Working with citizens and businesses to embrace digital transformation
Mr Chairman, as technology becomes part of our lives, we need to strengthen our digital readiness and cybersecurity. We must ensure that all Singaporeans have access to the tools and knowledge to benefit from technology; and that workers and businesses will thrive in a cyber-secure environment.
Ensuring that all Singaporeans have access to the tools and knowledge to benefit from technology
2 Several Members have expressed concerns about segments of our society that may be slower or less likely to benefit from our digital transformation journey.
3 We must ensure that the benefits of digitalisation are enjoyed by all. Digital readiness is a whole-of-nation effort. It requires the combined effort of Government, businesses, and the community.
4 Last year, we launched the Digital Readiness Blueprint and set up a Digital Readiness Council. The Council will provide strategic direction, guide the implementation of our digital readiness initiatives, examine the needs of the community in terms of digital inclusion, literacy and participation. Importantly, we have received significant support from the wider community and businesses to serve on the Council and its working committees.
5 Our efforts can be categorised into the areas of digital participation, digital inclusion, and digital literacy.
6 For digital participation, we will launch two new initiatives, to mobilise organisations from the private, people and public sectors to drive digital readiness efforts, and bring more citizens on board the digital readiness movement.
7 First, the Digital Participation Pledge is a voluntary, online pledge to encourage organisations to promote digital participation and inclusion. The primary focus is on businesses, and already 270 organisations from a wide range of industries – not just the tech industry, not just the online industry, but any industry that can make use of these digital technologies – have done so and pledged their commitment to expand their digital readiness efforts. Our target is to have 3,000 organisations on board this Pledge by 2021.
8 In another round, also for digital participation, but focusing on the community, we have partnered with MCCY to create Our Singapore Fund for Digital Readiness. This encourages community efforts to promote digital readiness, and enlarge the social commons – the non-profit sector around digital readiness. Projects can receive funding of up to $20,000, to support up to 80% of project costs.
9 Moving on to Digital Inclusion, and to answer Mr Cedric Foo, Ms Tin Pei Ling, and Ms Rahayu Mahzam about how we are helping everyone benefit from technology - Digital inclusion requires access to technology, as well as the skills and knowledge to use it safely and confidently.
10 We have organised over 90 Digital Clinics since 2017. Those digital clinics were by appointment, or irregular, adhoc, and often organised together with events. To provide this as a permanent service to residents, we launched the Tech Connect service at eight community centres last November. This service provides residents with personal assistance in a language they are comfortable with, on how to use digital devices and applications like Facebook and WhatsApp, so that they can connect with friends and family, build stronger social networks, and use technology in everyday aspects of their lives. They can also seek help for very practical issues, like how to reset a password. This service will be rolled out to all community centres progressively, as a permanent service.
11 We are encouraged by the large number of seniors who have picked up basic digital skills through our Silver Infocomm Initiatives. Collectively, our Silver Infocomm Initiatives have reached over 270,000 seniors.
12 To Mr Ong Teng Koon’s query on how we are ensuring that that digital connectivity remains affordable, the Home Access Programme and the NEU PC Plus programme provide subsidised infocomm devices and internet access to low-income households. To date, more than 70,000 households have benefitted from these programmes. This type of effort is not new. These sorts of programmes have existed as public sector programmes since 1999 – for more than 20 years – trying to find ways to make sure that the vulnerable, the lower income households that will benefit from that type of connectivity, will have access to the connectivity, as well as the devices to make use of that connectivity. And we have different programmes depending on whether or not there are school-going households.
13 In addition, MCI is working with IMDA and PA to run a pilot programme for elderly residents in MacPherson and Radin Mas constituencies. We plan to provide 200 residents who do not have mobile devices or internet connectivity with data-equipped smartphones. Grassroots volunteers will provide guidance, to help residents build skills and confidence in using this technology. This is part of a study to find out how we can encourage and support the adoption of digital technology among the digitally less ready.
14 Ms Lim Sun Sun asked how we can help individuals acquire the necessary skills, and ascertain what competencies are needed to function effectively in the digital economy. Her questions address the third component of Digital Readiness, after Participation and Inclusion, which is Digital Literacy. IMDA has developed a Basic Digital Skills Curriculum to ensure that citizens can pick up these skills in a structured manner.
