In January this year, the Cyber Security Agency of Singapore (CSA) formed an Industrial Control Systems (ICS) Community to create an information exchange of cybersecurity related matters in a trusted domain. Sector regulators and Critical Information Infrastructure (CII) operators from the Energy, Water. Maritime and Land Transport sectors have joined the community.
This is to improve the community members’ understanding of ICS cybersecurity issues and encourage the adoption of sound and pragmatic protection practices. With the right knowledge, expertise and attitude, all members can reap the full benefits of being a part of the Community. Most of the sectors rely on ICS to ensure the smooth operation of CIIs.
One of the key initiatives from the ICS community is to establish a set of localised ICS Protection guidelines that are applicable to Singapore’s ICS environment. With these guidelines sector regulators and operators will be able to step up the cybersecurity preparedness of the ICS Community and ensure the smooth provision of essential services.
CSA targets the guidelines to be ready by the end of 2017 for dissemination to CII operators via their sector regulators.
The work being done by the CSA with the ICS community was revealed by by Mr. Teo Chee Hean, the Deputy Prime Minister (DPM) of Singapore, and Coordinating Minister for National Security at the 2nd Singapore International Cyber Week (SICW) opening ceremony on 19 September.
Protection of CIIs is a core focus area for the proposed Cybersecurity bill in Singapore, which was released for public feedback in July 2017. It provides a framework for the regulation of CII and formalises the duties of CII owners in ensuring the cybersecurity of their respective CIIs.
Supra-national CIIs
DPM Teo also talked about “supra-national Clls” in his speech. These include global payment systems, port operations systems, and air-traffic control systems.
“We can coordinate our efforts to conduct regular exercises to validate our collective ability to respond to threats against supranational Clls, working across countries and sectors. Singapore is a strong advocate of global efforts such as the Global Forum for Cyber Expertise, where we actively contribute to cyber capacity building in our region,” he said.
He highlighted the recognition of the need for ASEAN leaders to adopt basic norms for responsible use of ICT by the AMCC. Beyond ASEAN, Singapore has been working closely with partners in the Forum of Small States to foster a more inclusive and cross-cutting conversation on norms. Singapore has also joined the management board of the Global Commission on the Stability of Cyberspace (GCSC). The Commission is initiated by two independent think-thanks, The Hague Centre for Strategic Studies (HCSS) and the EastWest Institute (EWI). DPM Teo described it as a key platform for Singapore to collaborate with our international and ASEAN partners.