The newest Internet technologies in the field of space research

CSA Inks Partnerships with Local and Foreign Industry Players

The Cyber Security Agency of Singapore (CSA) has forged new partnerships to boost cyber security capabilities as part of its ongoing efforts to strengthen Singapore’s cyber security posture and stay ahead of a rapidly evolving cyber security landscape.  Dr Yaacob Ibrahim, Minister for Communications & Information and Minister in Charge of Cyber Security, announced a series of new initiatives at the opening ceremony of GovernmentWare 2015.

 

2        CSA signed Memoranda of Understanding (MOU) with Singtel, Check Point Software Technologies and FireEye to signal the parties’ commitment to work together on key areas of interest.

3          CSA will be working with Singtel to build up local capabilities and deliver advanced cyber security services. The partnership will also see CSA and Singtel collaborate on developing manpower through training and certification to meet increasing demand and on research and development to develop new cyber security solutions.

4          CSA’s collaboration with cyber security vendor, Check Point, taps on Check Point’s expertise in developing industry leading security solutions. Under the MOU, the parties will focus on bringing advanced solutions to Singapore while growing local capabilities to provide these solutions. The parties will also collaborate on workforce development initiatives and in-depth technical training.

5          CSA will work with cyber security company, FireEye, to strengthen information sharing on cyber trends and cybercrimes, threats and indicators of compromise as well as jointly devise measures to enhance incident response.

6          CSA also signed a Memorandum of Intent (MOI) with CREST International and the Association of Information Security Professionals (AISP) to introduce CREST certification for penetration testers in Singapore. The certifications will serve as a competency baseline for practicing professionals and service providers. Under this MOI, the partners will join hands to set up a CREST Singapore Chapter next year.

7          CSA and the Infocomm Development Authority of Singapore (IDA) have established the Cyber Security Associates and Technologists Programme (CSAT) to train and up-skill ICT professionals to acquire practical skills for specialised job roles for Cyber Security Operations. The programme is aimed at helping fresh and mid-career ICT individuals attain the necessary practical skills to better equip them for cyber security roles and positions. CSA and IDA will collaborate with industry partners for the training and up-skilling of ICT professionals.

8          Mr David Koh, Chief Executive, CSA, said, “We are excited to be taking these strides forward with our partners to enhance Singapore’s cyber security capabilities as well as raise the quality of the industry and workforce. These partnerships pave the way for us to work closely together on innovative solutions to strengthen our cyber security core. We look forward to establishing more of such consequential partnerships to achieve the vision of a secure smart nation for Singapore.”

Related Resources

 

About the Cyber Security Agency of Singapore 

The Cyber Security Agency of Singapore (CSA) provides dedicated and centralised oversight of national cyber security functions, and works with sector leads to protect Singapore’s critical services. It also engages with various industries, and stakeholders to heighten cyber security awareness as well as to ensure the holistic development of Singapore’s cyber security landscape. The Agency reports to the Prime Minister’s Office and is managed by the Ministry of Communications and Information. Information on CSA is available at www.csa.gov.sg.

Partner’s Quotes

SingTel

“We will leverage our assets and expertise to help key stakeholders and enterprises understand and build cyber security capabilities. This includes the global capabilities of Trustwave, a leading managed security service provider, which we acquired. A resilient cyber security ecosystem will help reinforce Singapore’s position as a key business hub for innovation while building the foundation of a safe and smart nation,” said Mr Bill Chang, Chief Executive Officer, Singtel Group Enterprise.

Check Point

“Check Point Software Technologies is very privileged to be partnering with CSA through this groundbreaking Memorandum of Understanding, to advance the network and Internet security sector in Singapore,” says Stephen McWhirter, vice president for Asia, Middle East and Africa, Check Point Software Technologies. “Singapore is at the forefront of Internet and network security, and I am confident Check Point will bring a strong track record of field-proven best-of-class technologies and expertise to assist CSA in making Singapore the safest network ecosystem for entrepreneurship, growth, and consumer usage. It is great to see this happening in Singapore where our regional headquarters is also located.”