15 The skills identified in the curriculum correspond to everyday activities, with an emphasis on prevailing technology trends such as the use of e-payments and mobile applications. The curriculum is being offered as a one-day course. Those who are keen to pick up Basic Digital Skills at their own pace can also do so online at the IM Silver portal. We will periodically refresh the curriculum and curate relevant content for seniors, taking into account emerging trends, and feedback from stakeholders.
16 In the longer term, we are also developing an information and media literacy framework that pulls together relevant information, media and cyber literacy skills that Singaporeans need to use social media and digital technology responsibly and safely. The framework will spell out a set of desired outcomes, and include content guidelines for programme owners to reference. We aim to roll it out later this year, and to refresh it regularly.
17 Mr Vikram Nair, Mr Darryl David and Ms Rahayu Mahzam asked how Singaporeans can navigate an increasingly complex cyberspace, given the threat of deliberate online falsehoods (DOFs), cybercrime, and cyber-attacks. Technology offers us greater convenience and connectivity. But it can be stressful to navigate the complex web of websites, apps, and services. Online threats worsen anxiety, reduce trust and undermine public confidence in institutions. This threatens national security. We have seen this happen in other countries. Singapore is not immune.
18 A well-informed and discerning public is Singapore’s first, and most important line of defence against online threats. The Government is improving public education to tackle the serious and pervasive problem of deliberate online falsehoods (DOFs). For example, the National Library Board’s Source. Understand. Research. Evaluate. (or S.U.R.E.) programme raises awareness of the dangers, and how to discern fake news. MOE’s New Media Literacies toolkit supports teachers’ efforts to help students navigate the digital environment. This includes learning how to detect falsehoods on social media, and how to interact responsibly with others online. Over the past two years, organisations like the Media Literacy Council has also supported ground-up projects to help the public become better informed media consumers through its Better Internet x Youth Call-for-Proposals.
19 To educate citizens and businesses on good cyber hygiene, CSA launched a cybersecurity awareness campaign in May 2018, called “Cyber Tips 4 You”. It reaches out to businesses on good cybersecurity practices through a variety of channels, such as talks, conferences, and an online portal called “GoSafeOnline”. CSA and IMDA are also working with schools, to help students pick up essential cybersecurity knowledge, and learn to effectively protect themselves from an early age.
20 We have launched Digital Defence as the sixth pillar of Total Defence. Like our battle against terrorism, we need everyone to play their part. That means being secure, alert and responsible online.
21 There are five things we can all do, including members of this House, to make vigilance against DOFs and good cyber hygiene a matter of personal responsibility. I will take this opportunity to remind all:
a. Please don’t post or forward dubious information, without checking
b. Use a strong password and two-factor authentication
c. Install, use, and update antivirus software
d. Update software as soon as possible
e. Watch out for signs of phishing.
22 These 5 practices go a long way to help all of us guard against fake news, and stay safe online.
Helping workers and businesses to thrive in a cyber-secure environment
23 Mr Vikram Nair asked how we assess the cybersecurity of our government systems. A safe and trusted cyberspace is essential for Smart Nation. This includes strengthening partnerships between the Government and industry, to achieve a higher level of collective cybersecurity. We will need the combined efforts of our stakeholders – industry, academia, and the community – to achieve this.
24 One of the many ways we can do this is through the Government Bug Bounty Programme. From December last year to January, 400 “white hat” hackers – “white hat” hackers are people who have hacking skills and use them for positive reasons, for good, as compared to “black hat” hackers who are doing so for criminal reasons – took part in the Government Bug Bounty Programme, organised by GovTech and CSA. They have “stress-tested” the defences of five Internet-facing government systems, and identified 26 vulnerabilities – all of which have been remediated.
25 This process raised our cybersecurity standards. We gained insights into potential attack vectors, better secured our web applications, and improved our mechanisms for patching vulnerabilities effectively and comprehensively. Seven out of the top 10 awarded bounty participants were from Singapore. I am happy to see our local cybersecurity community contribute to improving the security of our systems. We will conduct more of such programmes in the future. And I hope some of the participants have applied for jobs here at CSA.
26 Mr Teo Ser Luck asked about our targeted efforts to seize new opportunities in the digital economy. Cybersecurity is an area of economic opportunity that complements Singapore’s existing strengths – strong connectivity, a digitally savvy workforce, and a reputation for trust and transparency. A strong cybersecurity ecosystem will provide expertise and solutions that contribute to a more resilient digital infrastructure.
