Principles and Engineering of Secure Solution | SGInnovate


BASH, Level 3,
79 Ayer Rajah Crescent, via Lift Lobby 3
Singapore 139955


Promotional Ticket (Ticket Inclusive of G.S.T) - $1,364.25
Normal Ticket (Ticket Inclusive of G.S.T) - $1605

Principles and Engineering of Secure Solution

Presented by SGInnovate & Tegasus International

Together with Tegasus International, SGInnovate is proud to present a series of Cybersecurity workshops designed to prepare you and your organisation for impending security threats and vulnerabilities.

These workshops will enable you to have a stronger understanding of cybersecurity threats, proper cyber-hygiene and the technologies that can be implemented to negate or minimise impact of cyber-attacks.

Through this 3-day workshop, you will have a better understanding of the Cybersecurity digital ecosystem. You will learn to identify critical security risks and problems posed by new technologies and business practices, and learn how to design secure systems and controls based on IT architectural guidelines and requirements. 

There will be an emphasis on real-world use cases and hands-on application for fundamental Cybersecurity concepts, attack vectors and good practices. 

You will also learn to incorporate controls into security system components to spot security breaches or lapses in system designs.

By the end of the workshop, you will be able to apply your knowledge to improve your organisation’s Cybersecurity posture and implement best practices to safeguard your organisation’s interest. 

This workshop is eligible for funding support. For more details, please refer to the "Pricing" tab above.

In this workshop, participants will learn about: 

  • The Cybersecurity ecosystem
  • Identity and access management
  • Security engineering and design
  • Solution security and principles 


  • An interest in Cybersecurity
  • At least two years of Cybersecurity-related work experience

Pre-Workshop Instructions:

  • Bringing your own laptop is a must

Day 1 (25 November 2019)

An overview of the Cybersecurity ecosystem

  • Our digital ecosystem
  • Motivational factors for attacking
  • Attacker goals, skillset and profiles
  • Statistics of cyber-attacks in 2018
  • Risk analysis (quantitative and qualitative)
  • Practice session (risk analysis exercise)
  • Pros and cons of Cybersecurity solutions
  • Concepts of confidentiality, integrity and availability

Identity and access management

  • Fundamentals of Cybersecurity
  • Introduction to identity and access management
  • Explain authentication (type 1, 2, 3 and 4)
  • Practice session (type 1 vulnerability exposure exercise)
  • Cyber threats facing authentication
  • Explain authorisation
  • Issues about authorisation
  • Methods for managing authorisation
  • Access control models (DAC, MAC, RAC and RuAC)
  • Access control administration

Security engineering and design (Part 1)

  • Principles of secure design
  • Security models (state machine, Bell-LaPadula, Biba and commercial models)
  • Security evaluation criteria
  • Introduction to Cryptography
  • Cryptography in history

Day 2 (26 November 2019)

Security engineering and design (Part 2)

  • Symmetric key cryptography
  • Asymmetric key cryptography
  • Hybrid cryptography
  • Practice session (encryption and decryption exercise)
  • Cryptography with integrity
  • Cryptography – data at rest & data in motion

Solution security and principles

  • Revision of Day 1
  • Understanding the solution design ecosystem
  • Secure the weakest link
  • Practice defence in depth
  • Fail securely
  • Follow the principle of least privilege
  • Compartmentalise
  • Keep it simple
  • Promote privacy
  • Remember that hiding secrets are hard
  • Be reluctant to trust
  • Use your community resources

Day 3 (27 November 2019)

  • Revision of Day 2
  • Discussion of real-world use cases 
  • Presentation by participants (Assessment)

Funding Support

This workshop is eligible for CITREP+ funding.

CITREP+ is a programme under the TechSkills Accelerator (TeSA) – an initiative of SkillsFuture, driven by Infocomm Media Development Authority (IMDA).

*Please see the section below on ‘Guide for CITREP+ funding eligibility and self-application process’

Funding Amount: 

  • CITREP+ covers up to 90% of your nett payable course fee depending on eligibility for professionals

Please note: funding is capped at $3,000 per course application

  • CITREP+ covers up to 100% funding of your nett payable course fee for eligible students / Full-Time National Service (NSF)

Please note: funding is capped at $2,500 per course application

Funding Eligibility: 

  • Singaporean / PR
  • Meets course admission criteria
  • Sponsoring organisation must be registered or incorporated in Singapore (only for individuals sponsored by organisations)

Please note: 

  • Employees of local government agencies and Institutes of Higher Learning (IHLs) will qualify for CITREP+ under the self-sponsored category
  • Sponsoring SMEs organisation who wish to apply for up to 90% funding support for course must meet SME status as defined here

Claim Conditions: 

  • Meet the minimum attendance (75%)
  • Complete and pass all assessments and / or projects

Guide for CITREP+ funding eligibility and self-application process:

For more information on CITREP+ eligibility criteria and application procedure, please click here

In partnership with:Driven by:


For enquiries, please send an email to

Ivan Lee, Co-founder, Tegasus International

Ivan works with various global strategic partners such as the NATO Cooperative Cyber Defence Centre of Excellence, US Department of Homeland Security ICS-CERT Idaho National Laboratory and local government agencies on critical initiatives and training programmes. 

He started his career with Accenture, a global top IT consulting MNC company and has assumed various tech management roles in the telecommunication, cGMP and Operational Technology sectors regionally.

He has attended various professional training courses and acquired certifications as listed below:

  • Certified Information Systems Security Professional (CISSP)
  • US Department of Homeland Security ICS-CERT Industrial Control Systems (ICS) Cybersecurity (301)
  • Advanced Penetration Testing, Exploit Writing, Ethical Hacking (SANS)
  • Advanced Course on Darknet and Cryptocurrencies
  • Hands-on Hardware Hacking and Reverse Engineering (Blackhat 2015)
  • Cybersecurity: Technology, Application and Policy (MIT Digital Program)
  • FORENSICS: Reverse-Engineering Malware (SANS)
  • Managing Successful Programmes (MSP) Practitioner, 2014
  • Introduction to Business Process Re-engineering Workshop
  • Live Hacking & Information Security Masterclass
  • Self-Discovery Leadership
  • EC-Council Certified Security Analyst (ECSA), 2013
  • Certified Ethical Hacker (CEH), 2013
  • Project Management Professional (PMP)

Topics: Cybersecurity

You may also like the following: