GovTech: Security approach must adapt to counter increasing threat

By Nurfilzah Rohaidi

Kelvan Siew, Assistant Director of the Cyber Security Group of the GovTech Agency, shared his insights at the recent Innovation Labs World summit.

Image: GovTech

Singapore government officials must focus on situational awareness and constant vigilance in cyber security, a GovTech official has said.

“We cannot go by the traditional security way of prevention,” said Kelvan Siew, Assistant Director of the Cyber Security Group of the GovTech Agency at the recent Innovation Labs World summit presented by GovInsider. “Instead, we have to be able to monitor, detect and have a very good situational awareness for what is happening on the ground.”

Siew noted that there is a shifting approach in the field towards assuming “that a breach has already occurred and will be occurring”, adapting to mitigate threats rather than concentrating solely on preventing attacks. “There is no way we can stick to our traditional way of prevention, and at the same time, adapt new technology - it’s just impossible,” he noted.

Government is already adapting through building its internal readiness, improving tech skills across government and engaging closer with industry, he continued.

“It is very important we build up the capabilities - your core base of people - and give them the relevant training, making sure these people know what they are doing as they go out and talk to vendors, as they implement new platforms, new technology, cloud, big data, devops,” he told an audience of civil servants.

Singapore government is also “actively pushing people” to attend trainings by global industry players, Siew added. Global government officials are traditionally cautious of meeting industry, but Singapore has encouraged greater interaction since a speech by the previous CEO of GovTech, Jacqueline Poh, in 2017.

And the agency has sought to engage industry through a two day developer's conference in October, which brought over 1,000 engineers together to discuss technical solutions to government problems.

Government officials should also increase their awareness of tech solutions to improve procurement and understand how different systems will operate and fit together. “The most important thing is that you must know what you're outsourcing - the aspect of the technology,” he added. “You have to understand what are the pitfalls, if what they're saying is practical, useable, and effective,” Siew said.

Government is building up all officials’ understanding of tech to counter a worldwide cybersecurity skills shortage. Globally, “by 2020 there's actually a gap of 1.8 million”, he said, “and we do see that in the industry actually it’s not very easy to hire, or find people that are interested in this industry.”