27 We are helping cybersecurity start-ups scale, and establish their credentials through the Innovation Cybersecurity Ecosystem at Block71 (ICE71), which brings together a community of entrepreneurs, investors and corporate partners. This community has done well since its launch last year. It has reached out to more than 50,000 people through various events. We are starting to see a growth of local cybersecurity start-ups.
28 One such company is The Cyber Assembly, a home-grown start-up that connects people to cyber skills through an active learning cyber range, bootcamp programmes, and even a mobile game called “What the Hack”. ICE71’s Scale programme provided opportunities for Mr Ng Pan Yong, the company’s founder, to connect with the right audience, and grow his business.
29 In September 2018, CSA launched an Industry Call for Innovation to catalyse the development and adoption of innovative cybersecurity solutions. CSA received more than 70 proposals to develop solutions for 10 cybersecurity challenge statements. In 2019, the Government will expand the Call for Innovation into the Cyber Security Innovation and Growth Programme to support local cybersecurity companies to create innovative and relevant cybersecurity solutions, to meet the changing needs of industry.
30 Mr Low Thia Kiang asked how we are meeting Singapore’s cybersecurity manpower needs. Building a strong cybersecurity workforce is important – not only for the development of our cybersecurity industry, but also for our national security.
31 As our world becomes more connected and new cyber threats emerge, demand for cybersecurity talent has grown exponentially. Across the public and private sectors, the total number of jobs for cybersecurity professionals tripled from 2012 to 2017, to 5,300. At the same time, the actual number of cybersecurity professionals in employment quadrupled, to 4,900, or about 3 per cent of the ICT workforce. We expect the strong demand for cybersecurity professionals to continue.
32 Our agencies are working closely with each other, and the cybersecurity ecosystem, to strengthen the pipeline of cybersecurity professionals; deepen their skills and technical expertise; and improve the career progression and recognition for the professionTo meet industry needs, IMDA and CSA drive targeted efforts under the TechSkills Accelerator (TeSA) initiative. This includes the Cyber Security Associates and Technologists Programme (CSAT), which develops and upskills fresh and mid-career professionals for cybersecurity jobs through on-the-job training. Eight companies have committed to develop more than 900 professionals by 2021. In addition, over 3,000 individuals have benefitted from 50 cybersecurity courses supported under TeSA’s Critical Information Technology Resource Programme (CITREP+).
33 To attract, develop and retain cybersecurity practitioners in the public sector, CSA works closely with GovTech and other agencies to build a core of cybersecurity specialists who will be deployed across agencies to support the Government’s cybersecurity needs.
34 Mr Douglas Foo asked how we are developing products that contribute toward a safe and trusted cyberspace for Singapore. As part of MCI’s work to ensure our standards and regulations support the growth of the digital economy, we have made progress in building a strong cybersecurity standards regime in Singapore.
35 I am pleased to announce that this has resulted in Singapore attaining the status of a Common Criteria Certificate Authorising Nation as of January 2019. This Common Criteria is the de facto standard for cybersecurity product certification around the world. So today, 30 nations, including Singapore, are part of the Common Criteria Recognition Arrangement (CCRA) for the mutual recognition of certifications. But not all countries are authorising nations where you can produce the product. There is an ecosystem of 30 countries that recognise this, but we have now attained the status of an authorising body to produce the product and extend it globally.
36 Being a Certificate Authorising Nation allows local companies to develop globally -recognised products within Singapore. There are estimated cost and time savings – because you do not have to send your product overseas for evaluation or bring the testers and evaluators here to Singapore. We can do it all within our economy –It is a step towards becoming a regional hub for product evaluation and certification. We are attracting global evaluation laboratories to anchor their operations in Singapore. These developments will accelerate Singapore’s exports of world-class cybersecurity products, and create good jobs for Singaporeans.
37 To encourage SMEs to build more secure products and adopt Common Criteria certification, we have new SecureTech track under the Accreditation@SG Digital programme. This Accreditation@SG programme helps local SMEs to improve their business practices, engage with the local community, and be considered by government agencies for procurement of their products.
38 Digital transformation is not about hardware or software. It is about citizens, workers and businesses who innovate, utilise, and benefit from these technologies.
39 Our efforts spanning digital readiness and cybersecurity will help these important stakeholders, so that we can embrace the potential of a common digital future together.