reasons for it. Maybe they do not have the time to devote or they somehow do. Not believe that they can make a difference. Maybe they have all the skill sets. But they think that technology or cyber security is not for
them. So them can be multiple reasons as of now, you know, if I were to give you statistics, just for cybersecurity in 2013. There were only 11. Even percent in cyber security, Workforce globally, that accounted for women, counterparts. And this number though, is reported like 20% in 2019 and 24 percent in 2020. So I think we're still very far from the perfect situation, but we are definitely on the right track in trying to improve the awareness and taking all these
initiatives. So I guess they should not just believe stereotypes. When people say that technology is all about coding or cyber security is all about hacking and Shouldn't lose their confidence. Their they should research. They should take things on their hands and to find out and explore. What it is really all about. What are the domains areas and things that really need contribution to and would also give them a great career opportunity.
Also, on the confidence part. I think they have to be more participative and more involved with the community. When I attend events to be honest. I usually find only two, three, or maybe maximum 10, women, participants around. Its it really something that I I would want to change and even for women who attend these events, they are shy to speak out. So I think that the lack of confidence might be coming from thinking that, oh, we are in such a huge group out there.
And what if we fail, what if we are? Not accepted, you know, and also maybe we all try to be perfect in some way or the other. But I guess no one out there is perfect and we are learning. So if you do not know it all to begin with just leverage on what you are, really That and find your strengths and speak out for yourself. Either. It is to pave a path on your career Journey or to speak in an event that you are passionate about. There would always be a time
where you feel. I'm not well prepared, you know, like what happens when we have an exam. We never feel fully ready. But when we go to the exam and we have done enough preparation for it, I think we will do well and we would pass it. So I think we all face challenges but the key is to keep believing in yourself and Do not look at if at all there's any criticism that comes across as just move Beyond it, move Beyond self-doubt perfectionism.
Also, you know, because we all make mistakes, the point is just to keep improving for instance, you know, just for me as an example. I would say I never spoken in any event, but I have taken a challenge and I would be speaking on a cybersecurity topic next month. So there's a first time for a lot of things out in our career but one thing leads to the next. So take charge, do not hold back is what? My advice would be for all of it out there. Thank you for your message.
There's so many good tips. You mentioned speaking out. Don't be too perfectionist. Don't criticize yourself. I think that's all. I'm very good suggestions. So, is there any Community for cybersecurity or women in cybersecurity in Singapore, or maybe around the world that people can probably participate. Oh, yes. There are so many communities. And with the current covid times, while everything is virtual.
We are not confined. And to even the boundaries of cities or countries, you know, we can participate in global events. I do all the time and it's really admirable that people are coming forward to volunteer to conduct workshops and events. And most of these are free of cost. So, there is something for people at all levels. In cybersecurity to start with, people can join a great meetup group, that's pioneered by an
amazing lady. In the u.s., It's called cybersecurity Career talks, they conduct live streams. So there are multiple videos available on YouTube by this channel. Then there are conferences, like RSA apj. That is Asia Pacific Japan, which was in July this year, and it was free to attend for anyone who registers and then there is blackhead and various
conferences coming up as well. There are many security Summits that happen and you can register free of cost and you have access to a lot of events and keynote sessions. There are focused talks as well, organized by various communities and organizations, for instance, for cloud security. Ciot, security. And with in Singapore itself. We have Association of Security Professionals. A is B division, 0, cyber risk, meetups and those are specific
to cybersecurity. And there are specific groups that focus on bringing forward women in security. So, there is women of security in Singapore and there are subchapters from division 0 is Sokka like she leads deck and there's no end to I think to meet up groups and it's similar to As we have it for various Technologies, like you conduct events for Google developer space And Then There are agile. Devops AI blockchain forums for people who hold a certification like cissp. For instance.
They can be a part of is e Square chapter where we have been conducting. So many knowledge sharing webinars all through and there are women focus groups as well, which are four generic technology. Something like linen girls in Tech and just that one has to figure out his or her area of interest and then actively register or get involved and get into that roller coaster
learning path. In fact, women of security, Singapore is launching cyber women, X Series event just upcoming in September, and that's also supported by cyber security, agency of Singapore, a ISP and other associations. So there are multiple workshops CTF. A number of great talks lined up. So there's always something or the other happening. In fact, LinkedIn is another great source, you know, build a
network. And for people who work in the area that you are interested in and just follow their posts. There are so many announcements for events that you can register for free and you know, take it from there. I have also personal question. I mean like obviously implementing the best security is a trade-off, right? Sometimes it's about convenience as well.
