High-level panel on boosting data security holds first meeting

Deputy Prime Minister Teo Chee Hean is chairing the committee, which has till Nov 30 to submit its findings and recommendations to Prime Minister Lee Hsien Loong.
Deputy Prime Minister Teo Chee Hean is chairing the committee, which has till Nov 30 to submit its findings and recommendations to Prime Minister Lee Hsien Loong.

Full composition of 10-member Public Sector Data Security Review Committee revealed

A high-level committee tasked with reviewing and strengthening data security practices across the entire public service held its first meeting yesterday, as the full composition of this 10-man Public Sector Data Security Review Committee was revealed for the first time.

The Smart Nation and Digital Government Office (SNDGO) said that during the meeting, the committee reviewed past data incidents and discussed the approaches adopted by other jurisdictions.

It also discussed broad approaches to raise data security, so that the Government can use data to deliver services and conduct planning and policy development.

The committee is chaired by Deputy Prime Minister Teo Chee Hean, who is also Coordinating Minister for National Security and Minister-in-charge of Public Sector Data Governance.

It was convened by Prime Minister Lee Hsien Loong and will look into how data is collected and protected by agencies, vendors and authorised third parties, and recommend improvements.

The committee has till Nov 30 to submit its findings and recommendations to PM Lee.

The non-governmental members of the committee are Professor Anthony Finkelstein, chief scientific adviser for national security to the United Kingdom government; Mr David Gledhill, chief information officer and managing director and head of group technology and operations at DBS Bank; Mr Ho Wah Lee, former partner at KPMG; Mr Lee Fook Sun, chairman at Ensign Infosecurity; and Sir Andrew Witty, chief executive officer at health services provider Optum.

The SNDGO said the members were chosen for their experience and expertise in how technology and data security are applied in their respective fields.

It was previously announced that the four ministers involved in Singapore's Smart Nation efforts will be part of the committee.

They are Foreign Minister Vivian Balakrishnan, who is Minister-in-charge of the Smart Nation Initiative; Communications and Information Minister S. Iswaran, who is the Minister-in-charge of Cyber Security; Trade and Industry Minister Chan Chun Sing, who is Minister-in-charge of the Public Service; and Senior Minister of State for Communications and Information and Transport Janil Puthucheary, who is Minister-in-charge of the Government Technology Agency.

The committee will be supported by a separate expert group consisting of seven international experts and industry professionals. "The expert group members were selected for their experience and expertise in digital technology and data protection," said the SNDGO.

Among the expert group members are Professor Simon Chesterman, dean of the faculty of law at the National University of Singapore; Mr Keng Seng Wei, managing director of technology services and information security services at DBS; Dr Lee Shiang Long, president of land systems at ST Engineering; and Dr Robert Morris, chief technology strategist at the Ministry of Health Office for Healthcare Transformation. The group also includes Mr Huey Tan, president of the Asia data protection officers and senior privacy counsel for Apple in Asia-Pacific; Mr Arthur Wong, chief executive of global cyber security at Singtel; and Ms Wu Choy Peng, chief technology officer at GIC.

In addition to this expert group, the Public Sector Data Security Review Committee is supported by an inter-agency task force formed by public officers across the Government.

The SNDGO said the committee and inter-agency task force may invite more experts to join the group. It may also engage members of the public and business communities.

The formation of the committee follows a spate of cyber and data security breaches and incidents over the past year. The latest data breach involved the personal information of more than 800,000 blood donors, which was improperly put online for more than two months.

Singapore's worst cyber attack was in June last year when hackers got into the database of public healthcare cluster SingHealth and stole the personal data of 1.5 million patients and the outpatient prescription information of 160,000 people, including PM Lee.

 


Expert group

The Public Sector Data Security Review Committee will look into how data is collected and protected by agencies, vendors and authorised third parties, and recommend improvements.

The Smart Nation and Digital Government Office said the committee will be supported by a separate expert group of seven international experts and industry professionals. They were selected for their experience and expertise in digital technology and data protection. They are:

Professor Simon Chesterman, Australian, dean of the Faculty of Law at the National University of Singapore (NUS)

Besides being the dean of NUS Law, Prof Chesterman is also editor of the Asian Journal of International Law. From 2006 to 2011, he was global professor and director of the New York University School of Law Singapore programme.

He is the author or editor of 17 books, including Law And Practice Of The United Nations, One Nation Under Surveillance and Data Protection Law In Singapore: Privacy And Sovereignty In An Interconnected World (Second Edition).

Mr Keng Seng Wei, Singaporean, managing director of technology services and information security services at DBS

Mr Keng is responsible for establishing and maintaining the enterprise strategy and programme to ensure that information assets and technologies of DBS are adequately protected.

Under his leadership, DBS was the first bank to introduce the digital soft token for two-factor authentication and "money safe" guarantee for digital banking.

Dr Lee Shiang Long, Singaporean, president of land systems at ST Engineering

Before his current appointment, Dr Lee oversaw the key pillar of growth in the defence business, while holding the concurrent appointment of deputy chief technology officer, ST Engineering.

