Since Singapore’s Cybersecurity Strategy was officially announced by Prime Minister Lee in October 2016, the Cyber Security Agency of Singapore (CSA), the lead government agency for the strategy, has been working hard to establish the groundwork. CSA signed a Memoranda of Understanding (MOU) with Nanyang Polytechnic (NYP) and Singapore Institute of Technology (SIT) in November 2016 to train and develop cybersecurity talent through a co-developed curriculum, internship opportunities and R & D projects. Yesterday, CSA released its key findings from their first Cybersecurity Public Awareness Survey [1]. While seven in 10 respondents agree that every individual has a role to play in cybersecurity, not all of them practise safe cybersecurity measures.
Close to three in five respondents were extremely concerned about the security of their financial and personal information. However, the findings revealed that there is room for improvement when it comes to cyber hygiene awareness and practices.
Room for improvement on cyber hygiene practices
Although most respondents seemed to be aware of the need for strong passwords – 86% said they used a combination of letters, numbers and symbols in their passwords (Chart A) – one in three does not manage their passwords securely, for instance by storing their passwords on their computer or writing them down (33%), or using the same passwords for work and personal accounts (31%)[2] (Chart C). In addition, one in three either did not enable Two-Factor Authentication (2FA) when the option was available, or was unsure about it (Chart B).
While there is widespread use of cloud storage services, and devices such as mobile devices, USB drives and external hard disks, 41% admitted to not conducting virus scans on these devices and files before opening them, as they found it either too time-consuming or deemed it as unnecessary (Charts D and E).
About one third of respondents indicated they did not install security applications in their mobile phones. The main reasons were that they did not see the need for mobile security, felt that it took up too much storage space or that there were too many options to choose from (Chart F).
Coupled with the finding that more than six in 10 respondents connected to open, non-password protected Wi-Fi networks in public places, whether or not they were familiar with the networks, the survey suggested that many may not realise that these practices may pose substantial risks to the security of their personal information.
Interest to learn more about cybersecurity
A majority (67%) of respondents expressed interest in learning more about cybersecurity, particularly in areas such as ways to protect and prevent data from unauthorised access and/or threats, more reminders on good cyber hygiene practices, and cybersecurity education for the youth and elderly.
To demonstrate how cybersecurity can be easy to adopt in our everyday lives, CSA launched its first “Live Savvy with Cybersecurity” campaign on 11 February 2017 with a roadshow at Toa Payoh HDB Hub held on 11 and 12 February 2017. Close to 16,000 visitors from all walks of life thronged six interactive activity zones where they learned more about cybersecurity threats and gathered tips on improving their cyber hygiene through fun quizzes and games.
Mr. David Koh, Chief Executive of CSA, commented: “I am encouraged that a majority of the respondents recognise that everyone has a role to play in cybersecurity and many expressed an interest to learn more about it. We will continue to explore ways to reach out to people with the necessary cybersecurity resources and information, so that they can take ownership of their cyber hygiene and support Singapore’s journey to become a Smart Nation.”
[1] A total of 2,000 respondents aged 15 years and above were surveyed between July 2016 and August 2016. The sample is representative of the Singapore population by gender and ethnicity, and is distributed across age and housing type.
[2] Selected questions are multiple response questions – which means a respondent can choose more than 1 option. Hence figures may not always add up to 100%.
For the full findings of the Cybersecurity Public Awareness Survey, visit here.