I mean, sometimes even personally myself about changing password or making the password secure or even like, making sure that everything that I use is fully secure your data, your application, your version. Updates patches and things like that. There's so many things right and sometimes you probably kind of lose your convenience. So my question here is, what is the balance between convenience
versus security? Is there any somewhere in the middle or one should probably open more about security rather than anything else? What's your take on that? Yeah, there has to be balance. You're right, but I think with the kind of security breaches and attacks that we are witnessing in this era, it becomes of Prior importance that we prioritize. The top though, it is. I understand not very convenient when organizations have to
patch. For instance, thousands of their infrastructure assets overnight or within a tree or five days, but we have all seen examples. It started I think big on awareness with the Wanna Cry, ransomware attack somewhere in 2017, right? Which had more than 300 thousand computers, infected and the vulnerability that was exploited was Windows Server, message block protocol and while Microsoft had already released East patches.
There were not yet. Applied, the point I'm trying to make is that consequences of not following security? Best practices or security hygiene are way higher than some inconvenience that we have to go through. The, even installing an antivirus solution is something that people question, right? That the machine would get slower or maybe some or the other thing. How do we keep paying $30? Maybe you're near for it? But just imagine how valuable, or how much value your Entails.
And then compare it to the kind of small price that you're paying for it. So, I think, once that kind of mindset shift happens, it doesn't really seem like a point of inconvenience anymore. Right? So, moving to the next big topic. Obviously, these days, we are exposed to social media and your data and privacy, right? What's your take on using social media and about the security risks of using that?
Oh, yes. Everyone is so intrigued by the The media these days and the information we are sharing out, there is a lot more than we should ideally be doing. So right, people do share their, they are what they're doing and everything else there has to be again. Kind of awareness that we do not go make it public. I think it's good to share and some things with our friends and family. So that's the reason the privacy settings exist in the first place.
So making use of those and really, really being aware of what our social media. Actions can lead to. I think it's a very important topic to pay attention to.
I think I remember one of the incidents where person posted something publicly on Facebook about his children studying wherever and you know, there was some kidnapping incident that took place due to the coordinates of the child that were released via the social media unintentionally just, you know, for the sake of fun or for the sake of just sharing the information around so things can lead to really disastrous ending side. Guess if at all, you are not aware of what social media handles.
We are using. And how do we use our privacy settings in the better way, then what I believe in while we do have different passwords. Hopefully everyone follows this basic practice. So we also should have separate email IDs for sharing and putting out there because we register too many webinars. We are required to provide an email, ID, on many occasions. Like we booked flights hotels. So to keep those IDs separate from the one We use for our banking or important transactions.
That is important as well because we all are aware of so many data breaches that happen and we do not know who's using those email IDs and how and we all have examples of Marriott data breach, which had impacted millions of users and Yahoo data breach, that had affected like 3 billion users. So it's always a good practice as well to follow, I would say, and how about fake news, which is another big Topic in the recent years because how Much influence.
It could make a seeing in so many different places in the world, right? Where people generate fake news for us as a normal people. How should we go about fake news? How do we identify them? And how do we avoid them? Yeah, fake news is a big deal these days and we must be practicing some awareness and common sense to detect the sources that this news is coming to us from, for instance, it just to believe any WhatsApp forward. Or any post on Facebook is not
an idea. Way to deal or, you know, go ahead in this world even for covid-19. I think there were so many fake news coming across, right, from how different countries are dealing with and what are the best Solutions are even up till this medicines that people should consume or things like that. So, false information is dangerous because of its ability to affect public opinion and that can lead to dire
consequences. Sometimes, you know, fake stories are Amplified and news are disseminated quickly through false. Counts as well. These are like sometimes automated Bots and more spots are benign in nature and some major sites like Facebook. They ban Bots and seek to remove them. But there are social boards that are malicious entities, you know, design specifically with a purpose to harm and these Bots.
Mislead exploit and manipulate social, media discourse with rumors malware, misinformation, or just even noise. And in some countries, if started regulating false news app for Facebook since Dean, it has been actively shutting down accounts that are responsible for spreading hoaxes, in some countries, especially those holding general elections.
So Facebook's measures include removing fake accounts and reducing the reach of articles that have been debunked by independent third party fact, Checkers. And there are initiatives with a lot of organizations. Otherwise as well. WhatsApp has recently in August 2020, has rolled out a new fact. Check feature to step up the fight against this. Us information and fake news. So this feature allows users to check the contents of viral messages as they call these messages to be.
