28 October 2015 - Speech by IDA Assistant Chief Executive, Mr Khoong Hock Yun at CloudAsia 2015 at Suntec City Convention Centre, Wednesday, 28 October 2015, 9:30am – 9:50am.

Speech by IDA Assistant Chief Executive, Mr Khoong Hock Yun at CloudAsia 2015 at Suntec City Convention Centre, Wednesday, 28 October 2015, 9:30am – 9:50am.

Mr William Liu, Chairman of the National Cloud Computing Advisory Council
Mr Howie Lau, President Singapore Computer Society
Ms Shirley Wong, Chair, Singapore Infocomm Technology Federation

Keynote speakers,
Distinguished Guests,
Ladies and Gentlemen,

Good morning

1. I once again warmly welcome you to this year’s edition of CloudAsia. This marks our 12th year, and the third year running in conjunction with Cloud Expo Asia. I am also pleased to welcome you to Data Centre World Asia, as well as to the co-located first ever Cloud Security Alliance APAC Conference on Innovation. Every year I am heartened to see more new faces attending and eager to learn more about the power of the cloud.

2. Every year, we continue to see tremendous growth in cloud computing as more enterprises discover the benefits of moving to the cloud, such as its nimbleness, ability to scale rapidly and pay-per-use model offering cost savings to enterprises. 

Cloud Computing for a Smart Nation

3. Cloud computing is here to stay, and it will play a key role in Singapore. By now, many of you would have heard about our Smart Nation push. This is a massive undertaking which will take years to achieve. But a large portion of this will be enabled and underpinned by the cloud.

4. Smart Nation is our vision to bring together people, policy and enterprises to work collaboratively, co-create our future and overcome challenges from impending megatrends, such as ageing populations or urban density, through tech. IDA’s role is to ensure backbone infrastructure – including cloud – is ready and capable for this tech-enabled future.

5. We must therefore push forward in laying this groundwork across various portions of the tech sector. Let me give you two of these thrusts today in the cloud ecosystem and data landscape. 

Encouraging the Data Landscape

6. Big Data’s growth and the potential it unlocks via insights and new innovations are also part of our Smart Nation plan. However, private datasets discovery continued to be difficult. To facilitate dataset discovery between potential data users and willing private sector data providers, we launched our Data-as-a-Service (DaaS) pilot last year. 

7. Today, 25 data providers are participating in the DaaS pilot, with about 70 datasets ranging from real estate to mobility patterns. We encourage more companies to come forth, participate and offer feedback to enhance the platform. IDA’s pavilion has several of these dataset providers who can assist interested attendees in learning more on how to unlock the power of datasets. We are also looking for more dataset providers to explore how potential aggregation of multi-company data could occur.

8. Because the impact and benefits of leveraging Big Data touches the life of all citizens, IDA is committing to raising awareness and competency in data literacy. For instance, tomorrow we will be announcing the winners of our first Data-Driven Innovation Challenge for institutes of higher learning. Started in July, the challenge spurred students to contribute ideas on how data can be used to provide insights into challenges by developing data mashups, games and undertaking analysis. 5 IHLs with 37 participants squared off, and I invite you to attend the results happening here in this theatre tomorrow morning before the plenary sessions. 

9. The general public have also responded positively to our Data 101 series of outreach sessions. Over 1,000 participants attended the 20 talks held at the National Library Board between January and November. These talks ran the gamut of business and technical data-related topics by industry experts such as Mr Lincoln Teo (DP Info) and Mr Mike Davie (DataStreamX), discussing topics including  harnessing the power of APIs and the mashing up of data to create enriched services. We are gearing up for the next series of talks scheduled to start in January. If there are particular areas which you are interested to learn more about, we are open to hearing from you.

10. Fostering clarity between data users and dataset providers continues to be one of our main goals to help the sector grow. One challenge, for example, is how to select quality datasets from among several similar-looking datasets. This is especially when private sector data providers require a fee upfront for access to their datasets. 

11. Data Quality Metrics TR One way is via our Data Quality Metric (DQM) Guidelines. These metrics help dataset providers measure if a dataset is reliable, has proper relevance, accessibility and so forth. This can then be reflected when they list a dataset for use. Users will have a foundational base of comparison between similar-looking datasets from distinct providers. I am pleased to announce that together with the Information Technology Standards Committee (ITSC) we have turned the DQM Guidelines into a Technical Reference, TR41. It is now available from the Singapore Standards eShop. 

