The State of IT Automation: New Pressures Invite New Opportunities Read Report

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies and agree to our Privacy Policy.

Products

See How You Can Achieve IT Operations Excellence

Resolve Actions Automate everything from simple tasks to complex, multi-step processes with robust, cross-domain automation built for the enterprise.
Automation Exchange Explore our cloud library of more than 5,000 IT automation components deployable in minutes to orchestrate automated processes
Resolve Insights Explore our award-winning Insights platform to see how you can streamline IT operations, improve performance, and reduce MTTR.
Integrations Explore integrations with hundreds of popular IT solutions and see how you can finally achieve a single pane of glass.
Solutions
Automation Accelerator Packs™

Automate your top IT use cases within days

Solutions Overview Discover how to accelerate time to value with purpose-built solutions for every IT function.
IT Operations Management Automate infrastructure provisioning, testing, incident resolution, proactive maintenance and more!
Network Operations Management See why Resolve is trusted to execute millions of automations every day on the most complex networks on the planet!
IT Service Desk Management Automate service desk requests, change management, and incident management — and power self-service options and chatbots!
Cloud Operations Rapidly Migrate to the Cloud, Auto-remediate Server and Application Issues, Deploy and Provision Systems, and Optimize Resources to Manage Costs
Autodiscovery & Dependency Mapping Get full-stack visibility into complex infrastructure, automate dependency mapping, and ensure your CMDB is always accurate.
Customers
Resources
5 Ancient IT Fly Menu Featured Resource

5 Ancient IT Processes to Automate Away for Good

Resource Center Explore analyst reports, webinars, eBooks & case studies to accelerate your IT automation journey.
Video Library Watch demos of our product capabilities, customer testimonials, and more.
Blog Get our take on the latest developments in IT operations, automation, ITSM, and more!
Podcast Tune in to Intelligent Automation Radio for insights on the impact and opportunities for innovation that automation delivers.
Training Become a Resolve expert with our online training offerings.
Partners

See How You Can Achieve IT Operations Excellence

Partner Program Explore Resolve's partner program and see how we can work together to help IT teams succeed.
Find a Partner Explore our awesome ecosystem of resellers, distributors, service providers, & technology partners.
Integrations Explore integrations with hundreds of popular IT solutions and see how you can finally achieve a single pane of glass.
About Us
Exciting News!

Resolve Actions Goes SaaS!

Meet Resolve Get to know us! Learn about Resolve's roots and meet our leadership team and board members.
News Explore our latest news articles, announcements, and press releases.
Events Meet up with the Resolve Automation Ninjas virtually at an upcoming event.
Careers Join our team of automation fanatics and explore current career opportunities!
Contact Us Want to get in touch? We'd love to chat.
Try Free Now
Request A Demo
Products

See How You Can Achieve IT Operations Excellence

Resolve Actions
Automation Exchange
Resolve Insights
Integrations
Solutions
Automation Accelerator Packs™

Automate your top IT use cases within days

Solutions Overview
IT Operations Management
Network Operations Management
IT Service Desk Management
Cloud Operations
Autodiscovery & Dependency Mapping
Customers
Resources
Featured Resource

5 Ancient IT Processes to Automate Away for Good

Resource Center
Video Library
Blog
Podcast
Training
Partners

See How You Can Achieve IT Operations Excellence

Partner Program
Find a Partner
Integrations
About Us
Exciting News!

Resolve Actions Goes SaaS!

Meet Resolve
News
Events
Careers
Contact Us
Try Free Now
Request A Demo
  • Home
  • Blog
  • Highlights of the Singapore Cybersecurity Bill

Highlights of the Singapore Cybersecurity Bill

Highlights of the Singapore Cybersecurity Bill
September 17, 2017 • Resolve Staffer

If China is defensively guarding the continent’s cybersecurity, then Singapore is, by contrast, sticking to the offensive playbook for the “smart” win.

A bill in Singapore is aiming to charter significant territory toward achieving a globally minded Smart Nation, which Prime Minister Lee Hsien Loong says will lean on a key cornerstone: a fortified cybersecurity ecosystem.

Singapore Parliament against the city skyline

Singapore is upholding its new post at #1 on The Global Cybersecurity Index (GCI) 2017; proffering its latest CyberSec bill to the public for review.

Since rising above the USA and taking the number one spot on the Global Cybersecurity Index (GCI) 2017, the world is watching to see if Singapore can continue commitment to cybersecurity without infringing on corporate or citizen privacies.

2017 Cybersecurity bill timeline

  • The Singapore Government established the CSA in 2015
  • The Singapore Government published a national cybersecurity strategy in 2016
  • A centerpiece of that strategy is the introduction of a new overarching law to strengthen and empower Singapore’s existing legislative framework and pave the way for the CSA to address current cybersecurity challenges
  • Spring 2017 the government birthed the Data Innovation Programme Office (“DIPO”) as well as a data sandbox programme. DIPO is developing a progressive data regulatory environment, helping small to medium enterprises adopt data analytics and guide the launching of data sharing initiatives. The data sandbox will allow for safe-mode big data experimentations by different regulatory authorities
  • The omnibus bill is now in the public consultation stage. After which, it will be read in Parliament, debated and amended as necessary before being passed into law
  • Parliament passage is expected by this year’s Q4 end or the beginning of Q1 2018

The right to protect

Some are concerned the bill—if accepted into law—may affect anyone who administers commercial or social activities on so much as a moderate scale. A significant portion of the cybersecurity bill focuses on “protecting computer systems.”

