NTU Singapore bags ‘Cybersecurity Education award‘ accolade at SBR Technology Excellence Awards 2022

The University continues to harness the power of digital technology with their next-gen cyber aware ecosystem.

Nanyang Technological University, Singapore (NTU Singapore) has been recognised under Cybersecurity Education category in SBR Technology Excellence Awards 2022. Now in its fourth year, the prestigious awards program lauds companies who ride the digital disruption wave with technological innovations that have successfully transformed industries and business models, from merely adapting to the changing needs to going beyond expectations. 

An effective cybersecurity strategy lies at the backbone of NTU’s Smart Campus vision – to protect the University’s information assets and strengthen cyber resilience as it continually leverages digital technologies to support better working, learning and living experiences. 

"We are humbled to be recognised for our commitment to continuously improve the cyber resilience of the University and its community – a key part of NTU’s 2025 vision in leveraging technology as an enabler to power a safe and secure Smart Campus”, said Mr Alvin Ong, Chief Information Officer at NTU Singapore.

In the face of increasing sophisticated cyber threats, NTU pioneered a holistic cybersecurity awareness ecosystem that drives synergistic innovation across people, processes, and technology. 

With an aim to cultivate a strong security culture that builds on collective responsibility, NTU’s Cyber Aware Ecosystem is a central element of their strategy to empower over 40,000 students and staff with the knowledge and capabilities to keep NTU cybersafe.

Putting people at the heart of driving positive change, a University-wide cybersecurity awareness training program comprising in-house developed, bite-sized training videos was reinvented to educate staff on simple examples of how good and bad behaviours of individuals can put NTU at risk. These engaging courses are delivered seamlessly through their cloud-based learning platform and extended to students as part of core courses mandatory for undergraduates since September 2021. 

In addition, the “Security and Me” vodcast on NTU Yammer encourages users to learn cybersecurity best practices/tips from the industry, with more than 2,000 views since the introductory series started in 2021. 

On top of regular simulated phishing exercises, NTU streamlined the phish reporting process with an innovative implementation of a “Report Phish” plugin button on each user’s email toolbar. This enables users to rapidly report suspicious emails to the University-wide Security Operations Centre (USOC) with the simple click of a button. 

To effectively manage an average of over 1,000 unique suspicious emails received by the USOC monthly, NTU implemented an intelligent Phishing Testing and Reporting platform that harnessed machine learning to automatically classify and tag emails with the appropriate status, and then quarantine the malicious ones. 

This enhances NTU’s ability to swiftly protect their users and combat the significant increase in email phishing attacks. In addition, the Phishing Testing and Reporting platform enabled NTU to save an average of 80 man-hours monthly in analysing reported phishing emails manually. 

NTU’s collective efforts have greatly increased employees’ productivity to focus on higher-value work. NTU’s in-house developed cybersecurity awareness training program has also proven to be effective and received an average user satisfaction rating of 4 out of 5 stars. There is also an improved cybersecurity awareness of their staff as shown in the passing rate of simulated phishing exercises. 

Over time, NTU has built a strong security culture that promotes safe email usage and leverages their staff to become "phishing intrusion detection systems”.

Beyond its commitment to keeping the University cybersafe, NTU has also partnered with various organisations to raise cybersecurity awareness for the wider community. NTU has also made available to the public its award-winning Cybersecurity Awareness eBook that was produced as part of  “Invisible Attacks,” a travelling exhibition series on cybersecurity.

Watch the interview below to know more about their winning project: