Hidden Heroes: How Cyber Defenders Protect Public Healthcare

Share this article

As part of our Cyber Security Week 2025 activities this October, we’re proud to spotlight the hardworking professionals protecting our digital world in public healthcare over the course of the month. Usually working unseen in the background, these individuals use their experience, and continuously learn and adapt to keep important healthcare systems and data safe from growing cyber threats. Through their stories, we celebrate their commitment and invite you to join us in recognising their vital role as hidden heroes in Singapore’s public healthcare.

What Does a Day in Cybersecurity Look Like? - Meet Jashini, Assistant Lead Engineer

Operating like a digital detective, Jashini (Assistant Lead Engineer, Cyber Security Office) spends her days sifting through security alerts to separate genuine threats from false alarms. Her work involves the meticulous process of investigating each alert from start to finish, ensuring nothing slips through the cracks.

Why You Never Hear About Cybersecurity Wins

Drawing from recent local events, Jashini offers an analogy to explain why successful cybersecurity work often goes unnoticed. She likens it to how we turn on the tap and simply expect water to flow, and many of us will never question what happens behind the pipes to make this happen. Cybersecurity operates similarly as a silent guardian, with success usually measured by the absence of incidents rather than visible achievements.

The Reality Behind False Alarms and Real Threats

The needle-in-a-haystack nature of threat detection defines much of Jashini's daily challenge. Most security alerts are false positives triggered by normal business activities, making the skill of identifying genuine threats among the noise critical.

The Three Pillars of Cybersecurity Excellence

Three foundational qualities define success in the field, according to Jashini. First is maintaining curiosity and a learning mindset that drives continuous growth. Second is developing strong teamwork abilities – "no man is an island" in cybersecurity. Finally, cultivating adaptability helps professionals think creatively when facing evolving threats.

From Zero Knowledge to Cyber Passion: How One Competition Sparked a Career

A Capture-The-Flag competition during her internship sparked Jashini's passion for the field. Despite initially lacking knowledge, the creative problem-solving aspect hooked her. She appreciates how the field's constant evolution provides endless learning opportunities without monotony.

Why Cybersecurity is Everyone's Game

Using two memorable analogies, Jashini explains cybersecurity's collaborative nature. She compares it to football, where even the best goalkeeper needs the entire team's “protection”, and to a band, which can only be as good as its weakest performer. Everyone must "play in tune" to keep public healthcare secure.

What Does a Day in Cybersecurity Look Like? - Meet Chee Hwan, Deputy Director for SingHealth Cybersecurity Office

As Deputy Director for SingHealth's Office of Cyber & Information Security, Chee Hwan ensures the security and resilience of healthcare IT systems, medical technology and devices, and operational tech systems. His typical day revolves around engaging with Synapxe colleagues to raise cybersecurity awareness, provide policy clarifications, conduct systems architecture and security reviews, and address any operational security issues that arise.

Keeping Healthcare Teams One Step Ahead of Threats

One of Chee Hwan's primary roles involves keeping SingHealth and Synapxe colleagues informed about the latest cybersecurity threat intelligence to raise their level of vigilance. He works closely with Synapxe security teams to ensure corresponding protective measures are implemented when necessary, creating a proactive defence network across the healthcare system.

Staying Ahead Through Strategic Connections

Chee Hwan maintains his edge through constant engagement and information sharing with security companies, subscriptions to news on the latest tech developments, as well as staying current with cybersecurity incidents and threat reports from around the globe.

Beyond Downloads: The Overlooked Cyber Hygiene Habits

Chee Hwan advocates for three often-forgotten security practices that make a significant difference. First, always download software and applications from legitimate or trusted sources. Second, periodically clear your browser history cache and remove old copies or remnants of installers that could become security vulnerabilities. Finally, consistently keep anti-malware and anti-virus signatures up to date to defend against the latest threats.

Common Misconceptions About Cybersecurity Work

Chee Hwan challenges the myth of the lone cyber warrior. Contrary to popular images of isolated security experts, his work is a team sport, thriving on collaboration across the entire organisation, implementing solutions, raising awareness, and educating staff at all levels. The real strength isn't individual expertise but in building a security-conscious culture where everyone contributes to protection.

What Fuels Two Decades of Passion

After over 20 years in the field, Chee Hwan draws his energy from the people behind the technology. What drives him is the opportunity to meet professionals from various industries and understand their unique challenges, constraints, and attitudes towards cybersecurity. These conversations provide valuable insights into how cybersecurity can evolve to better protect and solve real-world problems.

