13 April 2011 - Opening Address by Mr Lui Tuck Yew, Minister for Information, Communications and the Arts at the Information Security Seminar, Grand Copthorne Waterfront
Opening Address by Mr Lui Tuck Yew, Minister for Information, Communications and the Arts at the Information Security Seminar on 13 April 2011, 9.05am, Grand Copthorne Waterfront
"Charting New Frontiers, Information Security As An Enabler"
Mr Gerard Tan
President, Association of Information Security Professionals
Ms Shirley Wong
Co-Chair, Cyber Security Awareness Alliance
Ladies and Gentlemen,
1. Good morning. I am pleased to join you today at this year's Information Security Seminar. Today, we also celebrate the inaugural Cyber Security Awareness Day in Singapore.
Infocomm Security Climate
2. The proliferation of computers is visibly apparent in Singapore, with over 84 per cent of households having access to a computer at home, and over 82 per cent of households with Internet access at home today. Many have jumped on the social networking bandwagon, but not all of us realise that cyber attacks use social networking to gain access to sensitive corporate and personal information. In this regard, end-users have become a critical component in the security equation and are often our first line of defence against these malicious activities.
Singapore's 1st Cyber Security Awareness Day
3. To augment and strengthen cyber security awareness and adoption in Singapore, various outreach efforts are carried out throughout the year. One example is today's Information Security Seminar. This seminar is also made more significant as it marks the inaugural Cyber Security Awareness Day in Singapore. Championed by the Cyber Security Awareness Alliance, the aim is to raise infocomm security awareness and remind everyone of the need for personal responsibility in adopting simple and secure online practices, such as having stronger passwords. It is encouraging to note that we have received more than 300,000 pledges from the people, public and private sectors, each pledging to change their passwords to stronger ones. To some present here, you may think this is an obvious practice, but there can be many who do not realise the usefulness of this simple preventive measure.
4. The Cyber Security Awareness Alliance also maintains a portal, www.gosafeonline.sg, to further promote and inculcate safe infocomm practices. I encourage users to visit this one-stop resource centre to learn how to stay safe and secure online.
Continuous Effort to Secure Singapore's Cyberspace
5. Last year, the Symantec State of Enterprise Security Study found that 75 per cent of all enterprises have experienced cyber attacks in the past year, and 41 per cent of these attacks were effective in compromising systems. We have also seen entire nations and critical infrastructure being targeted, either through Distributed Denial-of-Service attacks, like the recent cyber attack on South Korea, or worms such as Stuxnet, which targeted control systems for power distribution. In fact, just last month, the European Union reported that the Commission and External Action Service was under a cyber attack on the eve of a summit in Brussels. Users were asked to change their passwords in response to this attack.
International Collaboration and Outreach
6. In view of the cross-border nature of cyber threats, we have been holding regular exchanges and sharing information with our international counterparts. This is part of the Government's efforts to develop our nation's infocomm security capabilities and to enhance cyber security situational awareness. We had recently signed two collaborative agreements between the Infocomm Development Authority (IDA) and its counterpart agencies in Japan and the Republic of Korea. Such arrangements will enable our countries to share early and pertinent information about cyber threats, undertake joint development and training in enhancing technical capabilities, as well as enhance the security of our respective national infrastructure.
Securing Singapore's Internet Infrastructure
7. Over the years, the Singapore Government has invested heavily in securing our critical systems to support key public services. As part of the Infocomm Security Masterplan, initiatives such as the Cyber Watch Centre have greatly enhanced our capability to detect malicious attacks and allow us to take pre-emptive actions to limit the business impact resulting from security incidents.
8. To further safeguard Singapore's position as a secure and trusted hub, IDA issued a Code of Practice in February this year to designated Internet Service Providers (ISPs). The Code mandates that ISPs will have to develop new capabilities to manage current and emerging cyber threats by ensuring that the right processes are in place. With this Code in place, the ISPs are required to participate in information sharing, which will allow them to adapt their defences accordingly.
Infocomm Security Masterplan 2 Mid-Term Review
9. The key security capabilities developed under the first Infocomm Security Masterplan have served us well. The Cyber Watch Centre, the Association of Information Security Professionals, or AISP, and assessment of our critical infocomm systems in key sectors, are just some examples. Building on the first masterplan, the Infocomm Security Masterplan 2, or MP2, was developed with the aim to continue to enhance our capabilities to deal with the evolving cyber threat landscape. The earlier mentioned Code of Practice and collaborative agreements are part of MP2’s initiatives.
10. Over the past nine months, IDA has engaged key stakeholders from the public and private sectors to undertake a mid-term review of the Masterplan, the reason being that we want to ensure the MP2 stays relevant and capable of securing our national infrastructure. Allow me to share key findings of the review.
11. One outcome of the review shows that there is a need to develop an over-arching national level view of the state of security across key economic sectors, so that enhanced situational awareness of cyber threats can be attained. MP2 will further expand upon our ability to safeguard sensitive corporate and personal information through a risk mitigation approach, to allow organisations to thrive in the face of evolving cyber threats.
12. There is also the need to emphasise on developing capabilities, to provide a pipeline of highly trained security professionals and practitioners. This can be done through partnering local universities and setting up advanced research programmes or centres. There should also be capacity building of all personnel in the area of infocomm security, for better informed decision-making. Finally, we need to focus on enhancing information sharing between organisations. Information security rarely affects a single organisation, and having more information about the latest threats affecting other organisations can only make us more prepared.
Conclusion
13. In conclusion, infocomm security is a shared responsibility, and all of us have a role to play in engendering a secure infocomm environment for Singapore. The Cyber Security Awareness Day serves as a timely and important reminder to be personally accountable for infocomm security. We must have a strong foundation to leverage on infocomm security as a strategic enabler for Singapore's economic prosperity.
14. On this note, I wish you a fruitful seminar. Thank you.
Related Materials:
.webp)