Singapore tackles risk to critical information infrastructure

Singapore tackles risk to critical information infrastructure

Singapore has launched a major new initiative to manage cybersecurity risks to its critical information infrastructure.

The CII Supply Chain Programme will help organisations establish best practices to manage cybersecurity risks across its supply chain.

The project involves the Cyber Security Agency (CSA), CII owners (across 11 sectors) and their vendors. The initiative serves to provide recommended processes and sound practices for all stakeholders, so they can better understand their vendors and identify potential risks.

This comes off the back of the recent SolarWinds breach, and MAS’ effort to tighten cybersecurity in the financial sector. Evidently, there is a heightened awareness of the need to increase the visibility of entire supply chain operations, especially in today’s digital economy.

Joanne Wong, Vice President, International Markets, LogRhythm, said: “Singapore is not playing around when it comes to cybersecurity – the recent SolarWinds breach has cast a spotlight on the need for organisations to implement not only robust internal cyber-practices, but to also insist the same level of cyber-vigilance across their entire supply chain.

“The enhanced regulations, first for financial institutions and now critical information infrastructure, drive home the need for both private and public institutions to adopt a zero-trust cybersecurity posture across their entire digital operations.

“After all, we have witnessed the far-reaching implications of a single weak link, and cannot risk falling victim to the next big cyberattack. Organisations, especially in these essential sectors, must safeguard their operations and maintain visibility over their entire network by ensuring third-party vendors have the same levels of safeguards to effectively identify and remediate threats with speed.

“This goes hand-in-hand with the zero-trust philosophy of not trusting any unverified activity, and the need for constant monitoring and surveillance to detect suspicious activities.”

Wong further explained what Singapore is doing to fight back against cybercriminals.

“Singapore’s continued efforts in establishing itself as a regional hub across multiple sectors has always been underscored by the need to strengthen its digital economy and digital readiness efforts,” she said.

“The digital space is, after all, where today’s economic opportunities lie, and this imperative has only been exacerbated by the rise of remote work and e-commerce during the pandemic. 

“Beyond these new opportunities, the real challenge lies in securing digital operations for the long-run. Cybercrime is on the up, and cybercriminals are increasingly employing more sophisticated techniques to exploit vulnerabilities in the system. Even reputable brands like Singtel and Singapore Airlines have not been spared. 

“It’s evident that the government takes these incidents very seriously, having acted swiftly to implement new measures like MAS’ enhanced regulations and the CII Supply Chain Program. While the initiatives differ in specifics, they unambiguously signal the need for more vigour and oversight across the entire digital supply chain.

“They are also guided by the Zero Trust model, where verification at every step ensures that only trusted identities have access to data and information. In doing so, organizations will be better equipped to nip incidents in the bud, so that a single weak link cannot compromise an entire organization or more. 

“Such efforts and measures will take time to come to full fruition, and different organizations will inevitably face unique hurdles when trying to transform their technology infrastructure. But this is a promising start, and as we collectively experience a mindset shift – where cybersecurity becomes second nature – Singapore will truly be equipped to reap the benefits of the digital economy, today and long into the future.”

Click below to share this article

Browse our latest issue

Intelligent CIO APAC

View Magazine Archive