Parliament Sitting on 1 April 2019

QUESTION FOR WRITTEN ANSWER


*2707. Ms Joan Pereira: To ask the Minister for Communications and Information (a) whether the Ministry will make it mandatory for all employees in the Government and private sectors to attend courses relating to cyber security; and (b) beyond Internet separation policies, what else is being done to equip employees with the correct mindset towards cybersecurity. 

Answer:

Mr Speaker, the Government is committed to build a strong cybersecurity culture in Singapore, both in the public service and the private sector. Training our people to be aware of cyber threats, and effectively detect and respond to malicious cyber activities, is key. 

2 Within the public sector, the Government had introduced an IT security awareness programme in July 2018. It is mandatory for all public officers to complete the course by end of the year to educate all public officers of emerging cyber threats and the cybersecurity measures to take. There is also an annual Cyber Safe Cyber Ready Conference to enhance cyber awareness within the public service, and regular cyber exercises to sharpen the IT security incident response of our public sector agencies. These measures build up our public officers’ understanding of cybersecurity.

3 Within the private sector, the Cyber Security Agency of Singapore (CSA) enhances cybersecurity awareness and practices through a variety of channels, such as talks, conferences and CSA’s GoSafeOnline portal. CSA has also developed resources such as the Be Safe Online Handbook, launched in 2018, which explains what organisations should do to enhance their cyber defence capabilities such as using only authorised software, and updating systems regularly. CSA’s “Cyber Tips 4 You” programme also educates the public on four essential cyber hygiene practices to adopt – to use a strong password and two-factor authentication, use anti-virus software, update software as soon as possible and to watch out for signs of phishing.

4 Additional requirements are placed on enterprises that own Critical Information Infrastructure (CII), which are computers or computer systems supporting the provision of our essential services. All CII owners must fulfil their legal obligations under the Cybersecurity Act, including establishing cybersecurity awareness programmes for their employees, contractors and vendors, and participating in cybersecurity exercises to validate their responses to cyber incidents.

5 Mr Speaker, our cyber defences are only as strong as our weakest link. Every individual plays a critical role in safeguarding our cyberspace. The Government will continue to work with the private sector, individuals and the community to instil a strong cybersecurity culture, and strengthen Singapore’s Digital Defence. 

 


Speech by Dr Janil Puthucheary, Senior Minister of State for Communications and Information, at the “Legislation and The Fight Against Disinformation In Southeast Asia” Conference on 27 January 2022 Speeches Infocomm Media, Others 28 Jan 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, At Techblazer Awards Ceremony on 24 Jan 2022 Speeches Infocomm Media 24 Jan 22
Opening Remarks by Mrs Josephine Teo, Minister for Communications and Information, At Gala Premiere of Clover Films’ ‘Reunion Dinner’, on 18 Jan 2022 Speeches Infocomm Media 19 Jan 22
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the 4th Cybersecurity Awards Ceremony on 14 Jan 2022 Speeches Cyber Security 14 Jan 22
Singapore and Malaysia reaffirm commitment to foster stronger co-operation in the digital and information domains to support post-pandemic recovery Press Releases Infocomm Media 13 Jan 22
MCI response to PQ on Statistics on and Outcome of Public Complaints Received Each Year Since Enactment of Prevention of Online Falsehoods and Manipulation Act Parliament QAs Others 12 Jan 22