5 key takeaways from SICW. . .
Riding high on the theme of partnerships, the Singapore International Cyber Week (SICW) 2019 brought together cyber security experts, startups and government bodies to strategise towards building the resiliency of the cyber ecosystem. This year’s focus came as no surprise, given the rise of politically motivated attacks spurring nations to work together.
Amidst the chatter and flurry of announcements that went out last week, here are five key takeaways from the Singapore International Cyber Week conference that mattered most:
1. Cybercrime is on the rise. According to Minister Teo Chee Hean’s opening address, there was a significant increase in local cybercrime cases, with up to 16% more cybercrime in 2018 as compared to 2017. Cybercrime now accounts for one-fifth of overall crime in Singapore and needs to be adequately addressed as the country presses on with its Smart Nation initiatives.
The top cyber threats in Singapore? As David Koh of Cyber Security Agency of Singapore (CSA) noted in his interview with GovInsider, they are: “Advanced persistent threats (APTs), website defacement, phishing and malware activities.” Phishing came as a bit of a surprise, given how much education has been going around the attack vectors of late, and with banks, the Singapore Police Force and government authorities continuously issuing warnings around phishing scams.
2. We need to shore up defences around OTs. CSA’s masterplan serves as a strategic blueprint to guide Singapore’s efforts to foster a resilient and secure cyber environment for operational technology (OT). There will be more training initiatives for OT cyber security professionals to advance their skill sets, and plans are in the pipeline to establish the OT Cybersecurity Information Sharing and Analysis Centre with the Global Resilience Federation.
3. Pool together resources to upskill talent. Commencing operations in 2020 is the National Integrated Centre for Evaluation (NICE), which serves as a one-stop shop to evaluate and test cyber products. The centre will conduct training programmes for cyber security professionals, and pools together industrial and research expertise from CSA and National Technology University (NTU).
4. Go a step further with the Vulnerability Disclosure Programme. Launched at SICW, the programme provides a channel for members of the public or private sector workers to report any vulnerabilities discovered on internet-facing government systems or applications. The second government Bug Bounty Programme (BBP) was viewed as a success, given that there were four uncovered bugs that were “high” in severity.
5. Place cyber security coordination under a regional lens. On the sidelines of SICW, the fourth ASEAN Ministerial Conference on Cybersecurity (AMCC) was held to coordinate cyber efforts in the region. Members of the AMCC have a year from now to study and propose recommendations in specific areas, including mutual assistance in cyber security, CERT cooperation, and protection of CII (critical information infrastructure).
The message from this year’s SICW is clear – the issues surrounding cyber security measures falls as a shared responsibility for the public and private sectors. Given the rise in cybercrime, there needs to be a concerted effort to protect those susceptible to falling for scams – such as the elderly.
As the famous philosopher Thomas Paine said, “It is not in numbers, but in unity, that our great strength lies.”