MCI response to PQ on Update on CSA's Investigations into COSEINC
Parliament Sitting on 18 February 2022
QUESTION FOR ORAL ANSWER
19. Ms He Ting Ru: To ask the Minister for Communications and Information whether he can provide an update on the Cyber Security Agency’s investigations into a local company, Computer Security Initiative Consultancy (COSEINC), that has been added to an entity list by the US Department of Commerce.
20. Ms He Ting Ru: To ask the Prime Minister (a) whether the Government or related agencies have procured any services or products from a local company, Computer Security Initiative Consultancy (COSEINC); and (b) if so, what is the nature of the contract awarded to COSEINC.
Mr Speaker, Ms He Ting Ru has asked two questions about COSEINC. With your permission, I would like to address them together.
In November 2021, the US Department of Commerce placed several companies on the Bureau of Industry and Security’s Entity List, including local company, Computer Security Initiative Consultancy, also known as COSEINC. The effect of being placed on this List means that US persons intending to export, re-export or transfer items that the US regulates to COSEINC must first obtain a license to do so from the US Government.
Arising from this, the Cyber Security Agency (CSA) looked into COSEINC. The company’s offerings include cybersecurity training courses. We can share that in this regard, it is one of many vendors to have provided training services to the Government, and the contractual terms were standard.CSA also found no evidence that COSEINC had breached cybersecurity laws in Singapore. Companies found to have contravened our laws and regulations will be dealt with in accordance with the law.