Story image

Singapore Govt leads massive cyber training exercise for CIIs

19 Jul 2017

The Cyber Security Agency of Singapore (CSA) put the government’s incident management and emergency response plans to the test yesterday, as part of the second trial of ‘Exercise Cyber Star’.

The exercise, part of an effort to improve the response times across all 11 designated critical information infrastructure (CII) sectors in Singapore.

More than 200 participants including sector leads and CII owners from the eleven sectors participated in the exercise. The sectors included aviation, healthcare, land transport, maritime, media, security & emergency, water, banking, finance, energy, government and infocomm sectors.

The exercises covered simulated cyber attack scenarios that covered different areas, such as web defacement, widespread data exfiltration malware, ransomware, DDoS attacks and cyber-physical attacks.

CSA chief executive David Koh says, “These exercises are important in bringing all our critical sectors together to strengthen our incident response plans and enable better cross-sector coordination. With greater interconnectivity, and proliferation of cyber threats, the ability of our critical sectors to respond promptly to attacks is vital”.

The exercise also included a series of complex scenatio planning sessions, workshops and tabletop discussions, in addition to the final exercise that was held yesterday.

Deputy Prime Minister Teo Chee Hean attended the exercise, alongside Minister-in-Charge of Cybersecurity, Dr Yaacob Ibrahim and Senior Minister of State for Communications, Information and Education, Dr Janil Puthucheary.

All three ministers were briefed on the exercise and watched Singapore’s National Cyber Incident Response Teams (NCIRTs) undergo technical validation exercises in a cyber range.

The NCIRTs comprise representatives from the CSA, Govtech, MHA and MINDEF incident response teams, and are part of the Tier 1 and Tier 2 response under the national cyber response plan.

Last week the CSA announced that it is seeking feedback on a proposed bill to put more onus on the owners of CIIs in regards to cyber threats, meaning owners have a responsibility to protect the assets from cyber attacks before they occur.

The CSA is also seeking more control over cyber threat and incident management and to licence regulation of penetration testing and managed security operations services.

“Against the backdrop of proliferating cyber incidents globally and locally, it is imperative that we take a more pro-active and holistic approach to strengthen our resilience against cyber-attacks, especially for CIIs. New cybersecurity legislation is needed so that we can take pro-active measures to protect our CIIs, respond expediently to cyber threats and incidents and facilitate sharing of cybersecurity information across critical sectors”.

Interested parties have until 5pm, 3 August 2017 to submit feedback.

Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
Adura launches new SOC and MSP in Singapore
The new SOC focuses on the needs of businesses to gain insight into their organization’s security posture and increase their ability to react promptly.