Tin Pei Ling on Cybersecurity (Amendment) Bill
A new proposed law will require owners of Singapore’s Critical Information Infrastructure (CII) to report more types of cybersecurity incidents, including those that happen in their supply chains. In Parliament on Tuesday (May 7), MP Tin Pei Ling asked what measures will be taken to ensure that this is not overly onerous, especially if requirements are extended further down the supply chain later on, and whether the Cyber Security Agency (CSA) will be able to cope with the expected increase in incident reports. She pointed out that mandating reports to enhance detection of issues is critical, but the ability to act on the risks in a timely manner is just as critical - otherwise, introducing the new requirement will defeat its purpose. The Bill also empowers CSA to designate and regulate a computer or system located overseas as a CII if the owner is in Singapore. Ms Tin agreed that this is important, but asked how CSA will enforce it. She also had concerns about the burden of compliance, which will come at a significant cost for both Government and non-Government entities. Ms Tin said that overall, the proposals in the Bill will better secure Singapore’s critical systems and ensure that CSA has better situational awareness, as well as give all stakeholders a chance to be vigilant and take proactive steps to keep the country cyber-secure.
A new proposed law will require owners of Singapore’s Critical Information Infrastructure (CII) to report more types of cybersecurity incidents, including those that happen in their supply chains. In Parliament on Tuesday (May 7), MP Tin Pei Ling asked what measures will be taken to ensure that this is not overly onerous, especially if requirements are extended further down the supply chain later on, and whether the Cyber Security Agency (CSA) will be able to cope with the expected increase in incident reports. She pointed out that mandating reports to enhance detection of issues is critical, but the ability to act on the risks in a timely manner is just as critical - otherwise, introducing the new requirement will defeat its purpose. The Bill also empowers CSA to designate and regulate a computer or system located overseas as a CII if the owner is in Singapore. Ms Tin agreed that this is important, but asked how CSA will enforce it. She also had concerns about the burden of compliance, which will come at a significant cost for both Government and non-Government entities. Ms Tin said that overall, the proposals in the Bill will better secure Singapore’s critical systems and ensure that CSA has better situational awareness, as well as give all stakeholders a chance to be vigilant and take proactive steps to keep the country cyber-secure.
Popular Shows
