Businesses and organisations in Singapore will get a helping hand to strengthen their cybersecurity posture with the launch of a slate of new initiatives by the Cyber Security Agency of Singapore (CSA) under its SG Cyber Safe Programme. The Cybersecurity Toolkits for Enterprises and new SG Cyber Safe Partnership Programme were announced by Minister of State for Communications and Information, Mr Tan Kiat How, at the SG Cyber Safe Partnership Programme launch this morning, held as part of the Singapore International Cyber Week (SICW) 2021.
As Singapore builds up its digital economy and more businesses go digital in the wake of the COVID-19 pandemic, cyber threats such as ransomware and supply chain attacks continue to remain major concerns. For instance, CSA’s Singapore Cyber Landscape report released in June 2021 showed a 154 per cent increase in ransomware cases year-on-year: from the 35 cases reported to CSA in 2019 to 89 reported cases in 2020. These cases affected mostly Small-and-Medium Enterprises (SMEs). SMEs and larger enterprises could also be susceptible to the downstream ramifications of supply chain attacks, as highlighted by the SolarWinds and Kaseya supply chain cyber incidents in the past two years.
SG Cyber Safe cybersecurity toolkits for enterprise leaders & employees
To help enterprises take greater ownership of cybersecurity, CSA has tailored the SG Cyber Safe cybersecurity toolkits for key enterprise roles: large enterprise leaders and Small Medium Enterprise (SME) owners, IT teams, and employees. The cybersecurity toolkits for enterprise leaders and SME owners, and employees are now available for download and use.
The toolkit for enterprise leaders and SME owners will focus on the business reasons for business leaders and SME owners to invest in cybersecurity, such as rationalising investment in cybersecurity, and how fostering a culture of cybersecurity would enable enterprises to reap the benefits of digital transformation. Although 80 per cent of Singapore SMEs embrace digital transformation and have digital transformation in place, cybersecurity has been the key reason for small enterprises not digitalising. The toolkit is one way to simplify cybersecurity and enable business leaders of all enterprise sizes to make informed trade-offs between security, system usability and cost. Topics include the cultivation of cybersecurity leadership and guidance for employee cybersecurity education.
On the other hand, the cybersecurity toolkit for employees is intended for enterprises to “plug and play” as an employee programme for raising awareness and conducting cybersecurity training. This is crucial as employees are the first line of defence and key to any enterprise’s cybersecurity. The toolkit encourages employees to self-serve and learn about cybersecurity to stay cyber safe at work as well as in their private life. The content addresses the most common cyber threats faced by employees such as phishing, as well as weak cybersecurity practices such as using compromised and weak passwords.
Partnering industry on cybersecurity outreach to enterprises
CSA will also be partnering the industry to further drive cybersecurity awareness to local businesses, individuals and the wider community. Under the new SG Cyber Safe Partnership Programme, enterprises could develop training content, products and services, or community outreach programmes to raise awareness and encourage adoption of good cybersecurity practices by businesses and public.
Under the programme, partnering organisations are classified under two categories: SG Cyber Safe “Advocate” and “Member”. Advocates would typically have a greater and deeper level of collaborations with CSA – such as co-developing programmes and conducting enterprise outreach that complement SG Cyber Safe initiatives. For a start, CSA has secured the support of 19 partners – comprising global and local business organisations, trade associations and societies – under the programme.
The SG Cyber Safe Partnership Programme is a new initiative under the Cyber Security Agency of Singapore’s (CSA) SG Cyber Safe Programme. The SG Cyber Safe Programme – one of the major initiatives under the Safer Cyberspace Masterplan – targets specifically businesses and enterprises to raise their cybersecurity awareness, equip them with relevant tools and resources to take action in raising their enterprise cybersecurity posture, and encourage cybersecurity adoption.
As Singapore builds up its digital economy and more businesses go digital in the wake of the COVID-19 pandemic, cyber threats such as ransomware and supply chain attacks continue to remain major concerns. The SG Cyber Safe Partnership Programme galvanises and builds on the “multiplier effect” for the business community to support CSA in the latter’s cybersecurity awareness and adoption efforts, in this increasingly fraught cyber environment. Under the partnership programme, partners could develop training content, products and services, or community outreach programmes to raise awareness and encourage adoption of good cybersecurity practices by enterprises and the public.
Under the SG Cyber Safe Partnership Programme, partnering organisations are classified under two categories: SG Cyber Safe “Advocate” and “Member”. Advocates would typically have a greater and deeper level of collaborations with CSA – such as working with CSA on existing community outreach programmes – than Member organisations. Partnering organisations would typically also share an interest with CSA in promoting cybersecurity awareness and adoption.
For a start, CSA has secured the support of global and local business organisations, trade associations and societies, as SG Cyber Safe partners. Pioneer SG Cyber Safe Advocates are:
- AIG Asia Pacific Insurance Pte. Ltd.
- BOXX Insurance Inc
- CyberSafe Pte Ltd
- Dell Technologies
- Ensign InfoSecurity
- Fortinet Singapore Private Limited
- Google Singapore Pte. Ltd
- Horangi Pte Ltd
- Huawei International Pte Ltd
- i-Sprint Innovations Pte Ltd
- Mastercard Asia/Pacific Pte Ltd
- Microsoft Singapore
- Splunk Inc.
