Cybersecurity News

Singapore strengthens cybersecurity with updated act and expanded CSA authority

Singapore Cybersecurity Update Puts Cloud Providers on Notice

Singapore has amended the Cybersecurity Act to ensure that it is updated with the current trend of people facing online threats in multiple forms. At the core is the basic requirement of reporting incidents to relevant authorities. Other layers highlight that the region’s cybersecurity agency now has more power to regulate critical infrastructure along with third parties.

The update to the Act was made on May 07, 2024, and now takes into account more than a single aspect. For instance, it explores the impact of running CI management systems on cloud infrastructure. This became essential because operators have now outsourced some portion of their functions to third parties and cloud providers. Janil Puthucheary, the Senior Minister for the Singapore Ministry of Communications, has acknowledged this in their speech before the parliament of the country, adding that there is a need to hold service providers accountable for their actions.

They have also illuminated the need to update or amend the Act by stating that it was originally constituted around physical systems. However, the sphere has transitioned to housing new technology and business models, making it necessary to introspect and make necessary amendments.

Singapore continues to support the Cyber Security Agency, CSA. Donny Chong, the Product Director at Nexusguard, has said that all the updates were released only after extensive outreach to citizens, CI providers, and legal experts. Donny also stated that the rising incidents in the segment are a cause of worry not only for authorities but also for citizens.

A sign of relief is evident from the fact that companies are becoming aware of such incidents and how they can severely impact their reputation and functions. Therefore, support for amendments to stronger regulations was seamlessly registered.

The original version of the Act had fewer power levels for authorities. This included managing the nation’s cybersecurity prevention and response programs. A change in the landscape of cloud service and critical infrastructure drove CSA to the extreme end of moving ahead with time. Cloud service has essentially challenged the model of having physical systems on-premise or being owned entirely (or controlled) by the CI owner.

Per the amendment, businesses and infrastructure operators are divided into five categories: non-provider-owned CI, provider-owned CI, entities of special cybersecurity interest, foundational digital infrastructure—also known as FDI—and owners of systems that are of temporary cybersecurity concern.

Organizations are now legally bound to undertake risk assessments, audits, report incidents about cybersecurity, and require contract language for third parties. CSA has expressed commitment to operationalizing the new incident reporting requirements. Lim Chong Kin, the Managing Director at Drew & Napier, has proposed this aspect.

Simply put, the landscape of cybersecurity is changing at a faster pace. There is a need to move with time and make necessary amendments before it goes on to affect users at a macro level. Singapore has crafted updates to the Cybersecurity Act and is committed to backing the Cyber Security Agency.

What is your reaction?

In Love
Not Sure
ToAI Team
Fueled by a shared fascination with Artificial Intelligence, the Times Of AI journalists team brings together various researchers, writers, and analysts. We aim to provide a comprehensive knowledge of AI for a broad audience of the Times Of AI. Through in-depth analysis of the latest advancements, investigation of ethical considerations around AI development, AI governance, machine learning, data science, automation, cybersecurity, and discussions about the future impact of AI across various sectors, we aim to empower readers with the details they need to navigate this rapidly evolving field.

    You may also like

    Leave a reply

    Your email address will not be published. Required fields are marked *