A Code of Practice on infocomm security is being developed under the Infocomm Security Masterplan 2 (MP2) to ensure that Internet Service Providers (ISPs) put in place essential security to deal with current and emerging cyber threats. ISPs will also be required to share infocomm security information to further raise the level of infocomm security readiness and response in Singapore.
"The Infocomm Security Masterplan 2 is a living document that is constantly refreshed and kept relevant. With ever-increasing cyber threats, we continue to enhance it and constantly ask ourselves - what are the demands, where are the threats, what more must we do to better secure our government and our critical infocomm systems."
- Ms Christina Gan, Senior Director (Infocomm Security & Assurance Division), IDA
Under MP2, the public sector will also strengthen its capabilities to collate and analyse information on the prevailing infocomm security situation, as well as to address threats from massive cyber attacks such as Distributed Denial-of-Service. This will be established through a comprehensive range of measures that include policies, technical controls and competency building.
The Cyber Security Awareness Alliance, which comprises representatives from the Government, private enterprises, trade associations and non-profit organisations, is implementing various programmes to enhance the level of infocomm security awareness and adoption in Singapore. One of these outreach engagements include working with the National Crime Prevention Council to develop the “Virtual Cyber Security Park” portal. This will enable students to learn various facets of cyber wellness, safety and security via interactive mode such as educational online games.
"The QISP programme supports IDA's second Infocomm Security Masterplan to build Singapore's security preparedness and competencies in cyber security. The response to date has been overwhelming, with more students signing up than expected for the planned three runs."
- Mr Gerard Tan, President, Association of Infocomm Security Professionals
In another development, the Association of Information Security Professionals (AISP) has launched a training programme aimed at raising professional proficiency and building a critical pool of competent personnel in Singapore to handle, contain and manage cyber security threats. The Qualified Information Security Professional (QISP) programme, encompassing training and an examination, is jointly developed by the AISP and the Institute of Systems Science.
Policy and regulatory framework
The Infocomm Development Authority of Singapore (IDA) has enhanced its telecommunication dealer licensing and equipment registration framework to simplify licensing and equipment registration processes and offer telecom licensees more convenience and time and cost savings.
With effect from 15 April 2010, IDA lifted the import control of all telecommunication equipment except prohibited telecommunication equipment or other equipment as determined by IDA. In addition, the period covered under IDA’s Dealer’s Individual Licence has been extended from one year to five years.
"The new licensing and registration processes are fast and simple. We do not have to spend much time training new staff to do the licence submission."
- Mr Tan Teng Keong, Assistant General Manager, Sony Electronics (S) Pte Ltd
"Nokia welcomes IDA's move to simplify dealer licensing and equipment registration for WCDMA and Bluetooth products in May 2010. These policy changes were timely and they benefit the industry as a whole since products supporting these technologies have been proven in the market for many years and are considered mature. IDA is quick to embrace new technologies and ideas and constantly enhances existing processes. We often hear positive comments regarding IDA from other Type Approval Regulators in the region whenever we visit them."
- Mr Thomas Tan, Regional Certification Manager, Nokia Pte Ltd
The Enhanced Simplified Equipment Registration scheme, which enables free-of-charge and quicker turnaround time for equipment registration, has also been extended to cover more categories of telecommunication equipment such as cordless phones.
On the legislation front, the Electronic Transactions Act (ETA) has been re-enacted as of 1 July 2010 to harmonise Singapore’s laws on electronic transactions with international developments, facilitate more effective delivery of e-Government services and enhance technology neutrality so that Singapore can better respond to the changing and continued developments in security technology.
Singapore was one of the first countries in the world to introduce legislation to enable electronic commerce, when the ETA was enacted in 1998. This revised ETA “is of strategic importance given the increasing use of the electronic medium for communications and transactions, and substantial growth in global e-commerce trade,” said Mr Lui Tuck Yew, then Acting Minister for Information, Communications and the Arts, in the second reading on the Electronic Transactions Bill 2010 on 19 May 2010.