Singapore Upgrades Cybersecurity

Uploaded on 2019-01-22 in GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News

Singapore will intensify the use of technology to automate cyber security tasks such as the roll-out of software patches. Also, more security audits and drills will be carried out to sharpen public officers' readiness to respond to cyber incidents. These new measures to shore up the cyber security of public sector systems were disclosed by S Iswaran, Minister-in-charge of Cyber Security.

This new model of cyber defence will be implemented across 11 critical information infrastructure sectors, including healthcare, energy, telecommunications and transport.

The new approach is a response to the recommendations of a high-level Committee of Inquiry (COI) that investigated the cyber-attack on SingHealth, Singapore's largest cluster of healthcare institutions. Mr Iswaran said its findings and recommendations gave "added impetus" to the ongoing efforts of the Smart Nation and Digital Government Group (SNDGG) to improve the cyber security of government systems.

"In particular, the findings reaffirmed the 'defence-in-depth' approach the public sector had adopted towards cyber security."
He added: "The public sector will also continue to strengthen our defences on all fronts - people, process, technology and partnerships, as informed by the COI recommendations."

The recommendations were unveiled last week in a public report that recounted the events that led to June's cyber-attack that compromised the personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong.

On the technical front, SNDGG will look at improving the architecture of government systems to allow more extensive monitoring and detection of abnormal activities. It will also continue to introduce measures to better detect and respond to intrusions, and monitor critical databases. Acknowledging that the Government cannot fortify its cyber security alone, he said it will enlist the help of the larger cyber security community, including ethical hackers.

The Cyber Security Agency of Singapore will oversee and follow up on how the COI recommendations will be carried out in the 11 sectors.

Said Minister Iswaran, who is also Minister for Communications and Information: "The recommended measures will help us defend ourselves better against malicious cyber activities, including from international attackers. This was not the first instance where we were targeted, and it will not be the last."

Committe members Mr Vikram Nair and Mr Cedric Foo asked about the hackers' identity. Mr Foo, chairman of the Government Parliamentary Committee for Communications and Information, said: "How about the person who actually broke into the house? There seems to be a vacuum as far as the sense of justice goes." Replying, Mr Iswaran said: "I don't think we should deduce whether we have a sense of justice to just one specific point that there is no public attribution of the perpetrator."

Citing moves that the Government made in the spirit of transparency, he said Singapore can hold itself up to the best practices and standards. The moves include announcing the cyber attack on July 20 last year, 10 days after it was made known to the Cyber Security Agency of Singapore, and convening a COI and releasing the recommendations and findings.

"I can understand that members have a desire and on behalf of constituents to know this, but I think we have to exercise judgment - what is in our national interest and whether a public attribution serves our best interests. And as I said, we know who the perpetrator is, appropriate action has been taken."

Straits Times

You Might Also Read:

Singapore: The Place To Launch Cyber Attacks From:

 

« World Economic Forum Cyber Risks Report
AI Will Find You In The Crowd »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Veeam

Veeam

Veeam is the leader in intelligent data management for the Hyper-Available Enterprise.

Digital DNA

Digital DNA

Digital DNA provides Law-Enforcement-Grade Computer Forensics, Cyber Security and E-Discovery Investigations.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

mPrest

mPrest

mPrest is a global provider of mission-critical monitoring and control solutions for the defense, security, utility and Industrial Internet of Things (IoT) sectors.

Ingenio Global

Ingenio Global

Ingenio is a specialist recruitment business for SaaS companies. Our purpose is to source exceptional talent in areas including cyber security for leading SaaS companies in the UK and Ireland.

iHLS Startups Accelerator

iHLS Startups Accelerator

iHLS Accelerator is the first startup accelerator in the world in the security and homeland security field.

QuoLab

QuoLab

QuoLab empowers security professionals to analyze, investigate and respond to threats within an integrated ecosystem.

SnapAttack

SnapAttack

SnapAttack is a collaborative platform that empowers your security team to stay ahead of threats, create robust behavioral analytics for your existing tools, and prove your program's effectiveness.

Maxxsure

Maxxsure

Maxxsure provides a platform for executive management, leveraging proprietary technology that identifies, measures, and scores a company’s cyber risks.

Mutare

Mutare

For three decades, Mutare has been empowering organizations to re-imagine a better way to connect through our transformative voice security, digital voice and text messaging solutions.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

Fulcrum IT Partners

Fulcrum IT Partners

Fulcrum IT Partners is the parent company of an expanding portfolio of established IT solution companies around the world with proven expertise in cyber security, cloud, and managed services.

Gogolook

Gogolook

Gogolook is a leading TrustTech company. With "Build for Trust" as its core value, it aims to create an AI- and data-driven global anti-fraud network as well as Risk Management as a Service.

Lintu Solutions

Lintu Solutions

Lintu Solutions is a trusted provider of comprehensive cybersecurity and enterprise risk management solutions.

Apex

Apex

We aspire to make the AI revolution run faster, securely, for the benefit of all. We are purposely built for the new AI era and are creating capabilities to safely enable AI.