The separation of government work from Web surfing brings home the reality of the serious threats posed by cyber rogues. They contrive to slip through the open doors of dual-purpose computers to go deep down corridors leading to confidential information and important operations. Officials create that opportunity when they are plugged into everything all the time - akin to working in a glass office, with see-through filing cabinets to boot, while pretending that no one is watching. Ordinary people might think nothing of using public hot spots to connect with others. But those running vital public infrastructure, transport networks, telecommunications or banking services cannot operate in so exposed a fashion. One would expect the civil service, in particular, to take a more circumspect approach as government services embrace key areas of a nation's life. It would be folly to underestimate the sophistication and determination of cunning hackers worldwide who are constantly testing prize targets to find a chink in the armour.
Unfortunately, there are chinks aplenty in much defensive software that make it necessary to constantly patch computer networks. Most efforts behind the scenes to thwart malicious attacks are undertaken silently, and it's only the high-profile intrusions that waylay the public imagination from time to time. Examples include the hacking of the United States Defence Department computers by a teen 17 years ago, the breach here of the Foreign Affairs Ministry's IT system in 2014, and the grounding of flights in Sweden last year after its air traffic control system was invaded by hackers. Some breaches can take days or months to identify and contain effectively. Yet over two-thirds of American security executives don't have incident response plans in place, according to a recent IBM-Ponemon Institute study. It simply won't do to take a head-in-the-sand approach to cyber security as the impact of breaches amounts to US$400 billion (S$544 billion) a year globally, says the Centre for Strategic and International Studies.
To be sure, the Internet will continue to remain the defining architecture of the times and will be fully tapped by civil servants, business folk and citizens alike. Singapore, after all, has been pressing ahead with its ambitions to be a "smart nation". However, a highly connected city that taps data compulsively and embeds technological solutions in various activities makes itself more vulnerable to virulent attacks. Singapore simply cannot afford to be paralysed even temporarily by hackers as more is done to leverage computer-mediated communication to link people and things. Hence, while separating civil servants' work computers from Internet access might seem bothersome, even retrograde, the need to do so in the face of very real cyber threats seems clear.