Knowledge organisation and information security
The 2018 Singhealth data breach and the subsequent Committee of Inquiry (COI) highlighted not only the need for technical measures and protocols to protect sensitive information, but also the importance of a pervasive culture of awareness, accountability and ownership for information security. "One must not lose sight of the fact that the treatment of cyber-security issues and incidents by staff and middle management is very much shaped by organisational culture," wrote the COI, chaired by retired judge Richard Magnus.
Our subsequent experience with enforcement actions under the Personal Data Protection Act has borne this out, and the rapid onset of working from home during the COVID-19 pandemic using virtual meeting tools has exposed the lack of awareness on how to secure workplace collaboration at a distance.
How does this culture relate to the discipline of knowledge organisation, and knowledge governance? In this session, Patrick Lambe and Norainni Rahman will describe the risks of functional specialisation where perceived responsibility for information security is narrowed to technical specialists (such that general staff feel "it's not my job"), the third party risks from outsourcing information management and information security to vendors, the importance of knowledge and information governance and user education for a sound information security regime, and the contribution of knowledge organisation for proportionate and reliable information security measures and controls. Angelo Roxas, current Chair for Cybersecurity at the American Chamber of Commerce, will share some case studies of cyberattacks that reveal lessons learnt and steps that can be taken to prevent future attacks.
Our subsequent experience with enforcement actions under the Personal Data Protection Act has borne this out, and the rapid onset of working from home during the COVID-19 pandemic using virtual meeting tools has exposed the lack of awareness on how to secure workplace collaboration at a distance.
How does this culture relate to the discipline of knowledge organisation, and knowledge governance? In this session, Patrick Lambe and Norainni Rahman will describe the risks of functional specialisation where perceived responsibility for information security is narrowed to technical specialists (such that general staff feel "it's not my job"), the third party risks from outsourcing information management and information security to vendors, the importance of knowledge and information governance and user education for a sound information security regime, and the contribution of knowledge organisation for proportionate and reliable information security measures and controls. Angelo Roxas, current Chair for Cybersecurity at the American Chamber of Commerce, will share some case studies of cyberattacks that reveal lessons learnt and steps that can be taken to prevent future attacks.
Patrick Lambe
A globally recognised knowledge management practitioner, and founding partner of Straits Knowledge, Patrick was originally trained in Information and Library Science. He arrived in KM via a second career in training and development, and has been based in Singapore for three decades. Patrick is the author of Organising Knowledge: Taxonomies, Knowledge and Organisation Effectiveness (Oxford: Chandos 2007), and co-author with Nick Milton of The Knowledge Manager's Handbook 2nd ed. (London: Kogan Page 2019), which won CILIP UK's Knowledge and Information Management Award 2019 (Information Resources Print Category). Patrick is Visiting Professor in the KIM PhD programme at Bangkok University, former President of the International Society for Knowledge Organization Singapore Chapter and a member of the editorial advisory board of the Journal of Knowledge Management, Knowledge Management For Development Journal, and Journal of Entrepreneurship, Management and Innovation. His 2011 paper on the history of knowledge management "The Unacknowledged Parentage of Knowledge Management" won a Highly Commended Award in the Emerald Literati Network Awards for Excellence 2012. Norainni Rahman
Norainni A. Rahman is Managing Partner at DePO Services LLP and a widely-recognised consultant and trainer specialising in training, awareness and advisory services on the Personal Data Protection Act of Singapore. She has a deep background in Knowledge Management, Information Management and Content Management, with close to 30 years' of international experience in developing strategic & persuasive legal, tax and regulatory content across the South East Asian geographies, a significant part of that time with Lexis Nexis Asia Pacific. She gained her Master's in KM from NTU in 2010 with studies in knowledge sharing among lawyers, and knowledge reuse. She is also a specialist in content and courseware development. Angelo Roxas
Angelo Roxas is the current Chair for Cybersecurity at the American Chamber of Commerce in Singapore. He is a co-founder and advisor to a number of start-up companies and social enterprises and is the former President of the Penn and Wharton Alumni Club of Singapore. With 20+ years of professional experience in investment banking and management consulting, Angelo has worked directly with C-Suite executives focusing on the intersection between information technology, business strategy and business transformation. Angelo was the Managing Director of Booz Allen Hamilton in ASEAN, based in Singapore. His focus was to define and implement cyber security strategy, data analytics and management consulting in the region. |
Date/Time
Type of Event Who should attend Fee |
Weds 20 May, 3.30-5.30pm - this was a virtual session using Zoom conferencing.
Case Discussion | Networking | Panel | Site Visit | Talk & Discussion | Workshop * * * Knowledge and information managers, IT professionals, IT security and information security professionals, managers responsible for personal data protection, information security and information governance. This event was free of charge. |
event materials
Norainni Rahman's slides can be downloaded here.
Angelo Roxas' slides can be downloaded here.
The video highlights of Norainni's talk, together with Angelo's talk, can be viewed below.
Angelo Roxas' slides can be downloaded here.
The video highlights of Norainni's talk, together with Angelo's talk, can be viewed below.
ISKO Singapore is registered in Singapore. Society registration number T15SS0160B
By continuing to use the ISKO Singapore website you are agreeing that ISKO Singapore may collect, use and disclose your personal data obtained by ISKO Singapore as a result of your use of the ISKO Singapore website. Please consult our data protection policy, including how you may access and correct your personal data or withdraw consent to the collection, use or disclosure of your personal data.
By continuing to use the ISKO Singapore website you are agreeing that ISKO Singapore may collect, use and disclose your personal data obtained by ISKO Singapore as a result of your use of the ISKO Singapore website. Please consult our data protection policy, including how you may access and correct your personal data or withdraw consent to the collection, use or disclosure of your personal data.