Thursday 29 January 2015

New Cyber Security Agency to be set up in April 2015

New agency to direct Singapore's cyber defence
Top-level body set up to coordinate IT security of 10 critical sectors
By Irene Tham, Technology Correspondent, The Straits Times, 28 Jan 2015

A HIGH-LEVEL central agency will be set up to coordinate public- and private-sector efforts to protect national systems, such as those in the energy and banking sectors, from cyber threats.

The new Cyber Security Agency (CSA), formed under and funded by the Prime Minister's Office, will oversee the cyber security of 10 critical sectors, including power, transport and telecommunications, from April.

CSA will also be in charge of developing the nation's cyber security master plan, taking over the role from the Infocomm Development Authority (IDA).

Minister for Communications and Information Yaacob Ibrahim will be the minister in charge of cyber security.

Announcing the new agency yesterday, Deputy Prime Minister Teo Chee Hean said it was important to have central oversight in an interconnected world where vulnerabilities in one sector affect the entire ecosystem.

"It is important to protect each of these sectors (and) have an overview to make sure that the interconnectivities between these sectors - and the vulnerabilities there - are also covered," he said.

The move follows attempts to bring down government websites, and the defacement of the Prime Minister's Office (PMO) and Istana web pages in November 2013. They exposed vulnerabilities and underscore the need for such a body.

The new agency will plug current cyber defence gaps, such as breaches involving obscure companies that could potentially compromise the security of citizen data, given that computer systems are more connected today.

It will be headed by Mr David Koh, 50, who will retain his position as deputy secretary of technology at the Ministry of Defence.

Mr Aloysius Cheang, Asia-Pacific managing director of global computing security association Cloud Security Alliance, said the move would remove a key hurdle: cyber security information sharing among critical sectors.

"Without sharing, countermeasures cannot be developed," he said. "The agency will provide a unified approach to cyber defence planning, watching even the weakest links in the public sector. We all know that security is only as strong as the weakest link."

At the start, the new agency will have 60 dedicated technical and policy development staff, with most to be transferred from the Ministry of Home Affairs (MHA) and IDA.

It will work with existing security set-ups by IDA such as the Cyber-Watch Centre and the Monitoring and Operations Control Centre (MOCC) to fend off attacks.

The Cyber-Watch Centre monitors critical public-sector IT installations while MOCC was set up late last year to monitor telco and government networks round the clock, and coordinate government agencies' responses to cyber attacks.

The CSA will subsume agencies such as MHA's Singapore Infocomm Technology Security Authority, and IDA's Singapore Computer Emergency Response Team.

No comments:

Post a Comment