Singapore Upgrades Cybersecurity

Uploaded on 2019-01-22 in GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News

Singapore will intensify the use of technology to automate cyber security tasks such as the roll-out of software patches. Also, more security audits and drills will be carried out to sharpen public officers' readiness to respond to cyber incidents. These new measures to shore up the cyber security of public sector systems were disclosed by S Iswaran, Minister-in-charge of Cyber Security.

This new model of cyber defence will be implemented across 11 critical information infrastructure sectors, including healthcare, energy, telecommunications and transport.

The new approach is a response to the recommendations of a high-level Committee of Inquiry (COI) that investigated the cyber-attack on SingHealth, Singapore's largest cluster of healthcare institutions. Mr Iswaran said its findings and recommendations gave "added impetus" to the ongoing efforts of the Smart Nation and Digital Government Group (SNDGG) to improve the cyber security of government systems.

"In particular, the findings reaffirmed the 'defence-in-depth' approach the public sector had adopted towards cyber security."
He added: "The public sector will also continue to strengthen our defences on all fronts - people, process, technology and partnerships, as informed by the COI recommendations."

The recommendations were unveiled last week in a public report that recounted the events that led to June's cyber-attack that compromised the personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong.

On the technical front, SNDGG will look at improving the architecture of government systems to allow more extensive monitoring and detection of abnormal activities. It will also continue to introduce measures to better detect and respond to intrusions, and monitor critical databases. Acknowledging that the Government cannot fortify its cyber security alone, he said it will enlist the help of the larger cyber security community, including ethical hackers.

The Cyber Security Agency of Singapore will oversee and follow up on how the COI recommendations will be carried out in the 11 sectors.

Said Minister Iswaran, who is also Minister for Communications and Information: "The recommended measures will help us defend ourselves better against malicious cyber activities, including from international attackers. This was not the first instance where we were targeted, and it will not be the last."

Committe members Mr Vikram Nair and Mr Cedric Foo asked about the hackers' identity. Mr Foo, chairman of the Government Parliamentary Committee for Communications and Information, said: "How about the person who actually broke into the house? There seems to be a vacuum as far as the sense of justice goes." Replying, Mr Iswaran said: "I don't think we should deduce whether we have a sense of justice to just one specific point that there is no public attribution of the perpetrator."

Citing moves that the Government made in the spirit of transparency, he said Singapore can hold itself up to the best practices and standards. The moves include announcing the cyber attack on July 20 last year, 10 days after it was made known to the Cyber Security Agency of Singapore, and convening a COI and releasing the recommendations and findings.

"I can understand that members have a desire and on behalf of constituents to know this, but I think we have to exercise judgment - what is in our national interest and whether a public attribution serves our best interests. And as I said, we know who the perpetrator is, appropriate action has been taken."

Straits Times

You Might Also Read:

Singapore: The Place To Launch Cyber Attacks From:

 

« World Economic Forum Cyber Risks Report
AI Will Find You In The Crowd »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

SecuGen

SecuGen

SecuGen is a leading provider of advanced, optical fingerprint recognition technology, products, tools and platforms for physical and information security.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

Havelsan

Havelsan

HAVELSAN is a leading technology company in Turkey developing indigenous systems for domestic and foreign military, public and private sector clients.

ICS Cyber Security Conference

ICS Cyber Security Conference

SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity.

Propelo

Propelo

Propelo (formerly LevelOps) is an engineering excellence platform that helps increase developer productivity and improve security with data-led insights and workflow automation.

DataFleets

DataFleets

DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance.

Baxter Clewis Consulting

Baxter Clewis Consulting

Baxter Clewis are cyber security and compliance experts. We provide Security Consulting, IT Assurance, and Technical Security services.

ScorpionShield

ScorpionShield

ScorpionShield CyberSecurity is an EC-Council Accredited Training Center, and an On-Demand Service for Cybersecurity professionals.

MyCena

MyCena

MyCena has developed a complete system of security, control and management for decentralised credentials.

Trusted Technologies and Solutions (TTS)

Trusted Technologies and Solutions (TTS)

TTS is a security consulting company specialised on business continuity and crisis management, information security management, information risk management and identity and access management.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

Exacom

Exacom

Exacom is a leading provider of multimedia logging/recording solutions across public safety, government, DoD, energy, utilities, transportation, and security applications.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

ViroSafe

ViroSafe

ViroSafe is a leading value-added distributor of IT security solutions in Norway.