Following the SingHealth data breach in 2018, a virtual browser that allows public healthcare professionals to safely access the Internet on their work computers has been rolled out to over 75% of the sector’s 60,000 employees. According to an update from the Integrated Health Information Systems (IHiS), the “healthcare virtual browser,” which reduces the threat of cyber-attacks, is projected to be available to practically all workers by the end of the year.
With ever-evolving and increasingly sophisticated cyber threats, we are committed to continuously improve our cyber-security posture.
– IHiS Chief Executive Bruce Liang
This is part of a cyber defence programme launched by IHiS in 2019 to strengthen the sector’s cyber defences. IHiS oversees the information technology systems of all public healthcare operators in the country. The Cyber Defence Transformation Programme was launched in the aftermath of Singapore’s largest data breach in 2018, when 1.5 million SingHealth patients’ personal information was taken, including Prime Minister Lee Hsien Loong’s.
“If we imagine loading a Web page or downloading a file from the Internet to be like receiving a letter, the server is like a decontamination room, where the letter is opened and only a picture is taken and sent to the recipient,” Mr Gan had said.
The virtual browser allows public health employees, including nurses and doctors, to use their work computers to access the Internet via servers that are tightly controlled and monitored. This reduces the chances of computers obtaining and running harmful files from the internet. Before the 2018 cyber-attack, the Ministry of Health (MOH) had been experimenting with the browser, according to Mr Gan.
Public healthcare Computers and devices are cut off from the Internet outside of the virtual browser and specific zones covered by wireless networks for secure Internet surfing. Following the SingHealth data breach, this precaution was applied across the public healthcare sector and is currently in place.
Mr Gan went on to say that the virtual browser might be the ideal option for individuals who need intranet and Internet access on the same device. More than 190 initiatives under the Cyber Defence Transformation Programme have been completed, according to IHiS, with another 70 in the works.
Since 2019, the number of cyber-security measures for public healthcare has increased, according to the agency. “More projects are being planned to improve our cyber-defence capabilities,” IHiS CEO Bruce Liang remarked.
OpenGov Asia reported, the Cyber Security Agency (CSA) has launched a series of tool kits for enterprises, which guide cybersecurity issues tailored for senior business leaders, owners SMEs, as well as employees. The new toolkits help to simplify cybersecurity and enable businesses to make more informed trade-offs between security, system usability and cost.
The toolkit for enterprise leaders and SME owners will focus on the business reasons for business leaders and SME owners to invest in cybersecurity, such as rationalising investment in cybersecurity, and how fostering a culture of cybersecurity would enable enterprises to reap the benefits of digital transformation.
The cybersecurity toolkit for employees is intended for enterprises to “plug and play” as an employment programme for raising awareness and conducting cybersecurity training. The content addresses the most common cyber threats faced by employees such as phishing, as well as weak cybersecurity, practises such as using compromised and weak passwords. It will also encourage employees to learn about cybersecurity to stay cyber safe at work as well as in their private life. This is crucial as employees are the first line of defence and key to any enterprise’s cybersecurity.
The government of Singapore’s commitment to fostering a ‘strong spirit of innovation,’ bolstered by technological advancements and a reconfiguration of global supply chains, is inextricably linked to its ability to learn from these silent but deadly campaigns to which businesses in the country are not immune.
Combatting the next generation of cyber-threats is not about building walls around our businesses and critical organisations.