In the Deloitte Asia-Pacific Defense Outlook 2016, Singapore ranks 5th of the highest vulnerability economies to cyber-attack. This is calculated according examining how extensively each economy relies on internet-based interactions and is a reflection of how digitised the country is.
Then according to the 2015 Global Cybersecurity Index by the International Telecommunication Union (ITU) and ABI Research, Singapore ranks joint 6th in the world in terms of cybersecurity readiness, alongside Israel and other countries. (An updated 2017 index is currently being prepared).
So according to these two reports, (there are many others) Singapore ranks amongst the most prepared and also most vulnerable.
What is Singapore doing to Enhance Cybersecurity?
In short; lots. Too much to list in its entirety if you include all the international partnerships and new cybersecurity centres that have been launched. But to answer this question, we will focus on some of the major initiatives.
In 2015 Singapore launched its dedicated Cyber Security Agency, (CSA) which brought together all existing cybersecurity agencies and initiatives such as the Singapore Computer Emergency Response Team (SingCERT) and the responsibility of cybersecurity master-planning. This mirrors what other countries around the world are doing as well, consolidating disparate cybersecurity organisations under fewer senior decision makers to strengthen decision making.
Also in 2015, a special cybersecurity department named Cybercrime Command was established within the Criminal Investigation Department of the Singapore Police Force. This was followed by the launch of the National Cybercrime Action Plan in 2016, which prioritised the actions needed to fight cybercrime including public education, capability building, strengthening laws and international partnerships.
In October 2016, Prime Minister Lee Hsien Long announced Singapore’s latest cybersecurity strategy, expanding on previous plans by incorporating and emphasising the importance of international cooperation. The four pillars of the strategy are:
- Building a resilient infrastructure;
- Creating a safer cyberspace;
- Developing a vibrant cybersecurity ecosystem;
- Strengthening international partnerships.
Then in March 2017 it was announced that Singapore will launch a new Defence Cyber Organisation (DCO), which will exist to monitor and defend the Singapore Armed Forces’ (SAF) networks from cyber-threats. Notably, this came quickly after the cyberattack against Mindef that happened in February 2017. Usually the creation of new branches of government organisations take a long time to plan and finance but in this instance, Mindef wasted no time in their response.
In April 2017, the Computer Misuse and Cybersecurity Act (CMCA) was updated, so that activities such as dealing in hacking tools or in personal information obtained via a cybercrime is now classified as an offence.
Also on the topic of law, the Personal Data Protection Commission (PDPC) has been acting against organisations in breach of the privacy obligations set out in the Personal Data Protection Act (PDPA). As of December 2016, the PDPC had issued fines to sixteen organisations in breach of the PDPA, actions aimed to encourage other organisations to take their data privacy obligations more seriously.
Sign up for CIO Asia eNewsletters.