Professor Ling San, Provost and Deputy President of Nanyang Technological University (NTU),
Mr David Koh, Chief Executive, Cyber Security Agency of Singapore (CSA),
Colleagues and friends,
1. I am delighted to join you this afternoon to officially open the National Integrated Centre for Evaluation, or NiCE.
2. The local ecosystem for Testing, Inspection and Certification (TIC) grew its roots from the 1960s. Back then, there was already recognition that the TIC industry provides an essential function. It helps to ensure that products meet stringent quality and safety standards. This builds trust, confidence, and demand for the Singapore brand. Within ASEAN’s TIC industry, a quarter of the market share is held by Singapore. Its growth has mirrored our evolution as a trade hub and centre for innovation.
3. Today, Singapore marks yet another milestone in the industry. Because of widespread digitalisation across all economic activities, cybersecurity evaluation is increasingly important. Our TIC industry must therefore strengthen its capabilities in this area. A pooling of expertise makes good sense, to expand our knowledge base and promote collaboration to tackle new problems as they emerge. CSA and NTU have collaborated to launch NiCE, which brings together both industrial and research expertise in cybersecurity evaluation under one roof. This is incidentally also a first for the TIC industry in the ASEAN region.
Fostering Trust and Confidence in Digitalisation
4. NiCE will specialise in the TIC of digital products, including Internet of Things, or IoT, devices to ensure that they are cybersecure. Some experts have already estimated that by 2025, there could be up to 64 billion IoT devices globally, or about eight IoT devices deployed for every person. Given our Smart Nation ambitions and high rate of digital adoption, we can expect the number of IoT devices in Singapore to increase exponentially as well. This is, of course, also in tandem with our push to make 5G services widely available and with its promise of reduced latency, the widespread deployment of IoT devices make even greater sense. I don’t mean to be alarmist but each of these devices could contain any number of vulnerabilities, which allow hackers to steal sensitive data, compromise privacy or even take over control to conduct cyber-attacks or cause physical impact. To guard against such risks, it is inevitable that device manufacturers respond to customer concerns through testing and certification. We are confident that as a result, cybersecurity is poised to be one of four key growth sectors for the TIC industry, the other three being medical & life sciences; food & agriculture; and environmental sustainability.
5. This means that NiCE is being born in exciting times. It will build a robust pipeline of professional practitioners for Singapore, through the new Graduate Certificate in Hardware Security Evaluation and Certification by CSA and NTU. Training will deploy the state-of-the-art facilities in NiCE. NiCE will also help businesses by promoting a security-by-design approach to product development; and for consumers, the work that NiCE undertakes will ultimately make lives better, safer and more secure. It certainly looks to me that NiCE has its work cut out, because of the fast-growing number of IoT devices to be certified secure! But its success will Page 2 of 2 also boost our local TIC industry’s capacity to reduce cybersecurity concerns over devices. This is a worthwhile goal to aim for.
Positioning Singapore as a Regional Certification Hub
6. Beyond Singapore, NiCE has the potential to go even further. By leveraging its status as ASEAN’s first such organsation, NiCE can help move Singapore closer to becoming a regional certification hub for digital products.
7. We are already taking active steps to fulfil this ambition. Since 2019, Singapore has been a Certificate Authorising Nation of the Common Criteria for IT security products. Products certified in our labs are recognised in many other economies, including the US, Japan and Indonesia. For businesses in Singapore and around the region, this means faster access to more markets at lower cost. On the consumer front, we launched the Cybersecurity Labelling Scheme, or CLS, in 2020. This has helped the public make more informed choices when buying smart devices.
8. We will continue to build more security assurance upstream. Today, I am pleased to announce the “CLS Ready” initiative, which helps developers lower the cost of assurance and achieve scalability. Under this initiative, manufacturers of common device components such as semiconductor chips need only get their products certified “CLS Ready” once, no matter how many types of devices the CLS-Ready component is used subsequently. This means that each time a device is submitted for evaluation, the CLS-Ready component that is within need not be re-evaluated. This not only saves time, but also money and effort. The net effect is a more scalable labelling process – a significant benefit given the billions of IoT devices out there. The more cost-effective evaluation process should also give businesses greater incentive to get their devices labelled at the higher assurance levels of the CLS.
9. To conclude, let me reaffirm the essential value of testing, inspection and certification industry. All of us are beneficiaries. For example, as passengers and pedestrians, we take it as a given that every model of vehicles has been certified safe for the roads. No respectable carmaker today would ever consider betraying our trust by compromising on basic safety features such as brakes or seat belts. By the same token, no company in the digital economy should consider skimping on cybersecurity. It is increasingly a worthwhile selling point, not a cost burden, to businesses.
10. I urge all our industry partners to work with NiCE and leverage its capabilities to bring your businesses forward. My warmest congratulations to everyone who has played a part in making NiCE a reality. Thank you.
|PDF version of the speech