Skip to Content

Web Content Display Web Content Display

SPBlogs SPBlogs

All Articles

The New Frontier: What It Takes to Defend Our Cyberspace



Comparing to three years ago where the mention of “cybersecurity” would have drawn blank stares, a recent cybersecurity public awareness survey conducted in 2017 have shown that there has been a gradual uptake in adoption of cybersecurity measures with 70% of the 2,000 respondents surveyed agreeing that every Singaporean has a role to play in cybersecurity. The Cyber Security Agency of Singapore (CSA) has played a pivotal role in contributing to this outcome. And standing at the forefront in protecting Singapore’s cyberspace, David Koh, Chief Executive of CSA, points out how the agency is keeping the positive growth momentum going by actively engaging all stakeholders.


Q: Question, DK: David Koh


Q: It has been three years since CSA was formed. How has the local cybersecurity landscape changed since then?

DK: The landscape has changed quite dramatically. In recent years, cybersecurity threats are getting more sophisticated and disruptive. We have seen how these attacks caused major disruptions, such as the Wannacry ransomware attack in 2017, and the attacks on power grids in Ukraine in 2016 and 2017 that resulted in power outages. Today, cybersecurity has become a topic of concern because many are seeing the massive disruptions that cyber-attacks can cause.


Q: How has this shaped CSA’s work?

DK: A key focus for CSA is to build up cybersecurity defences for our essential services.


One of the ways to do so is by strengthening our cybersecurity governance and legislative framework. We introduced Singapore’s Cybersecurity Act which is an important piece of legislation to empower us to work with Critical Information Infrastructure (CII) owners to put in place pre-emptive measures and to respond expediently to cybersecurity incidents. The Act was passed in February 2018. We also work closely with CII sector leads to assess CIIs for vulnerabilities and ensure that capabilities and measures are in place to detect, respond to and recover from cyber threats. Working with stakeholders across 11 CII sectors1 calls for an appreciation of the diverse dynamics and operating contexts in these industries. No one solution fits all, and every one requires a unique approach. While this makes our work at CSA challenging, it also makes it very dynamic and exciting.


Q: In Singapore’s push towards digitalisation and becoming a Smart Nation, what role does cybersecurity play?

DK: As Singapore pursues our Smart Nation aspiration, our use of and reliance on technology will only increase. These will inadvertently expand our attack surface, exposing ourselves to greater cyber risks.


We cannot be a trusted Smart Nation if our systems are open and vulnerable. Hence cybersecurity is a key enabler.


We must consider cybersecurity in our usage as well as in the development of new technologies. CSA actively advocates the practice of security-by-design, which refers to the incorporation of cybersecurity considerations upfront in the design of products or services. We are currently exploring a light-touch evaluation and certification scheme to provide a baseline security hygiene benchmark for such devices. In parallel, we encourage users to adopt a cybersecurity-first mindset and not be complacent about protecting their devices and data.


Q: What is being done to boost the cybersecurity workforce in Singapore?

DK: When people talk about cybersecurity, they are always thinking about the cyber-attacks and the damages. Truth is, it is actually a fast-growing industry. Globally, the cybersecurity industry is growing at a rapid pace and there is a strong demand for cybersecurity professionals.


Currently, there is a shortage of cybersecurity professionals globally. To address this talent shortfall, CSA works closely with Institutes of Higher Learning (IHLs) to attract promising students and ensure the relevance of curriculum to industry needs. We also work with industry players to support new entrants to the profession through initiatives such as the


Cyber Security Associates and Technologists (CSAT) programme and other scholarship programmes. Cybersecurity is not all doom and gloom. It is an exciting industry which presents economic opportunities and good jobs for our people.



No comments yet. Be the first.

Related stories