Story image

Singapore govt, telcos must refrech cybersecurity focus

05 Feb 2019

Singapore’s Senior Minister of State, Ministry of Communications and Information is taking a refreshed look at the importance of the country’s cybersecurity. In a speech to attendees at the Infocomm Media Cybersecurity Conference last month, Dr Janil Puthucheary reiterated Singapore’s aim to be a Smart Nation that is secure, trusted and resilient.

It is connectivity that underpins technology as an enabler for opportunities, such as 5G, narrowband internet-of-things sensor networks, and others.

But, Puthucheary warns, all of these need cybersecurity.  “A single, isolated computer is easy to secure. But as soon as you have that connection, your threat surface increases, and opportunities for vulnerabilities and penetration also increase. Cybersecurity, in a way, is a consequence of how connectivity drives these waves of transformation. The telecomm industry is key and is fundamental to secure our telco infrastructure and services, and the business that telco operators provide.”

The only way to secure connectivity infrastructure is teamwork and collaboration between government and the telecommunications industry.

“Today, we need to consider the future, as these risks are magnified by new technologies, products and platforms. Advancements in cyber threats are ever present, such as Ransomware-as-a-service, and the weaponisation of AI and use of machine learning,” says Puthucheary.

“The pace of acceleration and the threat around cybersecurity is just as rampant. Opportunities are also created by disruption and transformation of businesses. Everything is evolving at a pace in which technology needs to keep up through deeper, richer connectivity networks and new technologies.”

The Infocommunications Media Development Authority of Singapore has been promoting cybersecurity through a number of initiatives, including the Singapore Computer Emergency Response Team (ISG-CERT), and through revisions to the Telecommunications Cybersecurity Code of Practice.

Puthucheary says more needs to be done. It will not only publish an IoT cybersecurity guide that lists recommendations for protecting IoT systems against threats, it will also run a public consultation on that guide.

“The problem is going to be firstly, a multiplication of the number of devices. The opportunity for cybersecurity penetration will increase, but also the behaviour of these devices – we expect them to run autonomously for months, if not years.” 

“The usual behavioural ways in which we know something is wrong with our computers and networks – these types of assurances are not there if we have a broad, rich and deep IoT device network. We need to rethink what is our regulatory approach and what is the way in which we can assure customers and users of the security of our IoT systems. We need these types of resources, and we need to think about this in a different way.”

IMDA is also looking at quantum key distribution technology and how it can be applied to advanced forms of encryption.

Currently IMDA is involved in developing the Telecom Cybersecurity Strategic Committee (TCSC), which will build Singapore telco providers’ cybersecurity capabilities.

The TCSC will aim to identify challenges, as well as key telecommunication technologies and market developments that will shape the cyber threat landscape. This will ensure that we are always updated on global, technological and industry trends.

It will also act as a regulator and promoter of development that balances innovation with the right regulations.

“We as individuals need to play our part as well and participate in that collective responsibility,” says Puthucheary.

“Often, some of the risks and threats associated with cybersecurity are not about the technology software or hardware, but is about human behaviours and vulnerabilities that we bring – as users, employees or participants – in this space. We also have to play our part to secure our technological platforms and networks to make sure that cybersecurity is something that we are actively maintaining.”

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.