So, how can we figure this out? While we see a forward sign, like mostly on all the four words that we send and receive? Now, the fact check feature appears as a magnifying glass icon. Just next to the message forwarded. The criteria is that message has already been forwarded to five or more people. So if you click on this magnifying glass, it would prompt like would you like to search for this on? A verb and then this would upload the message to Google for
instances. If it's a covid-19 related news, it would reflect the mythbuster section from who and so on also in Singapore the government agencies debunked about like 40 instances of speculation. Rumors spam and outright falsehoods about covid-19 in specific overall social media Platforms in just about first five months of 2020, so you can also go directly to factcheck.org. To verify information, of course, always check the sauce and examine, the evidence has before you believe anything.
Thank you for sharing that because I myself sometimes also, you know, trying to verify. Oh, is this news true or not? Especially if it's shared on the messaging applications, like, WhatsApp telegram, just like what you mentioned, right? Sometimes this also takes effort, like, to Kino. This is news that I'm reading, find it on the right sources and
I mean, it takes time sometimes. And people sometimes tend to like forward, the I said straight away without actually thinking and that probably could create even more fake news in the next phase. Right? Absolutely. So I mean, we can talk all day long about security. But I guess before we wrap up here, I would like to ask a question which I normally ask for every guest that I have in this podcast.
So can you share with us? What are your three technical leadership wisdom for the audience to learn? From sure. Let me think, I think a technical leader Foster's technical. Ocean and understands the technology lifecycle. Well, so just start with the first wisdom. I would like to share would be whenever we have any Innovation that one tends to share with the community. It should make some business sense, implementing a technology just because it gets someone excited wouldn't work.
I think leader initiates and steers the commercialization of the technological advances. Right? So if one is Building Services and technologies that are incredibly useful that It impact that is a clear sign of being in the right direction. So I think every technical implementation has to make business sense. Even in cybersecurity, for instance, is to keep businesses secure and uninterrupted. So there is a purpose to it and there's a business sense to it. The second great.
An important skill I would say, is having the right communication skills, because the tech leader is someone who links the business and technology strategies. And the tech leader is a bridge between the business teams and equal teams working on the ground. So how do you translate that strategy from your business into how it should really work? Or look, in terms of technology, is something that has to be very, very clearly specified and well, communicated. So that is an important crucial
part of being a tech leader. And I think Beyond this, there are subtle apps aspects of communication that are Way Beyond just the basics, the way our leader communicates with the team and especially in challenging times. How stable Calm. The leader can be, you know, that actually goes in for a communication with their own self. So how much positivity one has and how one takes feedback and how much greater persistence one has to continue to have that positive communication with
oneself. And with others in times of challenges being timely and effective in communication with the teams with being transparent and confident about your decisions. So that their shareholders or the stakeholders, do have that confidence as well. A high level. And also I think giving due credit recognition and respect to the team. All is a part of communication. And then, thirdly, I guess a leader has to keep questioning the architecture. Goals. There are Paramount.
It's like laying down foundation for building, scalable apps in future. So this doesn't mean that they don't trust the technical team or so, it reflects that involvement and their experience and expertise that they bring to the picture especially when they have that strategic vision, and they Just have to get inquisitive about how the architecture is being laid down because they are the ones who understand the technology called revolutions.
They are supposed to be the ones who know the scale and the performance and so on. So for the criterias, that surround the technology further down the line, so I think these three are the core according to me, right? Great wisdoms in it, for all the technical leaders out there. Thank you for your time and ha, it's been a great pleasure talking. Thing about security, I myself am not like a super security aware kind of person.
Definitely. There are many things that I learned today from you and also a big message to all the people out there. Right? There are so many security things that you need to be aware of. There's so many communities that you can get started with so many trainings as well. If you want to know more about security or self and specifically for women, I think just like what Neha mentioned.
There are so many Avenues where you can participate in the industry and in this cyber security as well, so Lastly Neha, is there? A place where people can find you online? Oh, yes. I'm very much on LinkedIn. So, please feel free to connect with me. I'm happy to Mentor as well, share anything that you need from my end in terms of information. Yeah, I'd be pleased to connecting. All right, that's very kind of you. Thanks for your time, Neha.
Thank you so much for having me Henry, and it was a great pleasure speaking with you. Thank you. Thank you for listening to my conversation with Neha. I hope you all learned a lot about cyber security and why it is very important to be aware of it. Especially at this time when digital adoption has been accelerating rapidly. For those of you, women listeners, especially intact. I hope you also get inspired by neha's message and be more active and participative in the
tech industry and communities. There are a number of women communities that Neha mentioned, which you can also find in the show notes by visiting the tackle. You know, that death website. Lastly. I want to remind you again to subscribe, your email address on the tekhelet journal website, and if you like this podcast so much and would like to pledge your support for it, consider becoming a patron at package, you know, the deaf / Patron. I will deeply appreciate your support.
In order to make the production of this podcast, more sustainable. Thanks again, and I'll see you in the next episode.