The Singapore government wants businesses and individuals to play a bigger role in reinforcing the city’s online defences against potential threats of the future, as it unveiled a new cyber security masterplan today.
The five-year blueprint comes after two previous ones had focused on mitigating cyber threats in the public sector and protecting the country’s critical infocomm infrastructure.
Now, the emphasis will also be on companies and individuals, who are well-connected to the information grid via the island’s fast broadband networks.
The government will be reaching out to these users via the media, roadshows and other activities to raise awareness and stress the importance of adopting security measures, according to the Infocomm Development Authority (IDA) today.
The agency also said the government will work with industry and trade associations to better share threat information and promote cyber security.
The shift in focus could be down to changes in the way attacks are carried out in recent years. If the computers of corporate users or consumers are hacked into, they can be used to access other more secure networks or even as a force of “zombie” computers used to overload critical national networks.
“Cyber-attacks are also increasingly targeting small and medium enterprises or SMEs; stealing data, spreading misinformation or disrupting services,” said Minister for Communications and Information, Yaacob Ibrahim, while unveiling the new plan today.
“Social engineering attacks have also evolved from the targeting of individuals to “watering hole” attacks, which involves compromising SME websites and targeting site users,” he added.
As before, the government is keen to step up the protection of critical infrastructure. It will run regular assessments, some of which will run across various sectors in the government, to check if the country’s cyber security defences are up to scratch.
Singapore already runs two security centres – the Cyber Watch Centre and Threat Analysis Centre – to detect and analyse the type of cyber attacks that could come its way. It is also among the first countries to have Internet service providers adopt mandatory cyber security measures.
Looking to the future, Singapore expects to train and retain infocomm security experts in the country. The government hopes to increase the pool of experts – only 1,500-strong in 2011, or just 1 per cent of all infocomm manpower – by working with institutes of higher learning and industry partners.