A Code of Practice on infocomm security is being developed to ensure that Internet Service Providers (ISPs) put in place baseline security to deal with current and emerging cyber threats. ISPs will also be required to share infocomm security information to further raise the level of infocomm security readiness and response in Singapore.
These initiatives are among the new programmes under the Infocomm Security Masterplan 2 (MP2) announced by Mr Lui Tuck Yew, Acting Minister for Information, Communications and the Arts at the Information Security Seminar on 22 March 2010.
Speaking at the seminar, Mr Lui said feedback from ISPs is being gathered to align their infocomm security plans with the implementation of the Code, which will be issued by the third quarter of this year. Periodic audits will be conducted to ensure that ISPs observe the Code of Practice.
The public sector will enhance its capabilities to collate and analyse information on the prevailing infocomm security situation.
IDA is also facilitating the sharing of infocomm security information among ISPs. This will allow ISPs and IDA to enhance their early warning capability against emerging cyber threats and make informed decisions on the appropriate pre-emptive measures to be taken.
Other new MP2 programmes announced by Mr Lui include initiatives aimed at strengthening public sector security capabilities and enhancing infocomm security awareness and adoption in Singapore.
The public sector will enhance its capabilities to collate and analyse information on the prevailing infocomm security situation. “With the need to address evolving risks and cyber security threats, it is important that decision makers and security managers get the most accurate information to make timely and informed decisions,” said Mr Lui. This will be enabled through the use of business analytics tools to analyse and present relevant information as well as facilitate early identification of cyber threats so that relevant measures can be taken.
In addition, the public sector will also strengthen its capabilities to address threats from massive cyber attacks such as Distributed Denial-of-Service. This will be established through a comprehensive range of measures that include policies, technical controls and competency building.
To enhance the level of infocomm security awareness and adoption in Singapore, new programmes are also initiated in partnership among the public, people and private sectors through the Cyber Security Awareness Alliance. The Alliance aims to build a positive culture of cyber security in Singapore and promote awareness and adoption of essential infocomm security practices. It comprises of representatives from the Government, private enterprises, trade associations and non-profit organisations. “Through the Alliance, the collective resources and outreach channels of the partners are harnessed to reach out to different target groups such as students, home-users and SMEs,” said Mr Lui.
For example, the Alliance is currently working with the National Crime Prevention Council to develop the “Virtual Cyber Security Park” portal that will enable students to learn various facets of cyber wellness, safety and security via interactive mode such as educational online games. Other approaches adopted by the Alliance in reaching out to the community-at-large include leveraging social networking websites to create interest groups for sharing cyber security tips and best practices. It will also tap on platforms of partners such as the Singapore Infocomm Technology Federation’s outreach events, seminars, trade associations networking sessions to reach out to businesses.