The Cybersecurity Bill, which was expected to have been tabled this year, will instead be introduced in Parliament in 2018, according to Minister for Communications and Information Yaacob Ibrahim on Monday (Sep 18).

In his speech at the opening ceremony of the ASEAN Ministerial Conference on Cybersecurity, Dr Yaacob said in developing the Bill, the Government has consulted various stakeholders, including sector leads, potential critical information infrastructure (CII) owners, and the wider industry and public. It even extended the public consultation period in response to the interest in the legislation.

He added that the suggestions and feedback provided, many of which were “constructive and useful”, are currently being studied.

Dr Yaacob said during Budget 2016 that the Cybersecurity Act would ensure CII owners secure their infrastructure and report incidents, and also empower the Cyber Security Agency (CSA) to manage cyber incidents and raise the standards of cybersecurity vendors here.

The minister, who is also the country’s Minister-in-charge of Cyber Security, also pointed out that Singapore is working to develop a sustainable pool of skilled practitioners to improve security against the backdrop of a global shortage of such professionals.

To that end, he said CSA will sign a Memorandum of Understanding with the Information Systems Audit and Control Association, which will facilitate a collaboration on cybersecurity capability and workforce development.

Additionally, he said CSA and the Info-communications Media Development Authority have established partnerships with PwC Singapore and PCS Security as part of the Cyber Security Associates and Technologists programme to train and equip professionals with ICT or engineering backgrounds to take on cybersecurity jobs through company-led training.

REGIONAL EFFORTS

Beyond Singapore, Dr Yaacob pointed to efforts from its ASEAN counterparts to step up efforts to reorganise and better position themselves to strengthen the resiliency of the CIIs.

For instance, Indonesia recently established its national cyber agency – the National Cyber and Cipher Agency (or Badan Siber dan Sandi Negara). The new agency combines the capabilities of the Indonesia Security Incident Response Team on Internet Infrastructure and the State Cipher Agency under omen roof to better coordinate the country’s efforts in cybersecurity, the minister said.

Malaysia, too, has taken steps to enhance its cybersecurity talent pool, said Dr Yaacob. He said the Malaysian Digital Economy Corporation signed an agreement in December 2016 with the UK’s Protection Group International to set up a cybersecurity academy – the UK-APAC Centre of Security Excellence – in the country, and the academy will introduce UK GCHQ-accredited cybersecurity courses that will help professionals there operate at a high international standard.

Dr Yaacob also reiterated that Singapore is committed to foster close relationships with other ASEAN nations to build up regional cyber capacity, and it will deepen its support in this regard.

He announced that for the next three years, Singapore will set aside S$1.5 million of the S$10 million ASEAN Cyber Capacity Building programme announced in 2016 to build technical capability among incident responders and operators in the region.

The Government will also partner the industry to run an ASEAN Cybersecurity Industrial Attachment Programme, which will offer training opportunities here for up to 18 candidates from ASEAN member states.

“The training will focus on security operations centre operations and management, and other relevant technical areas of cybersecurity,” Dr Yaacob elaborated. “Through this programme, participants will be able to advance their technical capabilities in effectively monitoring and responding to cyber threats.”

He also said Singapore is supportive of having basic rules for behaviour in cyberspace and believes that ASEAN can work together to reach consensus on basic voluntary cyber norms for the region, and he called on members of the regional bloc for greater coordination on cyber policy and capacity building.

“Just as ASEAN came together in the face of a security threat 50 years ago and created the pre-conditions for all of us to do well, so too can we work closer together on cybersecurity to take full advantage of the fruits of digitalisation,” Dr Yaacob said.

MORE COORDINATION ON CYBERSECURITY

During the closed-door conference, ministers and senior officials from the 10 ASEAN member states, including the regional bloc’s secretary-general Le Luong Minh, agreed on the importance of enhancing coordination.

This is to ensure that the region’s cybersecurity efforts across its various platforms in countering increasingly sophisticated cyber threats are “focused, effective and in synergy with one another”, according to a press release following the conference.

It also noted that this year’s conference included a special session which saw the participation of ministers and senior officials from five ASEAN dialogue partners – Australia, China, Japan, New Zealand and the United States.

“Taking into account the increasingly inter-connected global economy and the transboundary nature of cyber threats, the special session highlighted the critical importance of international dialogue on cyber, as well as regular and robust inter-regional dialogue and cooperation between ASEAN and its dialogue partners,” the press release said.