singapore's national cyber security strategy

Singapore’s National Cyber Security Strategy: Domestic, Regional and Global Impacts

Benjamin Ang

Senior Fellow / Head, Cyber Programme

Centre of Excellence for National Security

SINGAPORE'S NATIONAL CYBER SECURITY STRATEGY

4 Pillars of the Strategy

Our journey so far

2005

Infocomm Security

Masterplan

National Cybersecurity Master Plan

National Cybersecurity R&D Programme

2014 3rd Reading

Cybersecurity AgencyCybercrime Command

Signing

National Cybercrime Action Plan

National Cybersecurity Strategy

National Cybersecurity Centre

2013 2015 2016

PILLAR 1

11 Sectors of

Critical Information Infrastructure

11 Sectors of

Critical Information Infrastructure

SERVICES UTILITIES TRANSPORT

Government servicesEmergency servicesHealthcareMediaBanking and financial services

PowerWater Telecoms

Transport AirportSeaport

Protect Our Essential Services

• 2012 Cybersecurity Readiness Maturity Assessment

• CII Protection Programme for government agencies and CII operators– information exchange among CII operators

– measurements of governance maturity and cybersecurity hygiene

– culture of cyber-risks literacy

• Promote security by design

Respond Decisively to Cyber Threats

• Integrate Threat Discovery, Analysis and Incident Response

• Run Comprehensive Cybersecurity Exercises

• Expand the National Cyber Incident Response Team (NCIRT)

• Recover, Restore, Remediate

Secure Government Networks

• Reducing Attack Surface

• Enhancing Situational Awareness through Technology

• Preparing for Cyber Breaches

Strengthen Legislation

Sharing of

cybersecurity

information with

and by CSA

Management of

and response to

cyber threats

Protection of

Critical

Information

Infrastructure

The Cybersecurity Act

Drafting

We are here

It will be introduced in Parliament as a Bill

in late 2017

Review 3rd Reading

This will contain input and amendments

from the consultation

Signing

After PCMR passes it, the President will

sign it, and it will be Gazetted

Select CommitteePublic Consultation

1st + 2nd Reading

3rd Reading Enactment

PILLAR 2

Combat Cybercrime

National Cybercrime Action Plan

Educate the public

Equip the police

Review the laws

Partner industry

and overseas

Enhance Singapore’s Standing as a

Trusted Hub

• Embrace personal data protection as corporate culture

• Professionalise Data Protection Officers

• Work with foreign Data Protection Authorities

Promote Collective Responsibility

• Public education

• Make cybersecurity a business priority

• Tap on government expertise

PILLAR 3

Establish a Professional Cybersecurity

Workforce

• Encourage professionals to remain and further their development in the industry

• Attract new graduates and convert other professionals

Extend Singapore’s Cybersecurity

Advantage

Extend Singapore’s Cybersecurity

Advantage

Attract advanced

companies

Support start-ups

Support local champions

Develop global market opportunities

Innovate to Accelerate

National Cybersecurity R&D Programme

S$190

million

PILLAR 4

Forge International and ASEAN

Cooperation to Counter Cyber Threats

and Cybercrime• ASEAN Regional Forum

• ASEAN Network Security Action Council (ANSAC)

• ASEAN CERT Incident Drill (ACID)

• INTERPOL IGCI

Champion International and ASEAN

Cyber Capacity Building Initiatives

• S$10 million fund for

ASEAN Cyber Capacity

programme.

Host Int & Regional Exchanges on

Cyber Norms and Legislation

Singapore International Cyber Week

ASEAN Ministerial

Conference Cyber

security

International Cyber

Leaders’ Symposium

ASEAN Cybercrime Prosecutors’ Roundtable

Meeting

4 Pillars of the Strategy