The Cyber Security Agency of Singapore (CSA), in partnership with the Global Forum on Cyber Expertise (GFCE), announced the creation of a GFCE Southeast Asia Liaison starting this month, at the Singapore International Cyber Week 2022 (SICW) which kicked off on Tuesday.
The Liaison will connect the region with GFCE member nations and organisations, including GFCE Liaisons and Hubs, in other parts of the world.
This is part of Singapore’s efforts to strengthen the global cyber security architecture with a multi-stakeholder approach.
In her SICW conference opening remarks, Singapore’s Minister for Communications and Information, Josephine Teo, said there was a need for a strong global cyber security architecture to address the increased global cyber challenges.
“Strengthening the global cyber security architecture will require a multi-stakeholder approach,” Teo said.
She added that this could be achieved not only by making sure that there were platforms for discussions and consensus-building, “but to also hear all stakeholders give voice to their perspectives and concerns”.
“We also believe that this approach helps to minimise the spill-over of geopolitical tensions into the digital domain by keeping open channels of communications, and building shared expectations and norms on behaviour," Teo said.
Since 2016, Singapore – together with regional and extra-regional partners – has been running cyber capacity building programmes in the cyber technical, operational, policy and diplomacy streams for Asean senior officials under the Asean Cyber Capacity Programme and Singapore’s S$30 million Asean-Singapore Cybersecurity Centre of Excellence (ASCCE) which was established in 2019.
The GFCE Southeast Asia Liaison will connect the region and ASCCE’s existing efforts more closely with the efforts of other GFCE member nations, a CSA spokesperson said.
This closer integration of the region and the GFCE through the Liaison was expected to facilitate the exchange of best practices and “foster a deeper understanding of the region’s cyber capability gaps”, as well as ensure better coordination of cyber capacity building efforts amongst the region’s stakeholders and more efficient use of resources to close these gaps.
CSA will sponsor the Liaison for two years, from 2022 to 2024.
CSA and the GFCE are currently shortlisting suitable candidates for the position, and the Liaison is expected to begin duties in early 2023.
Internet hygiene
As part of its efforts to improve the security infrastructure, CSA has also launched an Internet Hygiene Portal (IHP), an initiative under Singapore’s Safer Cyberspace Masterplan 2020.
The IHP serves as a one-stop platform for enterprises, providing them with easy access to resources and self-assessment tools so that they can adopt internet security best practices in their digitalisation journey.
The IHP also provides visibility on the cyber hygiene of digital platforms, by publishing an Internet Hygiene Rating table with a simplified view of each digital platform’s internet hygiene.
This is aimed at helping consumers make informed choices to better safeguard their digital transactions from cyber threats.
CSA said as Singapore builds up its digital economy and more businesses go online, cyber threats such as ransomware and phishing will remain major concerns.
Many enterprises, particularly small and medium-sized enterprises (SMEs), lack awareness and/or have low adoption of internet security best practices to safeguard their domains, websites, and email servers, CSA said in a statement.
This puts customers of these companies at risk because their data and details of their transactions with the company may not be properly secured, it added.
The IHP supports enterprises via a three “A”s approach: enhance Awareness by providing guides on internet hygiene standards and best practices, facilitate Assessment via the self-initiated ‘health check’ tools for email, website, and internet connectivity; and lastly, promote the Adoption of internet security best practices.
CSA will also publish an Internet Hygiene Rating table on a regular basis.
For a start, CSA is featuring 10 popular enterprises in the e-commerce sector.
The internet hygiene rating is based on the average adoption of internet security best practices, which were curated by CSA and are common globally recognised baseline internet standards and security controls.
These include important internet security protocols such as: HTTPS to secure website communications between parties, DNSSEC to prevent DNS spoofing, hijacking, and cache poisoning, and DMARC which enhances email security by preventing email spoofing.