Systems which, according to our previous article, are very vulnerable for many countries.

“The threat from hackers is real,” explains Eugene Kaspersky, CEO of Kaspersky Labs. He warns infrastructure authorities have to build cybersecurity controls at every level of the infrastructure to narrow their exposure to large-scale attacks.

The sweeping legislation in queue for Singapore is now at the mercy of public consultation, where a coalition of cybsersec industry groups—including the U.S. Chamber of Commerce; BSA | The Software Alliance; and the Information Technology Industry Council—hope clarification on what “protecting critical information infrastructures (CII)” entails, will be articulated.

In other words, “if, in the absence of a designation from the Commissioner [of Cybersecurity], an organisation has a responsibility to determine for itself whether it owns any CII,” is the common query, according to a separate article in Lexology.

The CII designation is a classified label, under Singapore’s Official Secrets Act.

Cybersecurity bill goals

  1. Empower the Cyber Security Agency of Singapore (CSA) to defend against cyber threats.
  2. Introduce regulations for CII
  3. Establish SOP for sharing cybersecurity information, integrating with CSA
  4. Instilling a “light-touch” licensing framework

Three letters for cybersec providers: CII

As it stands CIIs of interest thus far are businesses [located partially or exclusively in Singapore] that provide technology services, including SaaS or PaaS, or cybersecurity services, such as endpoint security or threat detection services.

The following providers are advised to be cognizant of the obligations under this Cybersecurity Bill:

  • Cybersecurity services that are non-investigative: design, solutions, event monitoring and advising
  • White Hat Sec Ops: forensics and Security incident response

Vendors for self-install cyber protection don’t fall under the CII provision thus far, rather, would continue to follow obligations under the Personal Data Protection Act.

“The CSA’s chief, formally known as the Commissioner for Cybersecurity, can issue a written notice to designate your computer system as a CII. The Commissioner has the power to request for technical or other information on your computer system before making a CII designation.”

A computer system will be designated as a CII if it is necessary for the continuous delivery of essential services in Singapore. These sectors have been identified as essential: government, security and emergency, healthcare, telecommunications, banking and finance, energy, water, media, land transport, air transport and maritime.

Resolve Systems, an enterprise-wide incident response, automation, and orchestration platform recently opened an APAC regional headquarters in Singapore that provides Security Incident Response technology to organizations helping them to stay in compliance with the legislation. Read more in the recent press release here.

A modicum of Sec Ops industry growth

According Foo Tsiang-Tse, the managing director of Quann, a Singapore-based cybersecurity vendor:

”[National infrastructure] vulnerabilities could emerge from lack of comprehensive security strategy that encompassed all network layers, applications and devices.” He adds cybersecurity “should include network design and integration, optimisation, and management. Scalability, in particular, was critical, he said, adding that public safety features should be available as software upgrades, so networks could support future requirements.”

To learn more, read Resolve Systems’ white paper: Security Incident Response Needs a Unified Platform.

Resolve Systems is a vanguard for addressing the entire Security and IT framework: Security, IT Ops, Service Desk and NOC. We are unparalleled in providing flexible and customizable automation orchestration options.

The Singapore legislation allocates certain roles for notifying the government of a security breach to make sure companies are responding to cybersecurity incidents efficiently. To be compliant with the legislation, every CISO will need an efficient security incident response plan in place to notify the Commissioner of Cybersecurity and to resolve all security incidents. Though notification of a breach will be mandatory, Singapore companies are responsible for their own incident response. Resolve Systems is the global leader in security incident response automation and orchestration. With a single platform for CISOs and SOCs to see all security threats, Resolve will help teams expedite response.

To learn more, come see a live demo at our booth 19-21 at Govware 2017.

Follow Our RSS Feed

Resolve-Staff

About the Author, Resolve Staffer:

This post was written by one of the awesome contributors on the Resolve team.

Recommended Reads

The Rise of the Cognitive NOC and the Role of IT Process Automation

The Rise of the Cognitive NOC and the Role of IT Process Automation

Find out how the Cognitive NOC has become the driving force in network management.

Read Now
What Is the Network Operations Center (NOC): A Brief Overview

What Is the Network Operations Center (NOC): A Brief Overview

How to make your NOC performance reach its full potential.

Read Now
Getting Out of the 2010s Era of Alarm Avalanches

Getting Out of the 2010s Era of Alarm Avalanches

Leverage a scalable approach to alarm management by allowing technology to do the work.

Read Now
footer-background
Do IT Better, Faster with Resolve Request Free Trial