Government Technology Agency (GovTech) established the Government Cyber Security Operations Centre (GCSOC) in 2022 to bolster the monitoring and defence of Singapore government networks against cyber threats. GCSOC replaces the Cyber-Watch Centre (CWC), which was founded in 2007 and is currently staffed by sixty individuals.
GCSOC seeks to improve the security of the Government’s evolving Information and Communications Technology (ICT) infrastructure and to defend more effectively against threats. It centralises cybersecurity operations across government departments and improves security analytics by leveraging artificial intelligence (AI) and machine learning (ML) technology.
The advantages resulted from these improvements: a) Improved Detection Coverage, b) Proactive Threat Hunting, c) Faster Response Time and d) Government Cyber Security Operations Centre.
GCSOC has increased its monitoring of ICT infrastructure, such as systems and networks, to incorporate cloud-based components to increase its detection coverage and accuracy of threat attacks across the Government.
Automated methods and the use of cyber threat information to correlate threat data from many sources provide improved detection capabilities. Additionally, GCSOC collaborates with other organisations to create cutting-edge tools that help it continually improve its detection powers.
One illustration is PhishMonSG, a phishing detection programme created in partnership with the Ministry of Home Affairs that enables GCSOC to proactively scan the Internet each day for harmful websites that look like the websites of governmental organisations.
As GCSOC deploys and makes use of improved security analytics, its pool of cyber specialists is upskilled to conduct central for government agencies proactive threat hunting. As a result, GCSOC is better able to identify and respond to increasingly complex cyberattacks that would have gotten past existing defences. This helps to strengthen the overall cyber threat defence.
By offering centralised support for triage and incident investigation, GCSOC has reduced the amount of time it takes for government departments to respond to incidents. The Government IT Security Incident Response (GITSIR) team is also integrated into the GCSOC set-up to enable a more closely coordinated investigation and response workflow.
GCSOC will keep improving the detection and response capacity by enhancing agency cooperation, upskilling its pool of cyber specialists, and making investments in data analytics. Furthermore, the Cyber Security Group (CSG), a capability centre formed at GovTech, promotes a comprehensive and long-lasting whole-of-government (WOG) strategy that offers cutting-edge and futuristic cybersecurity skills.
Its task is to protect the nation’s smart systems for information and communications technology and to make Singapore a safe and secure Smart Country. Hence, they provide a broad range of technological and operational capabilities to fight growing cyber threats and implement strategies and initiatives that improve the cybersecurity posture of government agencies in a long-lasting, practical, and efficient way.
The group also collaborate with the heads of whole-of-government and Smart Nation Programmes to put safe architectures into place, and they offer cybersecurity governance and technical direction to the agencies through the Chief Information Security Officers (CISOs).
They do this, among other things, by strengthening the Singapore government’s cybersecurity defence capabilities, expanding WOG’s cybersecurity capacity and advanced engineering, cultivating talent, and involving the local communities through participation in various international competitions.
Likewise, the CSG has augmented government capabilities by engaging the greater cybersecurity ecosystem and developing industry alliances including the training for cybersecurity experts and doing research and development for cyber initiatives through an active partnership with external partners. Another is by Using different programmes to work with people in the “white hat” community and the general public.