Debate on ministries’ budgets: Communications and Information

Parliament: Certification boost for Singapore's cyber security products

Having globally recognised tests done here will lead to time and cost savings of over 20%: Janil

Cyber security products developed in Singapore can be certified as well on an internationally recognised standard here, a move that will shorten the time plus lower the costs and barriers that local developers face in getting their products accepted worldwide.

Singapore is now a Common Criteria Authorising Nation, which allows it to certify products with the Common Criteria (CC) standard - the de facto standard for product certification adopted by governments and firms in 30 countries.

Previously, local developers had to send their products overseas to get the CC certification, which could be a long-drawn-out process involving months of shipping the developed products or flying testers to Singapore to examine them.

Now, local companies are estimated to get cost and time savings of more than 20 per cent, said Senior Minister of State for Communications and Information Janil Puthucheary yesterday.

"It's a step towards becoming a regional hub for product evaluation and certification. And we are attracting global evaluation laboratories to anchor their operations here," said Dr Janil, who is also in charge of the Government Technology Agency (GovTech), during the parliamentary debate on his ministry's budget.

"This will facilitate Singapore's exports of world-class cyber security products and create good jobs for Singaporeans," he added, when replying to Nominated MP Douglas Foo.

The Ministry of Communications and Information (MCI) said in a fact sheet that the CC certification body is set up by the Cyber Security Agency of Singapore (CSA), which will ensure the standards required for the certification are upheld.


It will maintain a pool of approved CC-testing laboratories, which developers can contact to certify their products.

CSA has approved three such laboratories. One is from local start-up An Security and two are from international companies: T-Systems International GmbH from Germany and Brightsight B.V. from The Netherlands.

MCI said the ability to certify products here helps make Singapore's products more attractive overseas.

"This facilitates the exportability of IT security products in Singapore and strengthens Singapore's competitiveness in the global cyber security market," said the MCI.

Some products that have received the CC certification here include two by ST Electronics (Info-Security) - a portable USB encrypted storage device and an Internet protocol encryptor.

Dr Janil also announced a new track - called SecureTech - in an accreditation scheme for companies. It comes under the Infocomm Media Development Authority's (IMDA) Accreditation@SG Digital programme and will be launched by the end of this month.

It will improve the quality of cyber security products of small and medium-sized enterprises (SMEs), which must obtain CC certification for their products under this track. Both IMDA and CSA are the approving authorities in this new track.

Being accredited under the Accreditation@SG Digital programme opens up more opportunities for companies to have their products and solutions be showcased and considered by the Government.

Said Dr Janil: "This Accreditation@SG Digital helps local SMEs to improve their business practices and engage with the local community and also helps them to be considered by government agencies for the procurement of their product."

A version of this article appeared in the print edition of The Straits Times on March 05, 2019, with the headline 'Certification boost for S'pore's cyber security products'. Print Edition | Subscribe