This is the lady leading Singapore’s cyber defence

By Yun Xuan Poon

Gwenda Fong, Assistant Chief Executive of the Cyber Security Agency of Singapore, shared the nation's plans to secure its cyberspace.

The world is quietly in conflict. Cyber space resembles a lawless desert where state-sponsored pirates strafe enemy citadels; highway bandits steal data and cash from innocents travelling the roads; and all the while, out-of-sight, giant armies marshall their forces and sharpen their arms.

Agencies like Singapore’s Cyber Security Agency (CSA) must bring order to this chaos, promoting safety, demonstrating the risks, and deterring cyber criminals and bad actors.

Gwenda Fong, Assistant Chief Executive of CSA, shared Singapore’s plans to secure cyberspace at GovInsider’s Festival of Innovation.

Make cybersecurity easier to understand

First, the Singapore government plans to take on more responsibility for ensuring citizens and businesses are protected online. It will work to provide “clean digital services to the end user rather than requiring every single end user to take very complicated steps to protect themselves”, Fong said.

This year, Singapore released the Safer Cyberspace Masterplan 2020, which highlights how the government will make cybersecurity easier to understand and implement. “It’s not good enough just to expect every single end user to know how to take care of themselves,” she said.

The Masterplan noted that Singapore will build a tool to help businesses block untrusted applications automatically, so malicious software can’t deal any damage to their networks. It will also introduce clearer guidelines for cloud platforms and security labels for IoT devices to help buyers make informed decisions.

“As Singapore harnesses technology to improve lives and livelihoods for all, it is important to ensure that these technologies are secure,” Fong noted. “Otherwise, we would be exposing ourselves to a multitude of threats that lurk in cyberspace.”

Catching up

Cybersecurity will only become more important as more of our lives moves online, said Fong. Post-Covid, Singapore will need to “catch up in terms of the cyber resilience measures that need to be put in place, to make sure that the innovation and the digitalisation that has gone on is kept safe”, she added.

But cybersecurity may not be at the top of everyone's agenda. “When businesses emerge from Covid-19, there could be some temptation to look at how they can cut business costs”, and security might be the first thing they drop, Fong explained.

Singapore will implement the SG Cyber Safe Trustmark in 2021 to encourage companies to invest in security. Companies can declare that they have put in place certain cybersecurity measures to give their customers more assurance.

Businesses need to remain vigilant, as cybercriminals are constantly evolving and adapting. “Recently, we have seen the proliferation of ransomware and with a significant number of high profile hits across multiple sectors,” she noted.
Some groups have even come up with new business and operating models. Fong pointed out the ransomware for service business model: a group of developers maintain the ransomware code, while another group spreads it.

International rules

Singapore will prioritise working with other countries to establish common cyber rules. “This will help to build predictable modes of behavior in cyberspace,” Fong said.

This is especially crucial with critical infrastructure that operate across national borders, such as banks and aviation companies. “An attack on any such supranational critical information infrastructure would have knock-on effects in various countries,” she pointed out at the EU Cyber Forum.

Singapore participates in UN and ASEAN discussions to develop policies and norms that will ensure a peaceful and safe cyberspace, she shared. “These international and regional discussions helped to create clear rules of the road that are essential to the effective functioning of the digital economy,” she added.

CSA is more than an agency of policy-makers; they are military strategists. Fong and her team have to constantly think ahead to take down potential virtual threats, and guard the smart nation’s digital borders.

Catch up on GovInsider’s Festival of Innovation here: