GovernmentWare 2015: Building a secure smart nation
According to David Koh, the CEO of Singapore’s new Cyber Security Agency (CSA), only by securing its data and networks, can countries like Singapore achieve the full potential that technology offers.
This was shared with hundreds of attendees at the 24th GovernmentWare (GovWare) conference, a niche market event focused on the Asia Pacific region, that is being held in Singapore.
Koh highlighted how key cybersecurity developments today like increasingly sophisticated attacks, attacks on industrialised control systems (SCADA) and more dependence upon e-government services, have played a major role in the Singapore government’s decision to set up CSA in April this year. This agency is under the purview of the Singapore Prime Minister’s office.
Cyber security priorities
This year’s conference is themed ‘Building a Secure Smart Nation.’ The concept of smart nation was introduced by Prime Minister Lee Hsien Loong last year, but it becomes all too clear that leveraging technology to enable better living, more business opportunities and stronger communities, has to come hand-in-hand with better cyber security.
Failure to protect a nation’s critical infrastructures like roads for transportation, towers for telecommunications or hospitals, schools, electricity and more, also has potential to inflict physical damage, injury or death.
Singapore’s Minister of Communications and Information, Dr.Yaacob Ibrahim who officiated the 24th GovWare event, also stated, “We need a national cybersecurity strategy to prioritise our efforts.”
For the Singapore government one of their top three priorities specifically, is to allocate resources smartly to build their cyber defense. Dr. Yaacob cited the examples of South Korea and Israel that each allocate 8% and 10% of their respective government IT budgets for cyber security.
He said, “We also want to adopt a similar approach for our government IT projects, and if current allocation of IT budget for cyber security differs, then the figures will be relooked at.”
Besides this, they see the importance of developing their own cyber security capability and plan to do so in collaboration with various sectors. Another priority also is to grow a vibrant ecosystem that would strengthen Singapore’s capabilities and bring good jobs to the island nation.
Cyber security, the industry
Dr. Yaacob said, “Cyber security is not just about threats to mitigate. It is a high-value industry. And to capitalise on it, the government will work to create certifications, standards as well as to support a broadening pool of cyber security talent.”
For example, CSA and the Infocomm Development Authority of Singapore (IDA) have established the Cyber Security Associates and Technologists Programme (CSAT) to train and upskill ICT professionals with practical skills for cyber security operations.
In efforts to establish a competency baseline for the cyber security industry in Singapore, a memorandum of intent also been signed to bring CREST certification for penetration testing, to Singapore.
CREST International which offers these certifications, is a UK-headquartered non-profit organisation.
On CREST’s homepage, it is stated that “CREST provides organisations wishing to buy penetration testing services with confidence that the work will be carried out by qualified individuals with up to date knowledge, skill and competence of the latest vulnerabilities and techniques used by real attackers.”
By next year, a Singapore chapter of CREST would be set up, a joint initiative by CREST International, CSA, and AISP, a local body for Information Security professionals.
Ultimately, Singapore realises global cooperation is key and Koh had stated, “No nation can hope to launch a cyber defense without close working relationships with ASEAN neighbours, and other like-minded international partners across the globe.”
(This journalist is a guest of Intel Security to GovernmentWare 2015 in Singapore).