Summary: Country’s third masterplan for the next five years focuses on enhancing the resiliency of critical infrastructure, and growing pool of homegrown cybersecurity professionals.
By Ellyne Phneah
SINGAPORE–The country has launched its third Cybersecurity Masterplan focusing on critical infrastructure protection and growing homegrown cybersecurity talent.
According to Yaacob Ibrahim, Singapore’s minister for communications and information at the Information Security Seminar 2013 here Wednesday, the latest five-year plan which will see the government’s increased collaboration with sectors such as utilities and telcos to keep them secure and resilient.
This includes a critical infocomm infrastructure (CII) protection assessment program, aimed at assessing the security of the IT systems connected to the operations of critical infrastructure in Singapore, and a National Cyber Security Exercise program consisting of exercises conducted within critical sectors, to assess operators’ capability and readiness.
The plan will also focus on growing Singapore’s pool of IT security talent, Ibrahim noted, adding there were only 1,500 IT security specialists in Singapore in 2011, making up 1 percent of the global IT industry manpower in the country.
The country’s ICT regulator Infocomm Development Authority (IDA) will hence, work with Singapore’s Institute of Higher Learning to incorporate IT security courses and degree programs into the curriculum, he noted.
“Over the next five years, the National Cyber Security Masterplan will guide our efforts to raise the capability and level of prepardness in the public, private and people sector to better respond to and manage these cyberthreats,” Lim Chuan Poh, chairman of the National Infocomm Security Committee (NISC), said in a statement.
The current plan succeeds the Infocomm Security Masterplan 2, launched in 2008, which saw the establishment of cybersecurity organizations for raising awareness, cybersecurity scholarships and a focus on international collaboration. The first masterplan was launched in 2005, initiating the country’s coordinated approach to secure Singapore’s infocomm environment.
Cyberthreats proliferation call for faster upgrade of internal systems
Jill Khesek, head of global security at BT Global Services, who was also speaking at the event, hacking motivations had evolved from financial gains, to hacktivism to warfare so government and critical infrastructure were highly at risk in this age.
Moving forward, it is also likely hackers are going engage in economic espionage, IP theft, publicizing of sensitive information and data manipulation with governments, Khesek pointed out.
Yet, many public and private sector firms only focus on upgrading their systems every two to three years, Tony Cole, vice president and global government CTO of FireEye, added.
This is not the right way forward though, Cole pointed out, citing internal FireEye figures which found threats increasing five times over the last three years, and that organizations spotted malware-related threats within their systems every three minutes on average.
“Attacks on companies published in the media are merely the tip of the iceberg but thousands more, such as advanced persistent threats and zero-day attacks lie below the surface,” he said, adding both public and private sector firms need to construct more timely and accurate security models and develop real-time analysis.