askST: How Digital and Intelligence Service revamp boosts SAF’s digital, cyber-security backbone

SINGAPORE – On March 18, the Digital and Intelligence Service (DIS) officially launched two new commands as part of its growth amid a rapidly evolving digital and cyber-security landscape.

The DIS – which is the fourth service of the Singapore Armed Forces – inaugurated the Defence Cyber Command (DCCOM) and SAF C4 and Digitalisation Command (SAFC4DC) at Hillview Camp.

The restructuring would, in the words of Defence Minister Ng Eng Hen during Parliament’s Budget debate earlier in March, “bring to bear for the SAF the full effects of new digital hardware and software”.

The Straits Times looks at how the DIS has been restructured, and the kind of people it is looking for as it expands.

Q: What do each of the commands do?

The DCCOM’s role will be to defend the Ministry of Defence and Singapore Armed Forces and, by extension, Singapore against cyber threats, while the SAFC4DC will consolidate the service’s software and hardware capabilities under a single command to accelerate and integrate digitalisation efforts across the SAF.

The establishment of DCCOM consolidates the DIS’ cyber-security entities under a single command to better advance cyber-security capabilities and operations. The command is essentially the cyber guardian of Mindef and the SAF, patrolling their systems to ensure security.

With the setting up of DCCOM, two entities have been created to enhance Mindef’s cyber-security posture.

These entities are:

DCCOM has also taken under its command two of the existing DIS entities which had previously sat elsewhere in the DIS organisation chart, namely the Cyber Defence Group (CDG) and Cyber Defence Test and Evaluation Centre (CyTEC).

Meanwhile, the SAFC4DC will oversee several entities charged with continuing and maintaining SAF’s digitalisation drive by researching and/or developing new technologies, and then following up by integrating them into the wider SAF to ensure it remains at the cutting edge.

Coming under the SAFC4DC’s purview are:

SAFC4DC is also overseeing the newly created SAF Artificial Intelligence (AI) Centre, and brings the SAF’s technology stack under one roof, including its network infrastructure, cloud computing resources, data centres, AI models and software development.

Q: Why is the restructuring needed?

In a world that is increasingly reliant on being connected in the virtual domain, protecting critical infrastructure is not limited to just keeping it safe from physical attack involving guns or bombs, but also includes protecting it virtually from cyber threats.

These threats can come in various forms, from zero-day exploits of unknown security flaws to ransomware attacks and malware, and are constantly evolving as malign actors continually seek ways to carry out attacks in a constant cat-and-mouse game with defenders.

With cyber threats evolving in complexity and scope, said Mindef, the DIS restructuring is an effort to stay ahead in a dynamic security landscape.

Placing the various entities within DIS in two discrete commands allows better unity of command and clarity of mission, said Rear-Admiral Yong Wei Hsiung, Chief of Staff (Digital and Intelligence Staff) and head of DIS operations.

As an example, Rear-Adm Yong cited uniting the entities responsible for cyber security, such as CDG and CyTEC, under the banner of DCCOM, saying that this would reduce inefficiencies and ensure greater interaction and integration between these groups.

Meanwhile, the rapid development and proliferation of AI is the reason for the DIS setting up the SAF AI Centre. Sitting within the SAFC4DC, its focus is threefold, according to the centre’s head, Military Expert 6 (ME6) Shawn Kan.

These are: enabling the use of safe, reliable and robust AI across different domains; employing AI for a wide range of operations for a wider user base; and building expertise through partnerships and strengthening the SAF’s workforce.

ME6 Kan added that the centre is looking to broaden the use of AI solutions within the SAF for a variety of applications, and is seeking to tap low code solutions so that more SAF personnel can benefit without having to first learn how to code.

Q: How does the DIS enhance Singapore’s overall cyber security?

One of the points the DIS leadership was at pains to emphasise on the day of the new commands’ inauguration on March 18 was that their mission is to safeguard not just the cyber security of Mindef and SAF alone, but that of all of Singapore.

Rear-Adm Yong noted several times during his media briefing that cyber security is a team sport and that for a highly interconnected society like Singapore, its cyber defences are only as strong as its weakest link.

This is particularly so as the tools used for cyber attacks are evolving and improving increasingly rapidly with the advances in technology, with Defence Minister Ng citing experts as warning that AI tools have the potential to dramatically reduce the time it would take attackers to exploit vulnerabilities.

This was echoed by Senior Lieutenant-Colonel Benjamin Lim, the commanding officer of the CPG, who cautioned that such cyber attacks against commercial companies and critical infrastructure are often not isolated incidents but coordinated, complex attacks by criminal groups and state actors.

Singapore thus needs to stay ahead in this dynamic and evolving security landscape and be able to better protect its digital backbone, he added.

The DIS will therefore work with other government agencies and industry as part of the country’s overarching digitalisation and cyber-security efforts under CSA, and has already been involved in national cyber-security exercises to test and hone its capabilities.

Q: Who is the DIS looking to recruit?

Having only been inaugurated in October 2022 as the newest of SAF’s four services, the DIS is currently on a growth trajectory as far as personnel is concerned.

And while those with computer science, AI, cyber-security, digital technology or software development qualifications or skills would definitely be on its radar, Rear-Adm Yong added that given how fast technology is evolving and the way new domains are growing in the digital space, it is difficult to predict with any kind of certainty the kinds of skill sets the DIS would require from its future recruits.

Nevertheless, the service is open to hiring mid-career professionals with experience, given that what it does closely mirrors what digitalisation and cyber-security professionals in the private sector are doing.

It has already taken on board operationally ready national servicemen with relevant digital or cyber-security expertise from their daily jobs via the Enhanced Expertise Deployment Scheme, to broaden its skills base with those who have industry experience.