Singapore Upgrades Cybersecurity

Uploaded on 2019-01-22 in GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News

Singapore will intensify the use of technology to automate cyber security tasks such as the roll-out of software patches. Also, more security audits and drills will be carried out to sharpen public officers' readiness to respond to cyber incidents. These new measures to shore up the cyber security of public sector systems were disclosed by S Iswaran, Minister-in-charge of Cyber Security.

This new model of cyber defence will be implemented across 11 critical information infrastructure sectors, including healthcare, energy, telecommunications and transport.

The new approach is a response to the recommendations of a high-level Committee of Inquiry (COI) that investigated the cyber-attack on SingHealth, Singapore's largest cluster of healthcare institutions. Mr Iswaran said its findings and recommendations gave "added impetus" to the ongoing efforts of the Smart Nation and Digital Government Group (SNDGG) to improve the cyber security of government systems.

"In particular, the findings reaffirmed the 'defence-in-depth' approach the public sector had adopted towards cyber security."
He added: "The public sector will also continue to strengthen our defences on all fronts - people, process, technology and partnerships, as informed by the COI recommendations."

The recommendations were unveiled last week in a public report that recounted the events that led to June's cyber-attack that compromised the personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong.

On the technical front, SNDGG will look at improving the architecture of government systems to allow more extensive monitoring and detection of abnormal activities. It will also continue to introduce measures to better detect and respond to intrusions, and monitor critical databases. Acknowledging that the Government cannot fortify its cyber security alone, he said it will enlist the help of the larger cyber security community, including ethical hackers.

The Cyber Security Agency of Singapore will oversee and follow up on how the COI recommendations will be carried out in the 11 sectors.

Said Minister Iswaran, who is also Minister for Communications and Information: "The recommended measures will help us defend ourselves better against malicious cyber activities, including from international attackers. This was not the first instance where we were targeted, and it will not be the last."

Committe members Mr Vikram Nair and Mr Cedric Foo asked about the hackers' identity. Mr Foo, chairman of the Government Parliamentary Committee for Communications and Information, said: "How about the person who actually broke into the house? There seems to be a vacuum as far as the sense of justice goes." Replying, Mr Iswaran said: "I don't think we should deduce whether we have a sense of justice to just one specific point that there is no public attribution of the perpetrator."

Citing moves that the Government made in the spirit of transparency, he said Singapore can hold itself up to the best practices and standards. The moves include announcing the cyber attack on July 20 last year, 10 days after it was made known to the Cyber Security Agency of Singapore, and convening a COI and releasing the recommendations and findings.

"I can understand that members have a desire and on behalf of constituents to know this, but I think we have to exercise judgment - what is in our national interest and whether a public attribution serves our best interests. And as I said, we know who the perpetrator is, appropriate action has been taken."

Straits Times

You Might Also Read:

Singapore: The Place To Launch Cyber Attacks From:

 

« World Economic Forum Cyber Risks Report
AI Will Find You In The Crowd »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

MailGuard

MailGuard

MailGuard delivers a full suite of security solutions across email and web to protect your business before threats reach your environment.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

Appdome

Appdome

Appdome is the industry's first mobile integration as a service company, providing solutions for enterprise mobility and mobile application security.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

Network Intelligence

Network Intelligence

Network Intelligence delivers a comprehensive suite of AI-powered cybersecurity solutions built on the ADVISE framework.

Alias Robotics

Alias Robotics

Alias Robotics is a robot cyber security company. We deliver cyber security solutions for robots and robot components.

Barikat Cyber Security

Barikat Cyber Security

Barikat is a provider of information security solution and services including security analysis and compliance, security testing, managed security services, incident response and training.

Sectyne

Sectyne

Sectyne is a full-stack cyber consultancy committed to providing tailored services, advisory consultations, and training.

Armata Cyber Security

Armata Cyber Security

Armata exists to bring Cyber Security to all people – from home users and SMBs to large enterprises. We believe all users have the right to an affordable yet effective Cyber Security solution.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.

Cyber Security Unity (CSU)

Cyber Security Unity (CSU)

Cyber Security Unity (formerly the UK Cyber Security Association) is a new global community which has been set up to help unite the industry and combat the growing cyber threat.