Be aware of scammers impersonating as IMDA officers and report any suspicious calls to the police. Please note that IMDA officers will never call you nor request for your personal information. For scam-related advice, please call the Anti-Scam helpline at 1800-722-6688 or go to

Towards A Secure And Trusted Infocomm Environment

17 April 2007 - Keynote Address By Mr Peter Ho, Head of Civil Service And Chairman, National Infocomm Security Committee At The Infocomm Security Seminar 2007, Singapore Management University.

Keynote Address By Mr Peter Ho, Head of Civil Service And Chairman, National Infocomm Security Committee At The Infocomm Security Seminar 2007 on 17 April 2007, Singapore Management University.

Dr. Vivian Balakrishnan, Minister for Community Development, Youth and Sports and Second Minister for Information, Communication and the Arts,
Ladies and Gentlemen,
Good morning.

The Goverment's Journey in Infocomm Security

1. In 2005, we launched the Infocomm Security Masterplan, which aimed at defending our critical infrastructure from cyber attacks, and maintaining a secure infocomm environment for government, businesses and people in Singapore. Two years into the Masterplan, I am pleased to announce that we have reached a significant milestone today. We have completed on schedule the development of all public sector projects. What this means is that the Government's systems and services are even more resilient and robust than before. This in turn strengthens Singapore's reputation as a leading e-government and a trusted hub, which is critical to the continued growth of Singapore's economy.

2. We have come a long way. It was the threat of Y2K that drove home the need for infrastructure protection. Back then, the National Computer Board as the national IT authority was charged with preparing Singapore for the Y2K roll-over. Old systems had to be replaced with Y2K-compliant ones, and affected software programmes had to be converted. On top of this, National Computer Board ran a national awareness campaign to educate the industry, private sector organisations, and members of the public on the Y2K problem. As a result of all these efforts, Singapore crossed into the new millennium without a hitch. It was an early attempt by the government at coordinating a nation-wide contingency planning exercise for the national infocomm infrastructure.

3. Since then, our infocomm security capabilities have improved significantly. While the principle of preparedness for potential disasters such as Y2K still applies, Singapore's approach to infocomm security is more holistic today. For example, under the Infocomm Security Masterplan, we have not only enhanced our capability to secure Singapore's infrastructure and services, but we have also improved our situational awareness of cyber threats and contingency planning.

4. I will now briefly describe some of these capabilities developed under the Masterplan.

Security Capabilities Developed

5. One capability that we have developed is the ability to assess and benchmark the security health of the public sector. We have developed a security health scorecard that allows agencies to assess their security health, and identify the areas for improvement.

6. To further ensure a robust infrastructure within the government, we need security assurance for the infocomm products deployed in the public sector. To achieve this, we have additional measures in place to evaluate the various infocomm products that we employ.

7. In addition to securing our infrastructure and services, we maintain our vigilance through the National Cyberthreat Monitoring Centre. The 24x7 Cyber-WatchCentre went ‘live’ last month to achieve real-time security monitoring round-the-clock. With the Centre up and running, we can now better anticipate cyber attacks so that an appropriate response can be taken before threats escalate.

8. In the event of any service disruptions, agencies need a sound business continuity plan in place to minimise such disruptions. We have developed a framework to measure the level of readiness among public-sector agencies in resuming operations. This will improve government agencies’ ability to ensure the reliable provision of government services to the public.

9. In the soft aspects of security, significant progress in the area of security awareness and outreach has also been made under the Masterplan. For instance, about two-thirds of the government users have fed back that they are sufficiently aware and are able to adopt essential security practices. Public sector officers are also encouraged to obtain security certifications, particularly those involved in security-related functions.

10. Extending our security efforts beyond the public sector, we have completed a feasibility study and are now in the process of developing the National Authentication Framework, which will enable a common strong authentication experience for both businesses and consumers. This effort will help boost online confidence and generate greater growth opportunities for businesses.

Public-Private-People Partnership

11. Now that I have shared with you some of the security capabilities developed under the Infocomm Security Masterplan, I would like to urge all agencies to think about what this really means to your organisations, and how you can benefit from it.

12. As Minister Balakrishnan has emphasised, we need to work together to keep Singapore’s infocomm environment secure. Every infocomm user has a role to play, such as the adoption of security practices in their online activities, and in their daily contact with infocomm devices. In the public sector, we have a responsibility to set an example to the rest of the nation by working together and by adopting a pro-security mindset.

13. Collaborative efforts between the public, private, and people sectors within our nation will always be vital. As Minister Balakrishnan has also mentioned, Singapore must work with the international community to combat cyber threats, because cyber threats respect no borders. It is a ceaseless effort for us to constantly evaluate and improve our security capabilities in response to new and evolving threats.

14. With this, I urge everyone to press on towards raising the standard of infocomm security in Singapore, and I look forward to your continued commitment and contribution.

15. I wish all of you a fruitful seminar.