Parliament Sitting on 1 April 2019

QUESTION FOR WRITTEN ANSWER


*2707. Ms Joan Pereira: To ask the Minister for Communications and Information (a) whether the Ministry will make it mandatory for all employees in the Government and private sectors to attend courses relating to cyber security; and (b) beyond Internet separation policies, what else is being done to equip employees with the correct mindset towards cybersecurity. 

Answer:

Mr Speaker, the Government is committed to build a strong cybersecurity culture in Singapore, both in the public service and the private sector. Training our people to be aware of cyber threats, and effectively detect and respond to malicious cyber activities, is key. 

2 Within the public sector, the Government had introduced an IT security awareness programme in July 2018. It is mandatory for all public officers to complete the course by end of the year to educate all public officers of emerging cyber threats and the cybersecurity measures to take. There is also an annual Cyber Safe Cyber Ready Conference to enhance cyber awareness within the public service, and regular cyber exercises to sharpen the IT security incident response of our public sector agencies. These measures build up our public officers’ understanding of cybersecurity.

3 Within the private sector, the Cyber Security Agency of Singapore (CSA) enhances cybersecurity awareness and practices through a variety of channels, such as talks, conferences and CSA’s GoSafeOnline portal. CSA has also developed resources such as the Be Safe Online Handbook, launched in 2018, which explains what organisations should do to enhance their cyber defence capabilities such as using only authorised software, and updating systems regularly. CSA’s “Cyber Tips 4 You” programme also educates the public on four essential cyber hygiene practices to adopt – to use a strong password and two-factor authentication, use anti-virus software, update software as soon as possible and to watch out for signs of phishing.

4 Additional requirements are placed on enterprises that own Critical Information Infrastructure (CII), which are computers or computer systems supporting the provision of our essential services. All CII owners must fulfil their legal obligations under the Cybersecurity Act, including establishing cybersecurity awareness programmes for their employees, contractors and vendors, and participating in cybersecurity exercises to validate their responses to cyber incidents.

5 Mr Speaker, our cyber defences are only as strong as our weakest link. Every individual plays a critical role in safeguarding our cyberspace. The Government will continue to work with the private sector, individuals and the community to instil a strong cybersecurity culture, and strengthen Singapore’s Digital Defence. 

 


Singapore and the European Union sign Digital Partnership Press Releases Others, Cyber Security, Digital Defence, Digital Readiness, Government Technology 01 Feb 23
Online Safety (Miscellaneous Amendments) Act Takes Effect on 1 February 2023 Press Releases Digital Readiness, Infocomm Media 31 Jan 23
Speech by Mrs Josephine Teo, Minister for Communications and Information, at the Soft Opening of Punggol Regional Library on 30 January 2023 Speeches Libraries, Digital Readiness 30 Jan 23
Speech by Minister Josephine Teo at the launch of Temus's Step IT Up Programme on 26 January 2023 Speeches Digital Readiness, Cyber Security 26 Jan 23
The Korea-Singapore Digital Partnership Agreement enters into force Press Releases Government Technology, Others, Digital Defence, Cyber Security 13 Jan 23
MCI Response to PQ on Funding to Persons Providing Commentary on Social Media Platforms in Support of Government Policies Parliament QAs Public Comms, Infocomm Media 10 Jan 23