12. Dataset Versioning Guidelines We are also aware that the speed at which datasets will be utilized is exponentially rising – eventually to near-real-time speeds. Similarly, the need to keep datasets updated with the latest pieces of data must keep pace. This means up-to-the-second dataset updates requires coherent versioning methodologies. Together with the ITSC, we are turning our Dataset Versioning Guidelines released in February into a TR as well and are forming a working group to do this. 

Cloud Security with MTCS

13. Let me now turn to our second big thrust I wish to focus on today, the cloud ecosystem. Security continues to be one of the largest impediments to cloud adoption. A January 2015 survey from the Cloud Security Alliance (CSA) revealed that an overwhelming 82% of IT professionals in Asia Pacific continue to regard cloud data security as an executive-level concern.

14. IDA identified this concern early on in our work for the cloud ecosystem, which is why we launched the world’s first Multi-Tier Cloud Security (MTCS) Singapore Standard at CloudAsia 2013 to help users gain clarity over security provisioning by CSPs. 

15. MTCS’s main strength lies in its flexibility. It keeps security controls comprehensive and stringent as a strong baseline for any sector to adopt. Yet, its multi-tiered approach also allows enterprises the adaptability to choose the security level they need. Additional sector-specific considerations can be placed on top as required.

16. Since the launch, a total of 21 cloud services both large and small, such as Microsoft Azure, Amazon Web Services, and Inspire-Tech’s EasiShare have been certified, providing a wide range of certified cloud services targeted for both enterprises and SMEs. 

17. MTCS Updated To ensure continued relevance; we have now refined and clarified several portions of the standard after two years of deployment. We have actively sought industry feedback, and these refinements include clarifying forms of security assurance, configuration security, tighter audit procedures and control requirements. In commemoration of World Standards Day 2015, the refined MTCS SS 584:2015 edition will be offered at 20% off till 13th November. 

18. SaaS Seeing Good Takeup In June 2015, IDA launched the “Support for Cloud-enabled Certified Secure SaaS” (SUCCESS) programme. This partnership with MTCS-certified IaaS’s has the IaaS providing incentives and assistance to independent software vendors (ISVs), in exchange for the ISV obtaining MTCS certification. Within these short five months, one SaaS has completed certification and another five are in the pipeline. This is an encouraging sign as more SaaS move to adopt the MTCS standard.

19. To benchmark our Singapore standards, and enable industry players worldwide to leverage on them, we have also harmonized MTCS with international security standards and schemes. They are the ISO27001 and CSA Open Certification Framework (OCF). This effort allows CSPs certified to either MTCS or these international benchmarks to quickly cross-certify themselves, aligning the global ecosystem to a set of common languages and standards. 

20. We also seek to ensure that MTCS can be used to provide assurance for personal data in public clouds. I am pleased to share that IDA, in collaboration with Microsoft, has just completed a Gap Analysis Report mapping MTCS to the recently released ISO27018 standard. This establishes a code of practice for CSPs to protect Personally Identifiable Information (PII) in public clouds acting as PII processors.  

21. The report identifies several areas which MTCS-certified CSPs must additionally meet if they wish to comply with the requirements of ISO 27018. Examples include adhering to the privacy principle on Purpose Limitation and enabling cloud customers to fulfil their obligations to cooperate with the rights of data principals. Interested parties may download this from the IDA website from today. We will soon produce the Implementation Guide and Audit Checklist as well. 

Cloud Ecosystem Growth

22. Government adoption of public cloud services such as EnVision (a cloud based video hosting and streaming service) continues to be healthy. The cloud services bulk tender has 7 MTCS-certified CSPs providing public cloud services to government agencies. Consumption of public cloud services is ahead of the polled demand. Likewise, the consumption of EnVision services by 24 agencies and schools is exhausting the second EnVision bulk tender.  We have already issued a fresh bulk tender last month, to be awarded in January 2016.  

23. Private sector support of cloud has continued to gain traction, and as such I am proud to announce as well that the Singapore Computer Society (SCS) is upgrading their Cloud Special Interest Group to a full Chapter. Formed five years ago, this establishes a firm footing to support more professional activities.

24. IDA has also embarked upon a collaboration with SCS to jointly develop a Body of Knowledge (BOK) in cloud computing, which will form a basis for designing training courses, certification, as well as continuing professional development.


25. For Singapore’s Smart Nation future, we will continue our endeavours to build assurance and trust for cloud users, while benefiting CSPs at the same time. We continue to welcome any and all feedback, and our commitments through initiatives such as MTCS and DaaS.SG are our testament to that. 

26. On this note, I wish you an enjoyable and fruitful time at the conference. Thank you.

Last updated on: 13 Mar 2023