Dr Janil Puthucheary, Senior Minister of State, Ministry of Communications and Information, made an opening speech at the inaugural Infocomm Media Cybersecurity Conference on 25 January 2018.
The speech focused on two main topics around cybersecurity, a trusted, secure, and resilient connectivity infrastructure and the collaborative effort between government and industry to better secure connectivity infrastructure.
He said that “The way for progress has not just been about new computer powers or technologies. It has been about increasing acceleration around our connectivity infrastructure and technologies that we have.”
He added more are coming – 5G, narrowband Internet-of-Things (NB-IoT) sensor networks, among others and with this connectivity, comes a need for cybersecurity.
As soon as a device is connected, it raises the cyber threat, and opportunities for vulnerabilities and penetration also increase. Cybersecurity, in a way, is a consequence of how connectivity drives this current wave of transformation.
Government and industry collaboration to better secure connectivity infrastructure
He continued that collaboration between government and telecommunication industry players is key and that the government have made important progress on this area. In 2015, IMDA launched the Infocomm Singapore Computer Emergency Response Team (ISG-CERT) to respond to cybersecurity threats within the telecommunication and media sectors. In 2018, IMDA revised the Telecommunications Cybersecurity Code of Practice (TCS-CoP) to ensure that they can apply best practices from the industry to the telco space.
He announced at the conference -IMDA will develop a multi-year roadmap to build the cybersecurity capabilities of Singapore’s telecommunication operators through the formation of the Telecom Cybersecurity Strategic Committee (TCSC). This Strategic Committee is a partnership between government and the industry to better secure connectivity infrastructure, involving global cybersecurity experts and key telecommunication operators in Singapore.
The TCSC will identify challenges, as well as key telecommunication technologies and market developments that will shape the cyber threat landscape.
The Strategic Committee will publish a strategy report and outline a roadmap for telecommunication operators to develop cybersecurity capabilities. It will include recommendations for new initiatives such as capability development, technology innovation, regulation, and international partnerships.
Resources to address cybersecurity risks
IMDA has also introduced new reference resources to help telecommunications operators address immediate cybersecurity risks on two fronts.
The electronic Know Your Customer guide (EKYC), specifies IMDA’s regulatory requirements to help ensure the secured online verification and performance of eKYC solutions deployed by mobile operators. eKYC solutions are products or solutions which acts as the interface between different business models as one customer moves from bank, to telco, to insurance company; from government. to retail. There are different products, platforms, and businesses, but the same customer. eKYC solutions help to stitch all these various products together and generate a relationship for the customer and also a relationship between the businesses.
The IoT Cyber Security Guide – will help instil confidence in the use of IoT systems. This guide will list recommendations, provide checklists, assist users to secure IoT systems against unintentional and malicious threats for the acquisition, operation and maintenance of the systems.
IMDA is exploring possible trials using quantum key distribution technology with industry partners to help foster a greater understanding on the implementation of more advanced forms of encryption.
“We need to think what are the capabilities we need to think about these problems. What are the technical skills we need to develop, and what are the technological capabilities in terms of investments to put in place to keep pace with these types of opportunities. These risks are always changing and evolving” he said.
Cybersecurity is a collective responsibility
Dr Janil Puthucheary continued that collective responsibility is key in order for to stay ahead, government and private sector. Telco operators are the backbone of connectivity, but it is also their business. If there is a significant risk, part of that risk is directly to their business model and to their business opportunities
“Individuals also need to play their part as well and participate in that collective responsibility. Often, some of the risks and threats associated with cybersecurity are not about the technology software or hardware, but it is about human behaviours and vulnerabilities that they bring.”
He concluded by saying that Individuals have to play their part to secure technological platforms and networks to make sure that cybersecurity is something that the country as a whole is actively maintaining.