Singapore - The Regional Hub for Infocomm Security

Khoong Hock Yun, Assistant Chief Executive, Infocomm Development, IDA Singapore - Speech Launch of Security Chapter, Father Flanagan, Chijmes ...

Khoong Hock Yun, Assistant Chief Executive, Infocomm Development, IDA Singapore - Speech
Launch of Security Chapter, Father Flanagan, Chijmes

Singapore, 22 January 2003

Good evening,
Mr Stephen Lim, SITF Vice Chairman
Mr Piti Pramotedham, Security Chapter Chairman
Ladies and Gentlemen,

Introduction

At the turn of this century, the promise of the New Economy was great economic growth and prosperity.  Then the bubble burst. The 911 incident and last year's Bali's incident brought us to a new level of fear and insecurity. Reading today's papers, we often end with a feeling of despair. But in face of such threats, it is all the more important that we strive to protect ourselves from attacks.   

Although technology does not solve all of our problems, we can at least use it as an instrument to deter attacks on us as security issues often looms over all of us.  This can be seen with the increase in the number of security incidents over the years.  From 2000 to 2001, the number of security incidents, including website attacks, malicious viruses and network intrusions, jumped 200% worldwide topping at 52,000¹. Singapore is a highly connected society. Over 57% of our households have Internet connections and about 1 in 3 Singapore residents aged 10 years and above are broadband users. We have over 76% mobile penetration. We are a telecom hub. Our response to the threat situation is not to go off line - that does not solve anything - but to increase our awareness of the threats and to understand the potential methods to protect ourselves and to deter such attacks.

A simple virus can crash an entire organisation's network and servers if sufficient security measures are not put in place.  Threats to Infocomm security can now be carried out by less sophisticated users with the proliferation of hacking and denial-of-service software that come with clear instructions.  Against the backdrop of recent cyber-terrorism threats, spending by the CIOs is expected to focus on protective security software like intrusion detection software, besides the immediate post 9/11's focus on backup and recovery.  All these underscore the vulnerabilities of our organisations' systems, and the importance in ensuring that stringent security measures are enforced so that our security will not be compromised. 

The increasing need to be "connected to the Internet" and for "mobile connectivity" has given to the compelling need of suitable security measures.  In other words, the need to open and connect to the Internet, and the provision of remote wireless access to the enterprise resources has created a dichotomy where on the one hand, the organisation needs to allow for more flexible access; and on the other hand, it requires to have a stronger support of security policies and systems to ensure that the important Infocomm systems containing material and impactful information are well protected from unauthorised access.

Growth Potential of the Infocomm Security Industry

Making the net safer for all of us has significant public and economic benefits. It allows the power of the Internet to add to our productivity improvements and raise our quality of life. It also makes direct business sense.  IDC² has projected a 34% growth from 2001 to 2006 for Security Solution in Asia Pacific (excluding Japan).  Besides the security software, security services³ are also increasingly considered as an important and strategic sector in the IT industry, spurred by the need of the user organisations. 

A recent survey among professionals in 34 countries by META group also reinforced the findings above.  The survey has suggested that security investments would increase with 55% of companies spending 5% or more of their IT budget on security by the end of 2003.  IDC has also forecasted that IT security and business continuity spending will double in size grow from US$66billion in 2001 to US$155billion in 2006.⁴ The spending is expected to be split almost evenly amongst infrastructure, business continuity and information security.

In Singapore, we are ranked 6th in terms of the size of security software turnover in the Asia Pacific.  In 2002, the security software industry represented 8% of Singapore's software revenue.   

Hence, Singapore should leverage this opportunity to acquire new security capabilities and develop the necessary security solutions and services to meet our own needs and the needs of the international market.   

Towards Becoming the Regional Hub for Infocomm Security

To protect ourselves against the security threats, first, we must be aware of the threats.  Secondly, we must have solutions and skilled security professionals who are able to assess, and manage our security tools and systems.  Thirdly, we need to have some ways to adopt best practices in our security measures to ensure that they are of global standards.    

We are thus heartened that the Singapore IT Federation (SITF) has taken the lead to form the Security Chapter.  The Chapter will provide a common platform where the security companies based in Singapore can collaborate on a non-competitive basis with the ultimate objective to develop and promote the security industry in Singapore, to build up local security capability, and to create more awareness in security issues. 

Their various initiatives including the CEO Learning Labs and Security Competency Training to increase awareness of the top management and decision makers on security threats and issues; the security competency training that will be put in place to raise the security skills set of Infocomm security practitioners and consultants to ensure that they will be able to guide us along to prevent attacks; the Code of Professional Practice and the Product Security Evaluations will ensure that not only our security professionals abide to a code of professional practice, but our security solutions also adhere to a common certification criteria.   These will go a long way in ensuring that best practices and standards will be adopted both the practitioners and security solutions providers.

Conclusion

The road ahead will be challenging as the environment that businesses are operating in are continuously changing, and at a rapid rate.  The security threats that organisations face may become increasingly nebulous and difficult to detect.  But it is in our own interest to make sure that we are well equipped to handle them.  This is an opportune time to tap on this growth, and develop the necessary security solutions and services to meet our own needs and the needs of the international market. Our strong legal and business infrastructure has helped to reinforce our reputation as a secure and trusted hub, and our strength in services makes Infocomm security an area that Singapore can excel in.  Together with the various initiatives by the SITF's Security Chapter, Singapore can be a secured Infocomm hub and a regional Infocomm security hub. 

At this point, I wish the Chapter all the best in their initiatives and their future plans.  Thank you. 

Footnotes

¹ Source: Carnegie Mellon University's CERT Coordination Center
² "Asia Pacific Security Solutions Market Spending Dynamics", IDC, 2002
³ Security services encompass security assessment, auditing, consulting, penetration testing, resource provisioning, disaster recovery, security framework planning and security architecture
⁴ Source: "IDC Finds IT Security and Business Continuity Market Poised to Double in Size by 2006", IDC, Oct. 2002.