Businesses and organisations in Singapore will get a helping hand to strengthen their cybersecurity posture with the launch of a slate of new initiatives by the Cyber Security Agency of Singapore (CSA) under its SG Cyber Safe Programme. The Cybersecurity Toolkits for Enterprises and new SG Cyber Safe Partnership Programme were announced by Minister of State for Communications and Information, Mr Tan Kiat How, at the SG Cyber Safe Partnership Programme launch this morning, held as part of the Singapore International Cyber Week (SICW) 2021.
As Singapore builds up its digital economy and more businesses go digital in the wake of the COVID-19 pandemic, cyber threats such as ransomware and supply chain attacks continue to remain major concerns. For instance, CSA’s Singapore Cyber Landscape report released in June 2021 showed a 154 per cent increase in ransomware cases year-on-year: from the 35 cases reported to CSA in 2019 to 89 reported cases in 2020. These cases affected mostly Small-and-Medium Enterprises (SMEs). SMEs and larger enterprises could also be susceptible to the downstream ramifications of supply chain attacks, as highlighted by the SolarWinds and Kaseya supply chain cyber incidents in the past two years.
SG Cyber Safe cybersecurity toolkits for enterprise leaders & employees
To help enterprises take greater ownership of cybersecurity, CSA has tailored the SG Cyber Safe cybersecurity toolkits for key enterprise roles: large enterprise leaders and Small Medium Enterprise (SME) owners, IT teams, and employees. The cybersecurity toolkits for enterprise leaders and SME owners, and employees are now available for download and use at http://www.csa.gov.sg/sgcybersafe
The toolkit for enterprise leaders and SME owners will focus on the business reasons for business leaders and SME owners to invest in cybersecurity, such as rationalising investment in cybersecurity, and how fostering a culture of cybersecurity would enable enterprises to reap the benefits of digital transformation. Although 80 per cent of Singapore SMEs embrace digital transformation and have digital transformation in place1, cybersecurity has been the key reason for small enterprises not digitalising2. The toolkit is one way to simplify cybersecurity and enable business leaders of all enterprise sizes to make informed trade-offs between security, system usability and cost. Topics include the cultivation of cybersecurity leadership and guidance for employee cybersecurity education.
On the other hand, the cybersecurity toolkit for employees is intended for enterprises to “plug and play” as an employee programme for raising awareness and conducting cybersecurity training. This is crucial as employees are the first line of defence and key to any enterprise’s cybersecurity. The toolkit encourages employees to self-serve and learn about cybersecurity to stay cyber safe at work as well as in their private life. The content addresses
the most common cyber threats faced by employees such as phishing, as well as weak cybersecurity practices such as using compromised and weak passwords.
Partnering industry on cybersecurity outreach to enterprises
CSA will also be partnering the industry to further drive cybersecurity awareness to local businesses, individuals and the wider community. Under the new SG Cyber Safe Partnership Programme, enterprises could develop training content, products and services, or community outreach programmes to raise awareness and encourage adoption of good cybersecurity practices by businesses and public.
Under the programme, partnering organisations are classified under two categories: SG Cyber Safe “Advocate” and “Member”. Advocates would typically have a greater and deeper level of collaborations with CSA – such as co-developing programmes and conducting enterprise outreach that complement SG Cyber Safe initiatives. For a start, CSA has secured the support of 19 partners – comprising global and local business organisations, trade associations and societies – under the programme. For more details on the programme and quotes by partner organisations, refer to Annexes A and B.
“Cybersecurity is a collective responsibility that requires the government and the industry to work closely together. The Government alone cannot reach out to all businesses to encourage them to strengthen their cyber resilience. Private-public collaboration is therefore key to ensuring that businesses stay cyber-secure. We welcome other industry partners who are keen to work with CSA to drive cybersecurity awareness, shift attitudes and encourage adoption amongst enterprises in their digitalisation journeys,” said Mr Tan who presented plaques of appreciation to the pioneer SG Cyber Safe partners at the event in Marina Bay Sands this morning.
Announced during the Ministry of Communications and Information (MCI)’s Committee of Supply (COS) in March 2021, the SG Cyber Safe Programme is one of the major initiatives under CSA’s Safer Cyberspace Masterplan. The Masterplan – launched at SICW 2020 – aims to bring up the general level of cybersecurity awareness and drive adoption of good cyber practices by individuals, businesses and the larger community. The SG Cyber Safe Programme targets specifically businesses and enterprises to raise their cybersecurity awareness, equip them with relevant tools and resources to take action in raising their enterprise cybersecurity posture, and encourage cybersecurity adoption.
1 Singapore News Center. “Over 80% of Singapore SMEs embrace digital transformation; more than half report slowdowns due to COVID 19: ASME-Microsoft study 2020”. https://news.microsoft.com/en-sg/2020/10/22/over-80-of-singapore-smes-embrace-digital transformation-more-than-half-report-slowdowns-due-to-covid-19-asme-microsoft-study-2020/.
2 ZDNet. “Cybersecurity, skills concerns hamper Singapore SMB digitalisation efforts” https://www.google.co.uk/amp/s/www.zdnet.com/google-amp/article/cybersecurity-skills-concerns-hamper-singapore-smb digitalisation-efforts/