Cyber Security Agency to set up training academy

Move aimed at boosting skills of professionals who manage IT systems in govt, critical sectors

The Cyber Security Agency (CSA) will create its first academy to boost the skills of cyber-security professionals working in government and critical sectors in Singapore such as energy, healthcare and transport.

Announcing the new academy yesterday, Deputy Prime Minister and Coordinating Minister for National Security Teo Chee Hean said that training is one of the key pillars of a more secure and resilient digital community.

"Singapore is more exposed than many other countries to cyber attack. We are already highly connected, and aim to become more so," he said at the opening of the second annual Singapore International Cyber Week at Suntec Singapore Convention and Exhibition Centre.

Training at the new academy is expected to begin later this year, but other details such as funding and cohort size are still being worked out.

The CSA Academy was mooted to plug gaps in the skills of cyber- security professionals who manage IT industrial control systems, such as those that control the production and distribution of energy and water, said CSA chief executive David Koh.

Recognising that the CSA's resources are limited, he said the private sector will play a big part in the skills transfer.

This is why the CSA has roped in United States-based cyber-security firm FireEye as its first partner to provide training in incident response and malware analysis.

WELL CONNECTED

Singapore is more exposed than many other countries to cyber attack. We are already highly connected, and aim to become more so.

DEPUTY PRIME MINISTER AND COORDINATING MINISTER FOR NATIONAL SECURITY TEO CHEE HEAN

It is not known if the CSA Academy is the first of its kind, but Mr Naveen Bhat, managing director of cyber-security firm Ixia in Asia Pacific, said such public sector-led academies are rare. But he stressed that they are necessary: "Current programmes in the universities and polytechnics cannot meet market needs (for cyber experts)."

The announcement comes at a time when awareness of cyber security is at a high. In a recent 26-page Singapore Cyber Landscape report, the CSA highlighted cyber attacks that hit several of the 11 critical sectors here and a state-sponsored attack on an unnamed government agency last year.

It also signalled the Government's emphasis on securing critical IT systems. The Straits Times had reported this week that the Government awarded a three-year bulk contract worth about $50 million to protect government websites from hackers. The deal is worth twice as much as the one it replaces.

Mr Teo added yesterday that a strong legal framework was needed to underpin cyber safety, and that Singapore will be tabling a Cyber Security Bill in Parliament next year.

Among other things, it requires private and public organisations to report breaches that involve critical infrastructure to the CSA. It also empowers the agency's chief, as commissioner of cyber security, to investigate threats and incidents to ensure that essential services are not disrupted in a cyber attack.

"This Bill will enable us to take pre-emptive action to protect against cyber threats, and improve our capability to respond to incidents," said Mr Teo.

Separately yesterday, Asean cyber security and infocomm technology ministers and senior officials called on Mr Teo - who is Acting Prime Minister while Prime Minister Lee Hsien Loong is on an official visit to China - at the Istana. They discussed, among others, ways to enhance regional cooperation on cyber policy coordination.

A version of this article appeared in the print edition of The Straits Times on September 20, 2017, with the headline 'Cyber Security Agency to set up training academy'. Print Edition | Subscribe