Prime Minister Lee Hsien Loong today launched Singapore’s Cybersecurity Strategy at the opening of the inaugural Singapore International Cyber Week (SICW). The Strategy outlines how Singapore will continue to strengthen the resilience of the country’s cybersecurity.
2016 marks the 25th anniversary of GovernmentWare, which was started in 1991 to raise awareness of IT security threats amongst public officers with just 50 participants. SICW builds on Government Ware which has grown over the years and today there are more than 3,000 participants from over 30 countries. The event also reflects the importance of cybersecurity issues not only to Singapore, but regionally and internationally too.
PM Lee mentioned that while ICT brings about opportunities, it also makes Singapore vulnerable – globally, cyber threats and attacks are becoming more frequent and sophisticated, with more severe consequences. For instance this year, thieves siphoned US$81 million from the Bangladesh Bank, the central bank, in a sophisticated cyberheist.
Back home, Singapore’s government networks are regularly probed and attacked while the financial sector has also suffered DDOS attacks and leaks of data. Individuals have been targetted with fake websites masquerading as SPF, MOM, ICA, CPF pages, hosted in other countries, phishing for personal information or scamming people into sending money.
In an increasingly dangerous cyberspace climate, Singapore set up the Cyber Security Agency of Singapore (CSA) in 2015 to coordinate the country’s national efforts in cybersecurity. CSA has developed Singapore’s national cybersecurity strategy after a consultation process with over 50 stakeholders over the past year and the strategy will have four key components:
Building a Resilient Infrastructure
A key focus of the Strategy is to ensure that Singapore’s essential services are provided. The Government will work with key stakeholders, including private sector operators and the cybersecurity community, to strengthen the resilience of Critical Information Infrastructure (CII) that supports these essential services.
The Government will establish robust and systematic cyber risk management processes, as well as response and recovery plans, acrossa all critical sectors. To do so, it is necessary to grow a culture of cyber-risk awareness across CIIs. One initiative that caught public attention recently is the Internet Surfing Separation in the public service: the government is separating internet surfing from other work systems such as email.
Government officers can still surf the internet, e.g. to access news websites or Wikipedia, but they have to use a different device that is connected to the internal network. Minsiters, senior civil servants and half of the government public agencies have already started separating their networks and the rest of the agencies are on track to implement it by mid 2017.
The increased adoption of Security-by-Design practices to address cybersecurity issues across the supply chain will remain an important focus. A new Cybersecurity Act will also be introduced in 2017, to provide comprehensive legal framework for national cybersecurity.
Creating a Safer Cyberspace
Cyber technology can enable and empower business and society, but only if it is safe and trustworthy. To realise its benefits, businesses and individuals must stay safe in cyberspace. The Strategy outlines effort by various agencies to combat cybercrime and to enhance Singapore’s standing as a trusted data hub.
These initatives include the National Cybercrime Action Plan, launched by the Ministry of Home Affairs in July 2016. However, the government cannot tackle cybersecurity challenges alone. To promote collective responsibility for cybersecurity, communities and business associations should play their part by fostering their members’ understanding of cybersecurity issues and promoting the adoption of good practices.
In light of this, the government has implemented two-factor authentication (2FA) for SingPass to better protect users – more than two million SingPass users have already signed up. A handful have not yet done so and PM Lee strongly encouraged all users to sign up so they can be better protected when they access e-services.
Developing a Vibrant Cybersecurity Ecosystem
A vibrant cybersecurity ecosystem will provide a sustainable sources of expertise and capabilities for resilient infrastructure and a safer cyberspace. It will also bring Singapore to the forefront of cybersecurity innovation and create economic opportunities for Singaporeans.
The government will collaborate with industry partners and Institutes of Higher Learning to grow the cybersecurity workforce. Scholarship programmes and industry-oriented curriculums will be introduced, while up-skilling and re-skilling opportunities for mid-career professionals will be provided through initiatives such as the Cyber Security Associates and Technologists (CSAT) Programme. Singtel and ST Electronics are the pioneering training partners of CSAT and two home grown companies – Quann and Accel Systems & Technologies have just come on board.
The government will also partner the private sector and academia to develop technologically-advanced companies, nurture local start-ups, and harness R & D.
Strengthening International Partnerships
Cyber threats are borderless and Singapore is committed to strong international collaboration for the nation’s collective global security. Singapore will actively cooperate with the international community, particularly ASEAN, to address transnational cybersecurity and cybercrime issues.
Singapore will also champion initiatives for cyber security building, as well as facilitate global exchanges on cyber norms, policy and legislation. The SICW and ASEAN Ministerial Conference on Cybersecurity are examples of platforms to promote such exchanges.
