18 December 2013 - Opening Address by Ms Jacqueline Poh, Managing Director, Infocomm Development Authority of Singapore, at the Opening of the Cyber Security Academy, 18 December 2013, 9.50am Singapore Polytechnic
Opening Address by Ms Jacqueline Poh, Managing Director, Infocomm Development Authority of Singapore, at the Opening of the Cyber Security Academy, 18 December 2013, 9.50am Singapore Polytechnic
Mr Tan Choon Shian,
Principal and Chief Executive Officer, Singapore Polytechnic
Mr Naveen Bhat,
Vice-President and General Manager, IXIA
Ladies and Gentlemen,
1. It is my pleasure to join you for the opening of the Cyber Security Academy, a partnership between Singapore Polytechnic and its industry partners, eCop, IXIA and ST Electronics (Training & Simulation).
Challenges to Security in Cyber Space
2. In today's converging infocomm and media landscape, the Internet has become a platform to launch digital attacks and cyberspace a theatre of ops for criminal activities. The attackers can be script kiddies, people who use low level and unsophisticated hacking skills, seeking thrills, hacktivists making a political point, those simply trying to steal money or even states looking to gain an edge. The lines between these actors cannot be clearly drawn as they often use each other for their own ends. They know and operate on the fundamental assumptions:
- That individuals do not know how or care enough to protect themselves until it's too late. They find it hard to trade off usability and convenience for extra safety;
- That businesses do not have the discipline or the funds to secure their digital assets even as their vulnerabilities exposure grows daily through IT dependence and outsourcing of ops. There is a saying that all companies have been probed or attacked in some way, but some just don't know it yet;
- That governments inherently find it difficult to coordinate a response among themselves and with individuals and businesses.
3. The sophistication of attacks has risen generally, as online black markets offer automated attack toolkits, zero-day vulnerabilities and hacking services to anyone willing and able to pay. The formation of cyber armies by countries in recent years further exacerbated the threat quotient given the resources and talent that states can bring to bear. State actors are believed to be behind some of the most notable Advanced Persistent Threat attacks and cyber espionage operations in recent years, such as Stuxnet and Red October to name but a few.
4. Against this context, the importance of skilled cybersecurity specialists cannot be understated. Recent events in Singapore and the world have heightened awareness of cybersecurity threats and prompted many organisations to revisit their attitudes towards cybersecurity. Just last month, threats made against the Singapore Government by hackers claiming to be part of the Anonymous collective were followed by the compromise of government websites, including several high profile ones such as those of the Prime Minister's Office and the Istana.
5. As I have mentioned however, governments are hardly the only or even primary targets of hackers. Other companies and individuals were also targeted during the recent spate of hacking incidents. A survey of companies around the world by PricewaterhouseCoopers found that over the past year, the frequency of attacks and their costs to organisations have risen by 25 percent and 18 percent respectively. Another key survey finding also noted the increasing ease with which firewalls and other forms of protection were overcame by hackers.
6. Companies have become more wary of the potential financial and reputational costs of cyber attacks. This is reflected in the anticipated doubling of our local cybersecurity market, from about 64 billion Singapore dollars in 2011 to 120 billion dollars in 2017.
7. Evidently, cybersecurity is shaping up to be a growth industry. But, and I quote Minister for Communications and Information Dr Yaacob Ibrahim, "young people do not find the job sexy." Our latest statistics show that there were only 1,200 IT security specialists here in 2012. This was less than 1 percent of the total IT industry workforce.
A Secure Cyber Environment for A Better Quality of Life
8. This underscores the importance of developing our cyber security human capital, which is a key thrust of the National Cyber Security Masterplan launched in July. Under the Masterplan, we will offer more scholarships to encourage students to specialise in cyber security and work with Singapore's IHLs to offer infocomm security courses and degree programmes. We also welcome initiatives from the educational and private sectors that will help Singapore increase its pool of cyber security professionals and upgrade their competencies to meet fast evolving challenges.
9. I am pleased, therefore to see this Cyber Security Academy take us a step forward toward this objective. First, it will cater to those new to the field, such as students and individuals seeking a mid-career change. Second, it will help upgrade the skills of existing cyber security professionals and third, it will hone the skills of companies' cyber security staff through cyber security exercises.
10. The Cyber Security Academy will be an important contributor towards nurturing more highly-skilled cyber security experts for Singapore and we hope it will inspire other initiatives in this field. But even as we strive to train more cyber security experts, this education must be accompanied by appropriate ethics instructions to ensure that they do not use their new-found skills for nefarious purposes. While many characteristics of the Internet can tempt you into thinking that it is a different sort of realm where different rules apply, Internet is far from being isolated from the physical world. In Singapore as in many countries, the authorities view computer misuse and cybercrime very seriously and hold perpetrators liable for real-world penalties.
11. In order to tackle the multifaceted threats exploiting the Internet, we must all play our part not just as service providers and educators, but also as users and role models to our loved ones. It is only by lifting awareness and encouraging positive security behaviour of all Internet users, and increasing the numbers and skills of our experts that we can increase the security and trustworthiness of our cyber environment.
12. In this spirit of collaboration, let me wish the Cyber Security Academy success and all of you a Happy Festive season ahead!
13. Thank you.