Speech by Minister Josephine Teo at the AISP SEA Cybersecurity Consortium Forum
Mr Johnny Kho, President, AiSP
Colleagues and Friends of the Singapore cybersecurity community
1. Good morning. I am very happy to join you this morning at the inaugural forum of the AiSP South-East Asia Cybersecurity Consortium.
2. This is a significant milestone. For the first time, cybersecurity professional associations of eight Southeast Asian countries have come together in a single event. This is not something that we take for granted. I want to acknowledge the efforts of the AiSP, as well as the Presidents and representatives of the cybersecurity associations present today, for making this a reality. Your participation is a testament of your strong support to build up a regional community of practice,
a. one whose impact goes beyond national boundaries
b. to uplift cyber professionals in the ASEAN region.
International Cooperation on Cybersecurity is Key
3. Such regional cooperation is critical because malicious cyberattacks do not respect geographical boundaries. No one country has all the necessary levers to manage cyber threats alone. To begin with, countries may not have the jurisdiction to prosecute overseas cybercriminals who are targeting their citizens. How do you reach beyond your own geographical jurisdictions to make sure that the bad guys are taken to task and held accountable? Another issue is the lack of full visibility of the details of cyberattacks that originate overseas because there are limits to your investigative abilities and how far it can reach.
a. Take SolarWinds for example. When CSA heard about the SolarWinds breach, it reached out to our international partners who were closer to the frontlines to learn more about it. This information helped Singapore better advise our Critical Information Infrastructure partners and domestic stakeholders on the necessary preventive measures to better protect themselves in the face of a known attack.
b. Our ability to work in concert across boundaries is therefore key to securing the cyberspace.
4. At the ASEAN level, we are making significant strides. For example, earlier this year, the second ASEAN Cybersecurity Cooperation Strategy was adopted during the 2nd ASEAN Digital Ministers’ Meeting (ADGMIN). Under this Strategy, which we agreed on, the ASEAN member states have committed to establish a Computer Emergency Response Team (or CERT) in recognition of the need to strengthen regional CERT-to-CERT collaboration.
Collaboration between Professional Associations is Important
5. However, Governments alone do not have all the answers for cyberspace. We need all stakeholders, including professional associations like those present today, to do your part. We have seen many laudable examples of collaboration in the industry. For instance, ISACA – which has audit expertise – worked with Cloud Security Alliance to jointly develop a certificate for cloud auditing professionals. This is the intersection of two disciplines – the discipline of being able to deploy cloud services effectively, and the discipline of auditing practices. They exist in two separate domains but thanks to your efforts, you brought them together to secure the systems. Such certification is no doubt beneficial as a form of recognition for the cyber professionals. But beyond that, it also raises the overall standards of the industry, making our cyberspace more secure and resilient.
6. I am heartened to see AiSP’s efforts in driving and coordinating regional initiatives, such as today’s regional forum, as well as the cross-border recognition of professional certifications among others.
The MOU supports Regional Capacity Building
7. Today, we will witness yet another collaboration. The cybersecurity professional associations of eight Southeast Asian countries will be signing a Memorandum of Understanding (MOU).
a. Under the MOU, members from different associations can now participate in other associations’ initiatives, benefitting from opportunities which may otherwise not be easily accessible to them.
b. The MOU also facilitates information sharing and knowledge transfer, which will be particularly helpful in emerging technologies, such as AI and Cloud Security. Essentially, you are each spreading your wings and providing one other with more cover and support.
8. At the ASEAN level, this MOU is most timely. Globally, demand for skilled cybersecurity professionals has constantly outstripped supply. With the signing of the MOU,
a. cyber professionals in ASEAN can now broaden their professional networks, tap on one another’s initiatives to learn from one another and upskill.
b. Their enhanced skills and knowledge will translate into real actions towards defending our cyberspace,
c. such that our entire region will be better equipped to handle the growing threats of tomorrow.
9. I am sure that this MOU is only a start, and that we will see more professional associations in our region stepping up to bring more initiatives to fruition.
10. Once again, congratulations on the successful signing of the MOU. Such industry collaboration in the region is an essential complement to the ASEAN governments’ existing efforts, such as the annual Singapore International Cyber Week (SICW) and ASEAN Ministerial Conference on Cybersecurity (AMCC).
11. I wish you all a fruitful exchange of ideas and an enjoyable forum. Thank you.