Singapore is set to see in influx of fresh talent in the area of operational technology (OT) cyber security under a new government initiative aimed at mapping out the job roles, technical skills and core competencies required in the sector.
The Cyber Security Agency of Singapore (CSA) launched its Operational Technology Cybersecurity Competency Framework (OTCCF), which is designed to provide a foundation upon which Singapore can attract and develop talent for the emerging OT cyber security sector in the country.
OT cybersecurity talent development is one of the key thrusts under Singapore’s OT Cybersecurity Masterplan. The CSA Academy has been providing customised intermediate to advanced training courses in cybersecurity areas – including OT – that are not readily available in the market to the Government and Critical Information Infrastructure (CII) sectors.
OT system owners, including those from CII sectors and OT training providers currently take reference from the Skills Framework for ICT under SkillsFuture Singapore (SSG) to identify skills gaps and develop training plans.
Not only does the OTCCF map the job roles, technical skills and core competencies that are in need, it also captures the possible career pathways, showing the options for vertical and lateral progression. Under the plan, OT and IT system owners can refer to the OT cyber security capabilities required to attract the right people, train them adequately and map out their career pathways.
The OTCCF aims to guide key stakeholders in the following ways:
- OT and IT system ownerscan refer to the OT cybersecurity capabilities required to attract the right people, train them adequately, and map out their career pathways;
- Training providerscan refer to the technical competencies required by different job roles and be guided to develop best-in-class courses and certifications that cater to local training needs; and
- OT professionals or potential job seekerscan identify skillsets for cross- and up-skilling for a meaningful career in the OT cybersecurity domain. The career pathways could apply to job roles inclusive of vertical and lateral advancement opportunities.
With the increased connectivity between IT and OT systems, the demand for job roles requiring competencies in both IT and OT domains has correspondingly increased. While the existing Skills Framework for ICT provides an overview of job roles, possible career tracks and technical competencies for cyber security professionals, it caters primarily for the ICT workforce.
More granular breakdown of the OT cyber security capabilities and technical competencies is required to cater to the training needs of the OT engineers in terms of coverage and applicability, as training providers in the market find it difficult to roll out best-in-class certifications and courses that encompass different OT industry sectors without a reference to the common skillsets.
Additionally, CSA Academy has begun engaging stakeholders from the Institutions of Higher Learning and selected CII owners to garner their feedback for an upcoming OT Train-The-Trainer (OT TTT) programme. The CSA Academy will also be rolling out a series of roadshows to engage organisations on how they can adopt the OTCCF based on their business needs.
To respond to cyber threats to help strengthen regional cyber-security capabilities, Singapore has recently established a new centre for ASEAN member states to collaborate on research, knowledge sharing, and training, as reported by OpenGov Asia. ASEAN, which has made progress in coordinating and strengthening its cyber efforts, needs to build on this momentum to deepen regional and international partnerships in the cyber-security realm, according to Minister for Communications and Information.
The ASEAN-Singapore Cybersecurity Centre of Excellence (ASCCE) also aims to improve member countries’ cyber-security strategy development, legislation, and research capabilities. It is mentioned that cyber-attacks can occur at any time and have a devastating impact that can cripple critical systems and cause mass chaos. Regional efforts to strengthen cyber security will thus provide the region with more trust and assurance.