What Does a Day in Cybersecurity Look Like? - Meet Sean, Cluster Information Security Officer for NHG Health

Like a digital weatherman predicting cyber storms, Sean (Cluster Information Security Officer, NHG Health) starts his day before 8am, scanning the global threat landscapes for dark clouds on the horizon. He juggles many responsibilities, from reviewing security for new systems to supporting major facility openings. He explains his workdays to his young children using their language: "I would say to them that my days can be 'skibidi' in certain situations, but we must constantly 'slay' to be one up against cyber threats."

The Crisis You May Not See During a Simple Password Reset

Sean reveals the invisible work that happens during security incidents. When users receive what seems like a routine password reset request, they're unaware that there could be a crisis response unfolding behind the scenes, said Sean. In such situations, his team could be conducting immediate threat investigations and implementing protective measures, ensuring accounts stay secure while users experience minimal disruption to their daily work.

Think like a Hacker to Beat the Hackers

Taking a strategic approach by thinking like the enemy, Sean recognises that cyber-attackers, whether motivated by money, ideology, or state objectives, always target the weakest links for maximum impact with minimal effort. This understanding drives his emphasis on staying current, for example, with AI-powered attack methods.

The Power of the Pause: Simple Rules That Save You

The best defence isn't found in fancy software but in how we think, according to Sean. His first rule is simple: pause before you act. Whether it's clicking a link, downloading a file, or sharing information, that moment of restraint can save you from falling into a trap. He also champions developing what he calls a "cyber resilience mindset", staying curious and continuously learning about new threats, even if you're not technically minded. Most importantly, he reminds us that nobody is immune to cyber-attacks, no matter how smart or careful they think they are.

Going Far Together: Leadership in the Digital Age

The leadership dimension of cybersecurity work combines strategic business understanding with technical knowledge and communication skills, according to Sean. He quotes an African proverb to illustrate the collaborative nature of effective security: "If you want to go fast, go alone. If you want to go far, go together."

Building Trust in a Connected World

In our digital age, Sean positions cybersecurity as the trust-builder that enables organisations to operate effectively while maintaining public confidence in an increasingly connected world.

What Does a Day in Cybersecurity Look Like? - Meet Kah Chuan, Deputy Director for NUHS Group Information Security Office

As Deputy Director for the National University Health System (NUHS) Group Information Security Office, Kah Chuan oversees cybersecurity strategies with a focus on building related maturity and cultural programmes across the healthcare cluster. His days blend strategic oversight with hands-on engagement, moving seamlessly between technical security reports, risk assessments, team meetings, policy development, and stakeholder discussions throughout the healthcare system.

Transforming Security from Barrier to Business Enabler

Kah Chuan positions his team as the second line of defence that extends far beyond mere compliance checking. "We serve as strategic advisors, helping to balance innovation with security," he explains. When healthcare teams want to implement new digital solutions, his team works proactively to enable these initiatives while ensuring appropriate security controls are in place. Their risk management framework helps transform cybersecurity from a barrier into an enabler, allowing NUHS to safely adopt innovative healthcare technologies that benefit patients and healthcare professionals alike.

Staying Ahead of Cyber Threats

Kah Chuan keeps ahead of evolving cyber risks through multiple intelligence sources, from internal threat feeds and government cybersecurity agencies to professional networks and ongoing training programmes.

Cybersecurity Tips from Experts

An effective strategy comes from Kah Chuan: treating your email accounts like different keys for different doors. Instead of using one email for everything, create separate accounts for personal chats with family and friends, financial matters like banking, and online shopping sprees. When a phishing email lands in your shopping account claiming to be from your bank, the red flags become obvious immediately.

The Three Pillars of Cybersecurity Leadership

Kah Chuan identifies three essential skillsets for effective cybersecurity leadership. Technical mastery forms the foundation, requiring in-depth knowledge of IT systems and security protocols. Communication and relationship-building skills prove equally crucial, helping transform complex security requirements into actionable, organisation-wide practices. Finally, a methodical approach to risk assessment and security governance ensures comprehensive protection across all digital touchpoints.

What Keeps the Passion Alive: A 26-Year Journey

With 26 years in cybersecurity under his belt, Kah Chuan has witnessed the field's remarkable transformation from basic computer security and simple anti-virus solutions to today's sophisticated threat landscape. The dynamic nature of IT and cybersecurity, where there's always something new to learn and critical challenges to solve, continues to fuel his interest and commitment to protecting healthcare systems that serve thousands of patients daily.