Cyber Security Agency (Singapore)

Last updated
Cyber Security Agency of Singapore
Logo of Cyber Security Agency Singapore.jpg
Agency overview
Formed1 April 2015;7 years ago (2015-04-01)
Jurisdiction Government of Singapore
Headquarters5 Maxwell Road, #03-00, Tower Block, MND Complex, Singapore 069110
Minister responsible
Agency executive
  • David Koh,
    Commissioner of Cybersecurity and Chief Executive
Parent agency Prime Minister's Office (nominal)
Ministry of Communications and Information (day-to-day administration)
Website csa.gov.sg

The Cyber Security Agency (CSA) is a government agency under the Prime Minister's Office, but is managed by the Ministry of Communications and Information of the Government of Singapore. It provides centralised oversight of national cyber security functions, and works with sector leads to protect Singapore's Critical Information Infrastructure (CII), such as the energy and banking sectors. [1] [2] Formed on 1 April 2015, the agency also engages with various industries and stakeholders to heighten cyber security awareness as well as to ensure the development of Singapore's cyber security. It is headed by the Commissioner of Cybersecurity, David Koh. [3] [4] [5] [6] [7] [8]

Contents

History and overview

The Cyber Security Agency took over the functions previously carried out by the Singapore Infocomm Technology Security Authority (SITSA), under the Ministry of Home Affairs. SITSA was set up in 2009 as the national specialist authority overseeing operational IT security.

The CSA also took over some roles undertaken by the then-Infocomm Development of Authority (IDA) such as the Singapore Computer Emergency Response Team (SingCERT), which facilitates the detection, resolution and prevention of security-related incidents on the Internet.

The agency builds upon the government's cyber security capabilities, which include strategy and policy development, cyber security operations, industry development and outreach; as well as public communications and engagement.

It has organised events such as the Singapore International Cyber Week (SICW) in 2016, with over 5,000 attendees from close to 50 countries. The SICW also saw the launch of Singapore's Cybersecurity Strategy.

In 2017, the second edition of the SICW was held from 18 to 21 September 2017. It also hosted the 2nd ASEAN Ministerial Conference on Cybersecurity. [9]

Singapore's Cybersecurity Strategy

In October 2016, then-Prime Minister Lee Hsien Loong launched Singapore's Cybersecurity Strategy with the aim to create a resilient and trusted cyber environment for Singapore. Four pillars underpinned the strategy:

Singapore's revised goals were outlined in the Singapore Cybersecurity Strategy 2021. [10] As a result, Singapore's cybersecurity plan, which was originally implemented in 2016, was reviewed and updated.

Cutting off internet access

In 2016, as part of Singapore's Cybersecurity Strategy, it was announced that internet access of civil servants' work station will be cut-off. David Koh, chief executive of the then-newly formed agency, said officials realised there was too much data to secure and "there is no way to secure this because the attack surface is like a building with a zillion windows, doors, fire escapes". [11]

Security experts commented that the move may only raise the defense against cyber attack slightly but risk damaging productivity of civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. [11]

Singapore's Cybersecurity Programmes

Singapore Cyber Security Agency has launched various programmes to support its strategy, including: [12]

Singapore’s Cyber Security Agency launched a new cyber security certification scheme recognizing organisations with good cyber security practices at the end of March, 2022. [19] [20] [21]

See also

Related Research Articles

<span class="mw-page-title-main">National security</span> Security and defence of a nation state

National security, or national defence, is the security and defence of a sovereign state, including its citizens, economy, and institutions, which is regarded as a duty of government. Originally conceived as protection against military attack, national security is widely understood to include also non-military dimensions, including the security from terrorism, minimization of crime, economic security, energy security, environmental security, food security, and cyber-security. Similarly, national security risks include, in addition to the actions of other nation states, action by violent non-state actors, by narcotic cartels, and by multinational corporations, and also the effects of natural disasters.

<span class="mw-page-title-main">Critical infrastructure</span> Infrastructure important to national security

Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy – the infrastructure. Most commonly associated with the term are facilities for:

<span class="mw-page-title-main">Organisation of the Government of Singapore</span>

The Government of Singapore consists of several departments, known as ministries and statutory boards in Singapore. Ministries are led by a member of the Cabinet and deal with state matters that require direct political oversight. The member of the Cabinet heading the ministry is known as the minister, who is supported by a junior minister known as minister of state in Singapore. The administrative management of the ministry is led by a senior civil servant known as permanent secretary.

<span class="mw-page-title-main">Republic Polytechnic</span> Post-secondary academic institution in Singapore

Republic Polytechnic (RP) is a post-secondary education institution and statutory board under the purview of the Ministry of Education in Singapore.

The Infocomm Media Development Authority (IMDA) is a statutory board under the Singapore Ministry of Communications and Information (MCI).

The following lists events that happened during 1999 in the Republic of Singapore.

A cybersecurity regulation comprises directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks, unauthorized access and control system attacks. There are numerous measures available to prevent cyberattacks.

<span class="mw-page-title-main">Federal Office for Information Security</span> German federal agency

The Federal Office for Information Security is the German upper-level federal agency in charge of managing computer and communication security for the German government. Its areas of expertise and responsibility include the security of computer applications, critical infrastructure protection, Internet security, cryptography, counter eavesdropping, certification of security products and the accreditation of security test laboratories. It is located in Bonn and as of 2020 has about 1,100 employees. Its current president, since 1 February 2016, is former business executive Arne Schönbohm, who took over the presidency from Michael Hange.