He started his career with the Singapore Armed Forces, where his last appointments were head of the joint communications and information systems department and chief information officer.

Dr Robert Morris, Australian and American, chief technology strategist at the Ministry of Health Office for Healthcare Transformation (MOHT)

At MOHT, Dr Morris leads the data, science and technology group whose focus is on the application of computer and information sciences, including AI, to transform healthcare.

Until 2017, he led all of IBM Research's Global Laboratories. Before that, he was vice-president of services research at IBM's TJ Watson Research Centre in New York, where he helped start IBM's healthcare and Internet of Things businesses.

Mr Huey Tan, president of AsiaDPO and senior privacy counsel for Apple Asia in Asia-Pacific

Mr Tan's legal experience includes privacy and data protection, intellectual property rights, information technology, and legal and regulatory affairs. He is the first president of AsiaDPO, a Singapore-registered society of a self-organising practice-led community of data protection officers.

Mr Arthur Wong, Canadian, chief executive of cyber security at Singtel

Mr Wong leads a global team that helps businesses fight cybercrime, protect data and reduce risk. He has more than 20 years of start-up and large-company experience in the technology and security space. He previously served as senior vice-president and general manager of security at DXC Technology, and senior vice-president and general manager of enterprise security services at Hewlett Packard Enterprise.

Ms Wu Choy Peng, Singaporean, chief technology officer at GIC

Since 2017, Ms Wu has been developing GIC's technology vision and strategic direction in technology to strengthen its organisational capabilities. Before joining GIC, she was group chief information officer (GCIO) of Singtel. From 2006 to 2012, she was GCIO of Neptune Orient Lines Group.


Committee's non-governmental members

The full composition of the Public Sector Data Security Review Committee was revealed yesterday. It was previously announced that the four ministers involved in Singapore's Smart Nation efforts will be part of the committee, which is led by Deputy Prime Minister Teo Chee Hean, who is also Coordinating Minister for National Security and Minister-in-charge of Public Sector Data Governance.

The five non-governmental members are:

Professor Anthony Finkelstein, 59, British, chief scientific adviser for national security to the British government


Professor Anthony Finkelstein.

Prof Finkelstein was appointed chief scientific adviser for national security in 2015, a role in which he gives independent scientific advice on national security issues and works on evidence-based policy relevant to defence and security.

His research is based at The Alan Turing Institute and he holds a chair in software systems engineering at University College London. He is also a visiting professor at the Imperial College London and the National Institute of Informatics in Tokyo.

Mr David Gledhill, 57, British, chief information officer and managing director and head of group technology and operations at DBS Bank


Mr David Gledhill.

Mr Gledhill manages about 10,000 technology and operations professionals across Asia. He also leads the bank's innovation agenda drive, which encompasses concepts such as design thinking, agile methodology and data analytics.

He oversees procurement and real estate initiatives as well, and has more than 25 years of experience in the financial service industry. Before joining DBS in 2008, he worked for 20 years at JP Morgan, holding senior regional positions in technology and operations.

Mr Ho Wah Lee, 61, Singaporean, former partner at KPMG


Mr Ho Wah Lee.

Mr Ho retired as a partner from KPMG two years ago after 25 years with the firm. He has more than 30 years of experience in system management, IT audit, IT security, management consulting and financial advisory services.

Before joining KPMG, Mr Ho worked at the Ministry of Defence (Mindef) for 10 years. He served as the systems manager at the Naval Logistic Computer Centre and later as the head of computer audit, where he was a member of the Mindef IT Security Committee that was chaired by the chief defence scientist.

Mr Lee Fook Sun, 61, Singaporean, chairman of Ensign Infosecurity


Mr Lee Fook Sun.

In addition to being chairman of both Ensign InfoSecurity and Ensign InfoSecurity (Cybersecurity), Mr Lee is also the chairman of the Building and Construction Authority and deputy chairman of SMRT Trains.

He sits on the boards of DSO National Laboratories, SMRT Corporation and Great Eastern Holdings. Mr Lee is also the corporate adviser to Temasek International Advisors.

From 2009 to 2016, Mr Lee was president of Singapore Technologies Electronics, which he joined in 2000. He was also with ST Engineering for 17 years where he served as deputy chief executive and president of defence business, before he retired in 2017.

Sir Andrew Witty, 54, British, chief executive officer at health services provider Optum


Sir Andrew Witty.

Sir Andrew is chief executive officer of Optum, a global health services leader which is part of UnitedHealth Group. He was named chief executive officer last year, after serving as a UnitedHealth Group company director.

He served as CEO and director of pharmaceutical manufacturer GlaxoSmithKline (GSK) from 2008 to 2017. He joined GSK in 1985, and before being named CEO, served as president of GSK Europe.

He served on the Singapore Economic Development Board International Advisory Committee for 10 years, and now serves on Singapore's Research, Innovation and Enterprise Council.

A version of this article appeared in the print edition of The Straits Times on April 19, 2019, with the headline 'High-level panel on boosting data security holds first meeting'. Print Edition | Subscribe