Singapore has set up a new Telecom Cybersecurity Strategic Committee (TCSC) to develop a plan to tackle 'next-generation cyber threats' in the telecommunications sector.

The committee is expected to publish a strategy report and outline a roadmap for telecommunications operators to develop cybersecurity capabilities later in 2019. The report and roadmap will include recommendations for new initiatives such as capability development, technology innovation, regulation and international partnerships.

In his opening address at the inaugural Infocomm Media Cybersecurity Conference on 25 January 2018, Dr Janil Puthucheary, senior minister of state for the Ministry of Communications and Information, highlighted the following points.

As "Singapore aims to be a Smart Nation and a leading digital economy", there is a vital need for cybersecurity. He added that the telecom industry is key and fundamental to secure Singapore's connectivity infrastructure and services.

The government and telecommunication industry players should collaborate on cybersecurity matters. To date, some examples of such collaborative efforts include:

  • The Infocomm Media Development Authority of Singapore (IMDA)'s launch of the Infocomm Singapore Computer Emergency Response Team in 2015 to respond to cybersecurity threats within the telecommunications and media sectors; and
  • IMDA's revision in 2018 of the Telecommunications Cybersecurity Code of Practice to ensure that best practices from the industry can be applied to the telcom space.
  • The TCSC will identify challenges, key telecommunication technologies and market developments that will shape the cyber threat landscape. This is to ensure that Singapore keeps up to date on global, technological and industry trends.

Dr Janil also announced new initiatives to boost cybersecurity in the telecom space:

  • First, an electronic Know Your Customer guide, which will enable mobile operators and their customers to perform secure online verifications and registration for mobile services such as switching SIM cards, thus doing away with the need for face-to-face transactions.
  • Second, there will be an Internet of Things (IoT) Cyber Security Guide, with baseline recommendations and checklists, which will provide guidance to IoT users and vendors on securing their IoT devices and networks. IMDA has launched a public consultation to gather feedback from members of the public and industry on the guide, to ensure that its recommendations are useful and comprehensive. All submissions must reach IMDA by 12 noon on 8 March 2019.
  • In addition, IMDA is also exploring possible trials using quantum key distribution technology with industry partners to help foster a greater understanding on the implementation of more advanced forms of encryption.

Finally, Dr Janil stressed that individuals need to play their part as well and participate in "that collective responsibility" towards cybersecurity. Noting that human behaviour and vulnerabilities, and not just technology software or hardware, often pose risks and threats to cybersecurity, he highlighted that users, employees and individual participants should also play a part in "actively maintaining" the security of technological platforms and networks.

What these developments could mean for your business:

  • Although the initiatives and recommendations mentioned above pertain to the telecom sector, any and all businesses alike should consider implementing robust cybersecurity strategies including identifying vulnerabilities that could pose cybersecurity risk to the business, developing a comprehensive incident response plan, running cybersecurity tabletop exercises and engaging in industry roundtables to keep up to date on relevant best practices.
  • External counsel should also be retained to advise on any legal implications that may be triggered the event of a cybersecurity incident, for instance, whether mandatory reporting applies and if there is potential regulatory or contractual liability to the business.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.