Meet GI's Cybersecurity Champion: Tan E-Seon Reggie, Director (Cybersecurity and ICT Governance), Ministry of Home Affairs (MHA), Singapore

This interview is part of GovInsider's inaugural Cybersecurity Champions report featuring public sector cybersecurity officials around the world.

Please give a brief description of your job function as a cybersecurity professional, as well as what your organisation does. 

As the Director overseeing Cybersecurity & ICT Governance and concurrently serving as the Ministry-level Chief Information Security Officer (CISO) for the Ministry of Home Affairs, Singapore, I help to shape and enforce cybersecurity policies, standards, and guidelines to ensure that the Home Team's digital infrastructure and operations remain secure, resilient, and future-ready.

A key part of my role also involves enabling our Home Team departments to adopt innovation securely. We also work closely with both public and private sector partners to enhance national cyber resilience and align with broader whole-of-government digital and cybersecurity objectives.

The Ministry of Home Affairs consists of MHA Headquarters, seven Home Team departments and three statutory boards, known collectively as the Home Team. The Home Team works round the clock to keep Singapore safe and secure.

What kind of cyber threats does your organisation face on a regular basis? 

Scams, phishing, and identity theft continue to be prevalent, given the high Internet penetration in Singapore and greater use of social media, smartphones and e-commerce. It is becoming harder to protect citizens from criminal activities happening online.

There is also a greater risk given that more of our government services are being transacted online, which increases the attack surface. We also face emerging threats such as supply chain vulnerabilities and AI-powered cyberattacks.

Our Home Team CISOs have to step up our cyber leadership to address these multifaceted security risks while balancing it with accessibility and innovation — ensuring digital services are easy to use while remaining well-protected.

To subscribe to the GovInsider bulletin, click here. 

Many say that we are entering an age of AI-driven cyberwarfare where both hackers and cybersecurity professionals use AI tools for attack and defence. What is your view? 

We're already seeing AI influencing both sides of the cybersecurity battlefield. Malicious actors use AI for large-scale phishing, automated reconnaissance, and even deepfake campaigns.

On the other hand, defenders like us are deploying AI for anomaly detection, behavioural analytics, and automating incident response. To stay ahead, it is critical to invest in AI-driven tools while retaining strong human expertise and ethical oversight.

Cybersecurity is often described as a team sport whereby a network's vulnerability is often defined by its weakest link. In this context, how important is having a whole-of-government or whole-of-country cybersecurity posture?

Cybersecurity absolutely requires a collective effort.

A whole-of-government approach ensures alignment of standards, resource sharing, and coordinated responses across the different sectors.

The digital ecosystem is only as strong as its weakest node—so it's essential to ensure that every agency, supplier, and individual understands their role and is equipped to play it effectively.

An often-repeated point in the cybersecurity sector is what your Plan B is after your network is breached. Can you share your point of view on this aspect?

The reality is that breaches are inevitable, so resilience is key.

A robust Plan B includes well-tested incident response plans, real-time monitoring, rapid detection and containment measures, and a strong disaster recovery plan. Regular cyber drills and tabletop exercises will prepare the staff for various scenarios, and ensure that teams are prepared to act swiftly to minimise damage.

Resilience is not just about bouncing back but to be able to recover swiftly, with minimal disruption to services that citizens rely on daily.

If your organisation gave you an unlimited budget for cyber defence, what would you spend it on?

There will always be a need to manage resources, ranging from budget and time, to manpower.

Given the increasingly complex digital landscape, I would prioritise predictive threat intelligence platforms, AI-based detection tools, and modernising legacy systems.

I would also give weight to continuous development of our cybersecurity professionals within the organisation - through skills development, advanced training, and nurturing our next generation of cybersecurity leaders.

What brought you to this profession and what do you love the most in your job and what would you like to improve?

I was drawn to this role because of its strategic importance and dynamic challenges.

What excites me is the opportunity to solve complex problems that have real-world impact. I particularly enjoy mentoring future cyber leaders and supporting innovation within secure parameters.

One area I think has room for improvement is inter-agency coordination, especially in areas like information sharing and incident escalation. This is because early sensemaking will allow us to respond to the threat more effectively.

The lack of qualified cybersecurity professionals is a global problem, how do you think this can be overcome?

The shortage of skilled cybersecurity professionals is real, but it can be addressed with the right strategies.

Our Institutes of Higher Learning have already begun expanding cybersecurity education and certification. We also need to create more industry internships, apprenticeships, and mid-career conversion opportunities.

Encouraging diversity and offering flexible pathways into the field will help grow the cyber workforce.

If you had a chance to restart your career from scratch, would you still want to be cybersecurity professional and why?

Without a doubt! Cybersecurity is more than a job—it’s a mission.

The challenge of staying ahead of adversaries keeps the job engaging.

Plus, knowing that the work I do helps safeguard public safety and critical infrastructure gives me a strong sense of purpose every single day.