FireEye 

“At FireEye we see threat groups routinely targeting organizations in Singapore, and we help organizations here bring together the people, technology and threat intelligence necessary to fend off these threats. This MOU with CSA illustrates our commitment to helping Singapore advance from a regional leader to a global leader in this rapidly-changing field,” said Eric Hoh, President for Asia Pacific Japan at FireEye.

CREST International

“CREST is delighted to work with the CSA and AISP to develop penetration testing standards in Singapore. Through the provision of CREST accredited companies and CREST-certified professionals, we will be able to deliver increased levels of confidence to the buying community, the regulators and the Government. CREST is working hard to professionalise the cyber security testing sector internationally and through development of a local chapter in Singapore, it will be possible to achieve consistently high standards across the region,” said Mr Rowland Johnson, Director of CREST International.

Association of Information Security Professionals (AISP)

“AISP is excited to embark this journey together with CREST and CSA to uplift excellence and professionalism within the Cyber Security industry. AISP welcomes the opportunity to work collaboratively in supporting the development of CREST certification in Singapore and aims to promote CREST through our Industry programme,” said Mr Wally Lee, President of AISP.

Association of Banks in Singapore (on CREST)

“CREST will provide financial institutions and outsourced service providers a better assurance on the quality of penetration testing services and in turn enhance the overall cyber security posture of banks in Singapore,” said Mrs Ong-Ang Ai Boon, Director of The Association of Banks in Singapore (ABS).

Monetary Authority of Singapore (on CREST)

“Financial institutions face increasing cyber threats. It is therefore critical that they conduct robust penetration testing to identify and rectify system vulnerabilities promptly and effectively.  CREST’s Singapore chapter will help deepen the pool of qualified penetration testing expertise in Singapore and the region, and strengthen our financial institutions’ cyber defences,” said Mr Wong Nai Seng, Assistant Managing Director of MAS, who welcomed the development.

Infocomm Development Authority of Singapore

“A robust cyber security eco-system is critical to support Singapore’s Smart Nation ambitions.  We must build more sophisticated capabilities to tackle the increasingly complex cyber security challenges.  IDA will work closely with government agencies and industry partners on initiatives such as CREST penetration-testing certifications and the Cyber Security Associates & Technologists (CSAT) Programme, to help to raise the standards and deepen the skills of our cyber security professionals,” said Ms Jacqueline Poh, Managing Director of the Infocomm Development Authority of Singapore (IDA).

 

CREST

Background

Penetration testing is an important undertaking to assess and improve the Cyber Security posture of organisations. By identifying key and exploiting vulnerabilities, penetration testers are able to make recommendations to harden the security of important ICT systems. Qualified and competent penetration testing professionals and service providers are essential to improve the readiness of ICT systems against increasingly sophisticated cyber threats.

The Cyber Security Agency of Singapore (CSA), the Association of Information Security Professionals (AISP) in Singapore and CREST International have signed a Memorandum of Intent (MOI) to work together to introduce CREST certifications for penetration testing in Singapore. CSA will support AISP, a local body for Information Security professionals, to work with CREST International, a UK-headquartered non-profit organisation, to establish a CREST Singapore Chapter and offer penetration testing certifications. This initiative was developed in collaboration with the Monetary Authority of Singapore (MAS), the Association of Banks in Singapore (ABS) and the Infocomm Development Authority of Singapore (IDA).

CREST International has a range of certifications that include Penetration Testing, Incident Response, Malware Analysis and wider Information Security Architecture in the UK. Penetration testing certifications will be introduced first in Singapore, with more certifications potentially being rolled out subsequently.

CREST certifications for penetration testing provide assurance on:

  1. Service providers. This is in the form of validating their policies and procedures; technical security methodologies, reporting and data handling; validating private indemnity and public insurance coverage, employee background checks to ensure that trustworthy and competent employees are used on CREST penetration testing engagements; and
  2. Professionals. This is in the form of assessing their technical skills and knowledge, understanding of legal and regulatory frameworks, communication skills and information security knowledge.

The certification will offer transparent and open standards that serve as a competency baseline for practicing professionals and service providers in Singapore. In the UK and Australia, CREST certifications are already the prevailing industry standards for penetration testing and are endorsed by the government. By introducing the certification in Singapore, the aim is to help grow local skills and capabilities and provide assurance for professionals and service providers that perform penetration tests.

 




There are no comments

Add yours