Singapore to take a more proactive stance on cyber threats under updated national strategy

SINGAPORE: Singapore unveiled an updated national cybersecurity strategy on Tuesday (Oct 5) which will see it taking a more proactive stance to defend its infrastructure and boost capabilities as new cyber threats and technological shifts emerge.

Under the Singapore Cybersecurity Strategy 2021, the Cyber Security Agency of Singapore (CSA) will look beyond the country’s 11 critical information infrastructures (CII) and study entities whose disruption could have significant repercussions to the rest of Singapore.

In a media release on Tuesday, CSA said it will identify the most appropriate approach for these non-CII entities to manage and mitigate the risks.

Developed in consultation with industry as well as local and international academics, the strategy builds on the first national cybersecurity strategy which was launched in 2016.

In the previous strategy, CSA focused on strengthening the legislative framework to ensure the cyber resilience of the country’s 11 critical sectors, including healthcare and water.

The updated strategy will now focus on capability development such as technical capabilities to detect and analyse malicious cyber activities to protect the CIIs, said CSA.

Beyond defending Singapore’s infrastructures, the CSA will also focus on raising the overall level of cybersecurity across the nation by making cybersecurity easy and convenient for end-users.

Last year, the CSA released a masterplan to create a safer and more secure cyberspace in Singapore, outlining initiatives for enterprises and individuals.

This includes protecting national Internet infrastructure to protect enterprises and individuals in Singapore from most online threats ever reaching them as well as working with industry to develop innovative cybersecurity solutions for end-users to plug and play.

DEVELOPING SINGAPORE’S CYBERSECURITY ECOSYSTEM

Plans are also afoot to turn cybersecurity research and development into a source of competitive advantage for Singapore, with CSA seeking to position the country as an international recognised hub for security evaluation and testing.

To do this, CSA said it will develop the cybersecurity ecosystem to develop more “Made-in-Singapore” cyber capabilities and solutions.

It will also invest heavily in people to boost capabilities and develop its cybersecurity workforce.

Building on earlier efforts from the first cybersecurity strategy, which identified workforce development as well as the development of a robust and vibrant ecosystem as key focus areas, CSA will move further upstream to reach out to the young to develop their interest and skills early.

As the breadth and depth of knowledge required of cyber professionals will continue to grow, CSA will support the cybersecurity workforce in constantly upskilling themselves.

Meanwhile, Singapore will raise its level of involvement in international cyber discussions, through CSA, to advance global cyber norms and standards.

CSA said Singapore will be leading some of these discussions as the next Chairman of a United Nations' open-ended working group which looks at the security of information and communications technologies and their applications. 

It added that it will also advance the implementation of the norms developed at these discussions, and work towards an open, secure and interoperable cyberspace.

Speaking at the opening ceremony of the Singapore International Cyber Week, Senior Minister and Coordinating Minister for National Security Teo Chee Hean said the updated strategy articulates Singapore’s approach to safeguarding the wider cyberspace in an increasingly complex environment. 

It also attempts to address dilemmas of digitalisation such as increasing geopolitical tensions in cyberspace and ubiquitous digital connectivity that have expanded the attack surface, he said. 

"We cannot stop progress, it is not possible to press the “pause” button, create a cyber-secure environment that is integrated, inter-operable and foolproof, and then press the “play” button again," he said.

That is why there is a need to reach a consensus - on a local, regional and global level - on rules, norms and principles and standards for the digital domain, he said. 

"Countries need to work together to develop new governance principles, frameworks and standards for the digital commons to preserve trust and confidence," said Mr Teo.

He added that with cyberspace transcending physical boundaries and many systems spanning different countries and jurisdictions, countries also need to collaborate closely to align their policy approaches to deal with and police cross-border cyber threats.

Organised by CSA, this year’s Singapore International Cyber Week will see discussions on emerging digital opportunities and threats, evolution of cyberspace and cybersecurity policies, coordinated cyber capacity-building, among other things.

The four-day conference, which ends on Oct 8, aims to continue the momentum of conversations among top policy makers, industry leaders and domain experts from ASEAN and across the world on key areas of cybersecurity.