The Singapore government will introduce a Cybersecurity Act which will require critical information infrastructure (CII) owners and operators to assume responsibility for securing their systems and networks. This includes compliance with policies and standards, conducting audits and risk assessments, and incident reporting.
This was announced by Yaacob Ibrahim, the country’s Minister for Communications & Information, during the FT Cyber Security Summit.
Under the Act, CII owners and operators will be required to participate in cybersecurity exercises to ensure readiness in managing cyber incidents, according to Minister Yaacob.
The Act will also facilitate sharing of cybersecurity information. It will complement the existing Computer Misuse and Cybersecurity Act, which will continue to govern cybercrime investigation.
As Singapore works to become a Smart Nation, it must also become a safe cyber nation, according to Minister Yaacob.
“We will work with multiple stakeholders, including businesses, international partners to create a safer cyberspace. Combating cybercrime is a crucial part of achieving this. The National Cybercrime Action Plan launched by the Ministry of Home Affairs will do so by public outreach, partnership with industry and academia, as well as strengthening legislation,” noted the Minister.
As the Singapore government is investing heavily in developing cyber security measures, Minister Yaacob emphasized that, “businesses need to take action to address their own specific cybersecurity needs. Government cannot do it alone. Business also have a role to play.”
The Minister noted that cybersecurity should not be seen as a cost, but as an investment to manage risk. “Weak cyber defences suffering from underinvestment could be breached more easily, leading to disruption of business activities and significant losses,” he said.
The Summit brought together government, CEOs, Chief Information Officers, Chief Risk Officers and other high profile executives, to discuss cyber security, which is increasingly seen as one of the greatest risks now facing companies worldwide.
While companies around the world are bolstering their defences against cyber-attacks, research has found that companies in Asia-Pacific remain wholly unprepared for these risks, despite data breaches costing companies in the region US$81 billion last year alone. Experts have suggested this could be due to an absence of legislation in place in the region and a lack of transparency that exacerbates the problem.
Living in an increasingly inter-connected world, for both business and individuals, it is imperative that companies in the region move swiftly to increase their defences against cyber-attacks. When discussing solutions and thoughts on the subject, delegates at the conference were confident more could be done to protect their businesses, as well as consumers.
During the summit, Jeevan Vasagar from the Financial Times, who chaired the Summit said: “Bringing together the public and private sector is the first step to erecting stronger cyber defences for the Asia-Pacific region. Speakers from across the board discussed their company’s initiatives in the cyber security space, as well as what the future looks like for the industry. All were in agreement that more needs to be done and a multi-industry approach is needed for government and companies to have strong cyber defences.”