- V-Key Pte Ltd
Trade Associations & Societies
- Association of Information Security Professionals (AiSP)
- Singapore Business Federation
- Singapore Chinese Chambers of Commerce and Industry
- The Law Society of Singapore
Examples of the partnerships and contributions by pioneer SG Cyber Safe partners include collaborating on content to complement CSA’s SG Cyber Safe initiatives. Mastercard, for example, has created the Mastercard Trust Centre to help small and medium enterprises (SMEs) defend their business against cybercrime through free online access to trusted cybersecurity research, education, resources and tools. V-Key Pte Ltd, for example, has contextualised their identity solution as a multi-factor authentication solution for SMES; this is aligned to CSA’s efforts to encourage the adoption of multi-factor authentication to protect high-value accounts. In terms of outreach, the Singapore Business Federation will work with CSA to reach out to their business community – through events, webinars and curated content – to enhance the cybersecurity awareness of SMEs.
The tenure of the partnership programme is two years. SG Cyber Safe partner companies may approach CSA to discuss the extension of their participation in the programme after their initial tenure. Being an SG Cyber Safe partner organisation is not tantamount to CSA endorsing the partnering company and/or its products/services as possessing a higher cybersecurity rigour. Instead, SG Cyber Safe partners and other business enterprises may apply to be certified under the SG Cyber Safe Trustmark when it is launched in 2022.
Announced during the Ministry of Communications and Information (MCI)’s Committee of Supply (COS) in March 2021, the SG Cyber Safe Programme is one of the major initiatives under CSA’s Safer Cyberspace Masterplan. The SG Cyber Safe Programme targets specifically businesses and enterprises to raise their cybersecurity awareness, equip them with relevant tools and resources to take action in raising their enterprise cybersecurity posture, and encourage cybersecurity adoption.
“Cybersecurity is a collective responsibility that requires the government and the industry to work closely together. The Government alone cannot reach out to all businesses to encourage them to strengthen their cyber resilience. Private-public collaboration is therefore key to ensuring that businesses stay cyber-secure. We welcome other industry partners who are keen to work with CSA to drive cybersecurity awareness, shift attitudes and encourage adoption amongst enterprises in their digitalisation journeys,” said Mr Tan who presented plaques of appreciation to the pioneer SG Cyber Safe partners at the event in Marina Bay Sands this morning.
Coming on board the programme as an Advocate, Huawei will have a stronger and deeper level of collaboration with CSA, through co-developing programmes and conducting enterprise outreach that complement SG Cyber Safe initiatives. Huawei will work with CSA to jointly organise webinars for local enterprises on imperative cybersecurity topics, such as enterprise data backup and data protection. To raise cybersecurity awareness among local businesses and the wider community, Huawei will also develop informational social media content to be published on the company’s Singapore Facebook and LinkedIn channels.
As part of the collaboration, Huawei is also participating in industry consultations with CSA to contribute feedback on CSA’s proposed approach for the SG Cyber Safe Trustmark and mark of cyber hygiene.
“As more enterprises go digital with increased exposure to cyber threats, organisations must be well-equipped with the necessary tools and knowledge to mitigate cyber threats such as ransomware and supply chain attacks. Creating a safe cyberspace and robust digital economy requires collaboration among all players and stakeholders in the community,” said Mr Foo, “We are honoured to partner with the Cyber Security Agency of Singapore (CSA) under the SG Cyber Safe Partnership Programme. We look forward to working closely with CSA and playing our part as a responsible and leading technology company that equips businesses with solutions, tools, and knowledge to boost cyber wellness.”
Deborah Heng, Country Manager, Singapore, Mastercard:
“In today’s digital economy, the points of vulnerability subject to cyberattacks are constantly expanding. According to the Mastercard New Payments Index, security and data protection concerns are top of mind for consumers, with one in four respondents in APAC saying they were victims of fraud in the last year. As Singapore moves towards endemic COVID-19, businesses of all sizes need to reimagine digital security, and tighten cybersecurity measures to achieve sustained growth. Mastercard looks forward to working closely with CSA under the SG Cyber Safe Partnership Programme to strengthen cybersecurity initiatives and protect our digital way of life, as it is our collective responsibility to ensure that the digital ecosystem remains safe and secure.”
Lam Yi Young, CEO, Singapore Business Federation
“SBF is pleased to be among the first partners of CSA’s SG Cyber Safe Partnership Programme. We hope to raise cybersecurity awareness and capabilities among the business community so that they are well-prepared to detect, prevent and protect themselves against cyber- attacks. As companies adopt digitalisation and remote work arrangements, they may be at higher risks of such cyber threats. This partnership with CSA will allow us to help more SMEs implement cybersecurity strategies and solutions to protect their digital systems and safeguard the security of their enterprise data.”
Joseph Gan, CEO & Co-Founder, V-Key
“V-Key’s vision is to secure the global digital experience. As a company headquartered in Singapore, we spare no effort in raising awareness around cyber threats and helping local companies to address potential digital loopholes as they build their digitalisation strategies and services. With better understanding of the threat landscape and accelerated Cyber Readiness, it will help towards fortifying and strengthening the foundation of the digital economy.”
Christian Sandric, President and CEO, AIG Asia Pacific Insurance Pte. Ltd
“AIG is pleased to partner with the CSA in the SG Cyber Safe Programme, and to play a proactive role in helping to further develop cyber resiliency in Singapore. Digital ecosystems are enabling new ways of doing business and for the wider community to fulfill their day-to- day essential needs. This means that having robust cybersecurity is now a critical imperative for businesses, and addressing the human factor in cyber risk such as educating individuals about cyber awareness and hygiene topics are important areas that require collective support from all members of the digital ecosystem.”