Find out more at btsub.sg/btdeal
You are here
Singapore to introduce Cybersecurity Act and boost cybersecurity expenditure
SINGAPORE government will introduce a Cybersecurity Act, requiring owners and operators of critical information infrastructure (CII) to be responsible for securing their systems and networks.
Yaacob Ibrahim, Minister for Communications and Information who is also the minister-in-charge of cybersecurity, added that the government will be boosting its cybersecurity expenditure as a share of its information technology (IT) budget to at least 8 per cent in the long-term, from only 2.4 per cent currently.
According to a PwC study on Singapore's cybersecurity landscape, government is the largest contributor of cybersecurity expenditure, accounting for almost a quarter of the market alone in 2015. This is followed by the banking & securities as well as communications & services sectors at almost a quarter each and manufacturing at one-eighths. This leaves the rest of the economy, including healthcare, utilities, retail and transportation with just under a third of total cybersecurity expenditure.
"This is not enough. Cybersecurity expenditure has to keep pace with increased digitisation of business in all sectors,'' the minister said at The Financial Times Cyber Security Summit Asia Pacific held in Singapore.
The Cybersecurity Act will include compliance with policies and standards, conducting audits and risk assessments, and incident reporting. CII owners and operators will be required to participate in cybersecurity exercises to ensure readiness in managing cyber incidents. The Act will also facilitate sharing of cybersecurity information. It will complement the existing Computer Misuse and Cybersecurity Act, which will continue to govern cybercrime investigation.
The minister noted that the effects of a cyber-attack on the city-state could potentially affect wider economies as Singapore is an open and highly-connected business hub for trade, finance and logistics.
"We are studying and addressing the risks. These include the implications from last Friday's attack against the US-based Domain Name System service provider, Dyn, and the disruption to StarHub's Internet broadband service,'' he said.