15 January 2014 - Speech by Ms Jaqueline Poh, Managing Director, IDA Singapore, at the Opening of FireEye's Centre of Excellence, 15 Jan 2014, Wednesday, 10:30am.
Speech by Ms Jaqueline Poh, Managing Director, IDA Singapore, at the Opening of FireEye's Centre of Excellence, 15 Jan 2014, Wednesday, 10:30am
Mr Ashar Aziz
Ladies and gentlemen
1. It is a pleasure for us to be here today at the Opening of FireEye’s APAC Centre of Excellence (COE) in Singapore. I congratulate FireEye for the successful establishment of a regional headquarters for FireEye Labs to gather cyber intelligence from attacks taking place in Asia and around the globe. Such intelligence work will greatly benefit businesses in managing their cyber security challenges
Cyber Security is a Global Concern
2. Cyber security is a global concern. In recent years, cyber threats have been increasing in size, scale and sophistication. According to FireEye’s 2012 Advanced Threat Report, across industries, organisations on average are experiencing malware-related activities once every three minutes. Threat vectors are also evolving rapidly, creating increasingly complex cyber threats which can easily bypass traditional signature-based defences, such as firewalls, anti-virus, and gateways comprising the majority of enterprise networks. The widespread problems of malware aimed at disrupting individual users and, website defacement are giving way to more insidious Advanced Persistent Threats aimed at espionage, theft of data and the disruption of critical systems.
3. Attackers have also been quick to exploit new developments in technology. Whatever platform individuals and businesses adopt, we can expect cyber-criminals to follow. In recent years, mobile devices and social media have come under increasing attack. As wearable devices and smart home systems start to take off, there has been concern that these can also be hacked, as long as they involve an OS and a connection to the Internet.
4. In November last year, Singapore was faced with an unprecedented cyber threat where both the government and businesses were the targets of DDoS attempts, website and data breaches. The Singapore government responded swiftly to defend its digital assets, contain the attacks and apprehend suspects, but we are under no illusion that this is the end. We could well face more serious coordinated threats in future, in addition to the numerous ones we deal with every day. Such attacks underscore the importance for organisations to be always ready with the capability and expertise to deal with the myriad of cyber security threats, quickly detect security incidents and restore or rectify services if there is a disruption.
New Strategies required to Fight Cyber Threats
5. For these reasons, the National Infocomm Security Committee put out a National Cyber Security Masterplan 2018 (NCSM) which aims to secure Singapore’s cyber environment and strengthen its resilience against cyber threats. The Masterplan involves harnessing the government, industry as well as individuals around three key areas.
6. The first is to enhance the security and resilience of critical infocomm infrastructure (CII). This includes a CII Protection Assessment Programme to identify vulnerabilities and gaps to help strengthen Singapore’s CII against complex cyber threats. The government is also strengthening its Cyber Watch Centre and Threat Assessment Centre to improve threat detection and analytical capabilities.
7. The second focus area of the Masterplan is to increase the adoption of appropriate cyber security measures among individuals and businesses. IDA together with other government agencies and industry partners will work to raise public awareness on cyber security issues through online platforms, road shows and current affairs programmes.
8. The third focus area is to grow Singapore’s expertise in cyber security. This is critical as there is a strong need to have a ready pool of cyber security experts to help manage the new cyber environment with increasing threats and issues. To ensure that there is a pipeline of cyber security professionals, IDA is stepping up its efforts to work with educational institutions to incorporate infocomm security courses and degree programmes into their curriculum.
9. Similarly, IDA aims to work with industry partners to raise capabilities and skills of cyber security professionals in Singapore. This collaboration with FireEye to train cyber security professionals through this Centre of Excellence, is an excellent example of government and industry getting together to address cyber security challenges.
10. IDA will collaborate with FireEye in two key areas. Firstly, IDA will accredit FireEye’s manpower training programmes for expert level skills sets such as Dynamic Threat Intelligence, Detection Efficacy Analytics and Threat Response. Through the National Infocomm Competency Framework (NICF), developed by IDA and the Workforce Development Authority. FireEye plans to build up a base of more than 100 professionals through this COE to deliver cyber intelligence monitoring and incidence response capabilities. This will support customers in Singapore and around the globe. IDA will help to accelerate upskilling these professionals to expert levels. Through this collaboration, new roles such as Malware Research Analyst, Global Threat Advisory Security Consultant as well as Incident Response and Forensic Consultants will be created.
11. The second area of the IDA-FireEye collaboration is in the development of next generation cyber security solutions on its application programming interface
platform. The aim is to develop at least 10 new malware detection and prevention application tools to manage Advance Persistent Threats (APTs). This will be done by facilitating collaboration between the Institutes of Higher Learning (IHLs) and local ICT companies to build these new products and solutions for both local and regional markets.
12. Organisations are coming to the rapid realisation that they must be prepared to invest in building capability and capacity to deal with cyber security anytime, anywhere. If cyberattacks respect no borders, then defence must also be organised on a global scale. Industry collaborations with global partners such as FireEye to develop tools and intelligence that can be deployed globally will also benefit organisations in Singapore to raise their capabilities.
13. In conclusion, let me wish FireEye success and I look forward to our collaboration with your APAC Cyber Security COE.