Welcome Remarks by Mr Lim Chuan Poh, Chairman, National Infocomm Security Committee, at the Information Security Seminar 2012

11 July 2012 - Welcome Remarks by Mr Lim Chuan Poh, Chairman, National Infocomm Security Committee, at the Information Security Seminar 2012 on Wednesday, 11 July 2012, 9.00am at The Resorts World Convention Centre (West Ballroom)

Welcome Remarks by Mr Lim Chuan Poh, Chairman, National Infocomm Security Committee, at the Information Security Seminar 2012 on Wednesday, 11 July 2012, 9.00am at The Resorts World Convention Centre (West Ballroom).

Dr Yaacob Ibrahim
Minister for Information, Communications and the Arts

Mr Wally Lee
President, Association of Information Security Professionals

Ms Shirley Wong
Co-Chair, Cyber Security Awareness Alliance

Distinguished guests

Ladies and gentlemen,
1. Good morning. It is my pleasure to be here to welcome all of you to the Information Security Seminar today. This event is held annually to discuss infocomm security issues and promote greater understanding of key infocomm security challenges facing us. Let me express my appreciation to our distinguished speakers and guests, many have flown in from overseas to attend this event. I would also like to thank all of you from the public, private and people sectors, who are users or providers of infocomm security services and solutions, for participating in the seminar today.

Strengthening the Security of Our Cyber Environment

2. The theme for this year's Information Security Seminar 2012 is "Strengthening the Security of Our Cyber Environment". We have chosen this theme to emphasise the continual need to advance cyber security collaboration and capability development in an environment where information and communication technologies are now pervasive. According to McKinsey Global Institute, two billion individuals are now connected to the Internet and ITU has also reported that the number of active social media users has surpassed the first billion in 2011. Many of these users are connected to the social media using their mobile devices. This is an eight-fold increase compared to the year 2000, where there were only 250 million Internet users globally. Social media, as we know it today, did not even exist then.

3. In this rapidly evolving cyber world, Singapore must therefore be well prepared to harness the benefits of the change while mitigating against the cyber threats. This can be achieved only through sustained efforts in public,  private and people sector collaboration in strengthening the resilience and robustness of our infocomm infrastructure, developing key security capabilities and stepping up our efforts in public education and outreach.

Singapore Approach in Infocomm Security

4. In Singapore, the infocomm security policies and strategic directions at the national level are carried out through the National Infocomm Security Committee (NISC). This is a multi-agency platform that also seeks to balance economic and security considerations on info and cyber-security related issues.

5. Through the NISC, a multi-agency effort led by the Infocomm Development Authority of Singapore (IDA) has put in place the Infocomm Security Masterplan or ISMP. This plan encapsulates Singapore's strategy in maintaining Singapore as a secure and trusted hub for Government, organisations and the public.

6. Under the first ISMP from 2005 to 2007, the emphasis was on providing the public sector with capabilities to mitigate against emerging cyber threats. These capabilities include the Cyber Watch Centre and Threat Analysis Centre that serve to enhance the security of the infocomm environment for Government agencies.

7. Building on the lesson and success of the first masterplan, the second Infocomm Security Masterplan or MP2 was launched in 2008, again involving the public, private and people sectors. In developing MP2, emphasis was placed on adopting a more inclusive and consultative approach that factor in the needs and priorities of the different sectors recognising the old adage that the chain is only as strong as the weakest link especially in the interconnected cyberspace.

The Importance of Cyber Security

8. According to Symantec's 2011 State of Security Survey, 92 per cent of the 3,300 worldwide respondents reported losses from security incidents that include downtime of services, theft of employee's identity information and theft of intellectual property. When quantifying the financial impact of security incidents, 20 per cent of small and medium-sized enterprises and larger enterprises were found to have incurred at least US$100,000 and US$270,000 in damages respectively.

9. Government agencies were also targets of cyber attacks. In 2011, McAfee reported a five-year targeted operation that was stealing secrets and intellectual property from government agencies in countries like the United States and Canada. It would not surprise us that other countries may have secrets stolen and are still unaware of them. These reports show that cyber attack is a clear and present danger for any society and economy and we simply cannot be complacent in our security efforts.

10. This is why we have to invest in appropriate infocomm security measures to protect our systems and valuable information assets even as and especially when we seek to leverage infocomm technology to catalyse innovation, enhance our organisational or business efficiency and effectiveness. Of course, the operative word is "appropriate". For, in implementing or adopting cyber security measures, it is important also to strike a balance between security risks and process efficiency and productivity. This is a balance that we all have to constantly and continually strike, in a timely and responsive manner, and in a very disciplined way.
11. In addition to system-based security measures, there is also a need to inculcate personal responsibility in adopting good and sensible practices that help users stay safe and reduce their risks in the cyber space for themselves and their organisations. For example, when we were young, our parents used to remind us not to talk to strangers. In cyber space, the equivalent mantra will be don't click on any email or attachments that you don't recognise.


12. To conclude, even as Singapore's strategic capabilities have developed over the years, we should continue to work diligently, collaboratively and be committed in our efforts to protect the cyber environment. It is only through concerted and sustained efforts that we are and will be able to mitigate massive cyber threats effectively.

13. On this note, I wish all of you a rewarding and fruitful time at the Information Security Seminar 2012.

14. Thank you.