CommerceNet Singapore is a not-for-profit organisation. It is part of the Palo Alto, California based global CommerceNet consortium of business partners that organises resources from the industry, plans and executes key strategies. CommerceNet Singapore seeks to sustain market initiatives that promote security, innovations and develop human, intellectual, financial and cultural capitals within the self-sustaining enterprise ecosystems.

<span class="mw-page-title-main">Josephine Teo</span> Singaporean politician

Josephine Teo Li Min is a Singaporean politician who has been serving as Minister for Communications and Information and Minister-in-charge of the Cyber Security Agency and Smart Nation Initiative since 2021, and Second Minister for Home Affairs since 2017. A member of the governing People's Action Party (PAP), she has been the Member of Parliament (MP) representing the Kreta Ayer–Kim Seng division of Jalan Besar GRC since 2020. She has also been serving as Chairwoman of the PAP Community Foundation since 2022.

<span class="mw-page-title-main">Ministry of Communications and Information</span> Singaporean government ministry

The Ministry of Communications and Information is a ministry of the Government of Singapore responsible for overseeing the development of the infocomm technology, cyber security, media sectors, as well as the government’s information and public communication policies. It is also responsible for maintaining the national library, national archives and public libraries.

<span class="mw-page-title-main">Media Development Authority</span> Statutory board in Singapore

The Media Development Authority was a statutory board of the Singapore Government, under the Ministry of Communications and Information (MCI).

Intelligent Nation 2015 (iN2015) is a 10-year masterplan by the Government of Singapore to improve Singapore's infocomm infrastructure over the next decade. Led by the Infocomm Development Authority of Singapore (IDA), iN2015 involves several organisations.

Established on June 16, 2007, the SME Infocomm Resource Centre, is a not-for-profit organisation that seeks to help Small and Medium Enterprises (SMEs) in Singapore to advance their use of Info-Communications Technology (ICT).

There is no commonly agreed single definition of “cybercrime”. It refers to illegal internet-mediated activities that often take place in global electronic networks. Cybercrime is "international" or "transnational" – there are ‘no cyber-borders between countries'. International cybercrimes often challenge the effectiveness of domestic and international law, and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced. No matter, in developing or developed countries, governments and industries have gradually realized the colossal threats of cybercrime on economic and political security and public interests. However, complexity in types and forms of cybercrime increases the difficulty to fight back. In this sense, fighting cybercrime calls for international cooperation. Various organizations and governments have already made joint efforts in establishing global standards of legislation and law enforcement both on a regional and on an international scale. China–United States cooperation is one of the most striking progress recently, because they are the top two source countries of cybercrime.

The cyber security community in the United Kingdom is diverse, with many stakeholders groups contributing to support the UK Cyber Security Strategy. The following is a list of some of these stakeholders.

The Smart Nation is an initiative by the Government of Singapore to harness infocomm technologies, networks and big data to create tech-enabled solutions.

<span class="mw-page-title-main">Government Technology Agency</span>

The Government Technology Agency (GovTech) is a statutory board of the Government of Singapore, under the Prime Minister's Office. It was restructured from Infocomm Development Authority of Singapore (IMDA) in 2016, and officially legislated in Parliament on 18 August that year.

The 2018 SingHealth data breach was a data breach incident initiated by unidentified state actors, which happened between 27 June and 4 July 2018. During that period, personal particulars of 1.5 million SingHealth patients and records of outpatient dispensed medicines belonging to 160,000 patients were stolen. Names, National Registration Identity Card (NRIC) numbers, addresses, dates of birth, race, and gender of patients who visited specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018 were maliciously accessed and copied. Information relating to patient diagnosis, test results and doctors' notes were unaffected. Information on Prime Minister Lee Hsien Loong was specifically targeted.

References

  1. "Singapore's Cybersecurity Act to be reviewed, could include non-critical information infrastructure".
  2. "Budget debate: Widely used services, apps soon to comply with govt cyber-security rules".
  3. "Senior leaders have key role in cyber security: Commissioner". The Straits Times. 15 November 2018. Retrieved 8 July 2020.
  4. Lin, Cheryl (23 April 2021). "Cabinet reshuffle: Josephine Teo to head Smart Nation Initiative; new roles for political office holders". CNA. Retrieved 28 May 2021.
  5. "Speech by Minister Josephine Teo at the Ministry Of Communications and Information COS Debate 2022".
  6. "Singapore Encouraging Women to Work in Cybersecurity Industry".
  7. "SG Cyber Talent Development Fund to launch this month: MCI Minister Josephine Teo".
  8. "Singapore government patching systems after alert on 'critical' Log4j software vulnerability".
  9. "Joint Call on Acting Prime Minister Teo Chee Hean by Participants of the 2nd ASEAN Ministerial Conference on Cybersecurity" (PDF). Archived (PDF) from the original on 2022-01-05.
  10. "The Singapore Cybersecurity Strategy 2021". Archived from the original on 2021-10-05.
  11. 1 2 Reuters (24 August 2016). "Singapore to cut off public servants from the internet" via www.theguardian.com.
  12. "Programs".
  13. "Cybersecurity Labelling Scheme (CLS)". Archived from the original on 2020-10-07.
  14. "Parliament: Singapore to start first cyber-security start-up hub". The Straits Times.
  15. "SG Cyber Talent". Archived from the original on 2020-08-10.
  16. "SG Cyber Women". Archived from the original on 2020-09-28.
  17. "SG Cyber Women X ICE71: Start-up Women in Cybersecurity".
  18. "SG Cyber Safe Programme". Archived from the original on 2021-10-20.
  19. "Singapore rolls out cyber security certification scheme".
  20. "Singapore Introduces Cybersecurity Certification Programme".
  21. "Singaporean cybersecurity agency launches certification scheme for businesses".
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.