As malicious cyber attacks increasingly target civilian arenas like finance or healthcare, preparing for them requires a mindset change on the part of cyber-security agencies.
Mr David Koh, chief executive of the Cyber Security Agency (CSA), said that agencies must learn to rely on partners across government because the wider attack surface requires whole-of-government vigilance.
"Agencies that may not be used to security threats have to be alert and know when to share information with security agencies and determine whether an incident was just a benign glitch or the first indicator of a sophisticated cyber attack," he said.
Mr Koh was part of a five-member panel discussing cyber capabilities at the annual Shangri-La Dialogue defence forum yesterday.
He also said security agencies should learn to work more closely with two other groups: civilian industry partners, and technology and academic researchers.
Referring to the first group, he said: "Our chances of recognising and thwarting a cyber attack will be much higher if industry partners share information voluntarily and as the situation develops."
As for the second group, Mr Koh said governments and militaries no longer have a monopoly on the most advanced technologies.
"We must work closely with the tech industry, academia, to find solutions for today's cyber-security gaps and what tomorrow's challenges may look like," he said.
The other speakers included the United States' General Paul Nakasone, who is also director of its National Security Agency and commander of US Cyber Command, and Senior Colonel Xu Manshu of China's National Defence University.
At the question-and-answer session, the panellists were asked for their thoughts on building up offensive strategies in cyberspace. All of them agreed on prioritising defensive capabilities, with Senior Col Xu saying: "What would you do when you experience a cyber attack? I think no one would want to say, 'how to retaliate.' The first concern would be about how to recover."
But Gen Nakasone said defensive practices are only one side of the coin, and added that the US practices "persistent engagement".
This means that it shares information with its partners, but it also acts outside national boundaries to look for malware and adversaries attempting to do the country harm.
"We need a good balance: not only the defence but also the capability to act when authorised, because our adversaries, operating below this level of armed conflict with almost all the advantages they have, with very low barriers to enter, have tremendous advantages," he said.
