Singapore launches new cybersecurity strategy
By Zafar Anjum October 13, 2016
- Four-pronged strategy seeks to build resilient, trusted cyber environment
- Aims to cooperate with international community, especially Asean
SINGAPORE’S Prime Minister Lee Hsien Loong launched the country’s cybersecurity strategy on Monday Oct 10, with a commitment to strengthen the resilience of the country’s cybersecurity.
Lee talked at length about the nation’s cybersecurity strategy while inaugurating the Singapore International Cyber Week (SICW) in Singapore. An event of global scale, SICW is being attended by 3,000 participants from over 30 countries.
The Prime Minister said that Singapore has long embraced infocomm technologies (ICT) for its economic and social development and it has helped the country progress from third world to first. ICT has made Singapore a knowledge-based economy, has boosted workers’ productivity and improved the lives of its citizens. However, ICT has also made the country vulnerable, through continuous phishing attacks, intrusions and malware, he said.
“From time to time, government systems have been compromised, and websites have been defaced,” he said. “We also suffered concerted DDoS (Distributed Denial of Service) attacks that sought to bring our systems down. Our financial sector has suffered DDoS attacks, and leaks of data.”
Keeping all these cybersecurity challenges in mind, Cyber Security Agency of Singapore (CSA) was founded last year, Lee said.
He praised the work of CSA so far, which has developed the country’s cybersecurity strategy, after a consultation process with 50 stakeholders over the past year.
Building a resilient infrastructure
According to Loong, Singapore’s cybersecurity strategy has four components: building a resilient infrastructure, creating a safer cyberspace, developing a vibrant cybersecurity ecosystem, and strengthening international partnerships.
“We are investing more of our ICT budget to strengthen government systems and networks, especially those that handle sensitive data, and protect them from cyber attacks.”
As part of the building a resilient infrastructure pillar, the government will establish robust and systematic cyber risk management processes, as well as response and recovery plans, across all critical sectors. This includes security-by-design practices across the supply chain, and introduction of a new Cybersecurity Act, to be introduced in 2017.
Creating a safer cyberspace requires businesses and individuals to be aware and vigilant. To implement this, Lee said the CSA will have powers to direct private sector operators, such as financial payments systems. It will also issue regular advisories to them or provide technical guidance to businesses on how to secure their networks. To make this policy work, he said that individuals too should stay safe online and practice good cyber hygiene.
Teo Siong Seng, Chairman of the Singapore Business Federation, declared the introduction of the Cybersecurity Strategy as timely. “As Singapore transforms into a Smart Nation in a digital economy, businesses need to be better prepared and safeguard their critical operations and assets against cyber attacks. The Singapore Business Federation will continue working with trade associations and chambers to introduce capability-building and business continuity management programmes to help our companies stay resilient.”
Meanwhile Lee highlights that Singapore is developing a vibrant cybersecurity ecosystem by growing its capacities and building skilled expertise through Singapore’s universities and polytechnics. “Cybersecurity is a growth industry and in developing our capabilities, we will also create good jobs and opportunities for Singaporeans.”
To boost interest in cybersecurity, the government will offer scholarship programmes and industry-oriented curriculums while upskilling and re-skilling opportunities (such as the Cyber Security Associates and Technologists Programme) for mid-career professionals will be available. Companies such as SingTel, ST Electronics, Quann and Accel Systems and Technologies are already taking part in some of these programmes.
Closer cooperation with Asean countries
The fourth pillar of the cybersecurity strategy requires the government to strengthen international partnerships, because, as Lee put it, “attacks can come from anywhere in the word,” and “cyber attackers do not respect jurisdiction”.
To achieve this goal, Singapore will actively cooperate with the international community, especially Asean, to address transnational cybersecurity and cybercrime issues.
“With closer Asean integration, we are much more integrated than before,” he said. “Cybersecurity cooperation will help us protect our supranational information infrastructures such as internet submarine cables and SWIFT global interbank payments network.”
Addressing the representatives of the Asean member states, he urged that Asean members should work more closely to promote consensus on cyber norms, strengthen operational linkages and build cyber capacity.
“The new strategy highlights the significance in forging strong partnerships with regional Asean countries and the private sector in Singapore, which rings true as there are no jurisdictions in the cyber space,” said Dhanya Thakkar, Managing Director, Asia Pacific, TrendMicro, reacting to Lee’s speech. “We believe cybersecurity and knowledge-based innovation go hand-in-hand, instead of at loggerheads. With cybersecurity in mind, and strong partnerships to protect our cyber space, we believe Singapore is in a sweet spot to innovate in the following years.”