Singapore’s Next Step Towards Cyber Security?

United States Vice President Kamala Harris embarked on her official visit to Singapore with the intention of deepening bilateral cooperation between the United States and Singapore. A key outcome was the path forward for deepened collaboration in cyber security with three Memorandums of Understanding (MOUs) being signed between the two countries.

The first MOU signed by the Cyber Security Agency (CSA) looks to establish cooperation with regular exchange of information on cyber threats and coordination of response to cyber security incidents. The second - signed by MINDEF/SAF - will look to enhance information sharing and technical exchange while strengthening collaboration in capacity building efforts. The final MOU signed by the Monetary Authority of Singapore (MAS) covers cyber security regulations, guidance on incidents and threat intelligence in the financial sector.

President Joe Biden issued an executive order

Microsoft and Google committed USD 30 Billion over next 5 years to accelerate cybersecurity initiatives while IBM plans to train 150,000 individuals with cybersecurity skills over the next 3 years

Cybersecurity ranks fairly high on Singapore’s agenda. The formation of CSA, the Personal Data Protection Act (PDPA) and initiatives like the Cyber-labelling Scheme (CLS) which provides a security-based star-rating to smart devices are in many ways ahead of the curve, especially in the region. Even MAS updated its Technology Risk Management guidelines earlier this year to address cyber-risks.

However, there is much to be desired when it comes to adoption and enforcement. Take for example the penalties meted out for breaches - the largest fine in Singapore was SGD 750,000 to Integrated Health Information Systems (IHiS) for the SingHealth attack in 2018. Contrast this with the United States issuing a USD 575 Million fine to Equifax when it lost credit-related data of about half the US population in 2017.

a ransomware attack led to 73,500 records being compromised

Cybersecurity is a complex problem for which there is no silver bullet. Initiatives and collaborations like recently signed MOUs are a great way to bring cybersecurity to the fore, but solving them needs more. If we were to learn from our counterparts in the United States, a combination of bringing the public-private sector together while enforcing strict regulations instead of mere guidelines are the immediate next steps we should take as a nation.