Plans to bolster cyber security in telco sector to be drawn up

The roadmap will identify areas for improvement in Singapore's telecom cyber-security capabilities, and recommend strategies, policies, initiatives to address the issues identified. PHOTO: ST FILE

SINGAPORE - A roadmap to identify and deal with "next generation cyber threats" in the telecommunications sector for the next five years is in the works.

The plan will be developed by the newly formed Telecom Cybersecurity Strategic Committee, which will publish its first set of recommendations later this year.

It is fundamental to secure our telecommunications infrastructure, said Senior Minister of State for Communications and Information Janil Puthucheary, who announced the road map on Friday (Jan 25) at the inaugural Infocomm Media Cybersecurity Conference at Sheraton Towers Hotel.

"As soon as you have connection, your threat surface increases and the opportunity for vulnerabilities of penetration increases," he said.

Dr Janil also announced two other initiatives to boost cybersecurity - a guide for telcos on secure online verification for mobile services and an upcoming guide on using Internet-of-things devices.

The initiatives come after Singapore's worst cyber data breach in June last year, in which hackers stole the personal data of 1.5 million SingHealth patients and the outpatient prescription information of 160,000 people, including Prime Minister Lee Hsien Loong. A Committee of Inquiry set up to look into the attack recommended various measures to beef up cybersecurity, such as improving incident response processes.

In a release, the Infocomm Media Development Authority (IMDA) said the roadmap will identify areas for improvement in Singapore's telecom cyber-security capabilities, and recommend strategies, policies, initiatives to address the issues identified.

The roadmap will also help IMDA decide what cyber-security capabilities for the telecommunications sector it needs to develop and invest in.

The new committee is headed by IMDA chairman Chan Yeng Kit, who is also Permanent Secretary at the Ministry of Defence. It has three other members: IMDA chief executive Tan Kiat How, Cyber Security Agency of Singapore chief executive David Koh and Mr Cheong Chee Hoo, chief executive of defence research organisation DSO.

The committee has three other expert panellists: former director of the United Kingdom's Government Communications Headquarters Robert Hannigan, co-founder and chief executive officer of cyber security company Team 8 Nadav Zafrir and chief executive officer of IronNet Cybersecurity Keith Alexander.

The Straits Times understands that the committee had already met once last year.

Mr Tan, IMDA chief executive, said in a release: "As we look towards deploying the next generation connectivity infrastructure to support Singapore's Digital Economy, we will also need to be mindful of the increasingly complex and sophisticated cyber-security risks that we face.

"IMDA is partnering the industry and international thought leaders to develop a multi-year roadmap that guides our effort in systemically building a trusted, secure and resilient connectivity infrastructure."

At the conference, Dr Janil also announced two other initiatives by IMDA to boost cyber security here.

The first is a guide for telcos that use Know Your Customer technology which allows customers to verify registrations for mobile services online, like changing SIM cards, without face-to-face transactions.

Telcos using this technology have varying degrees of protection measures.

IMDA's implementation guide will specify regulatory requirements for this technology, such as ensuring secured online verification. For instance, if a telco uses facial recognition technology, it will have to ensure that adequate fraud mitigation and identity theft prevention measures are in place.

IMDA will also be consulting the public about an upcoming guide to help companies make purchasing and deployment decisions for Internet-of-things (IoT) solutions that are designed with security in mind, to prevent service disruptions and data breaches.

IoT is a network of devices that contain elements like electronics, software, actuators, and connectivity which allow the devices to connect, interact and exchange data. IMDA said this technology will play an important role in Singapore's journey to become a digital economy.

This guide will have checklists that companies deploying IoT solutions can use to assess the security of their systems.

Join ST's Telegram channel and get the latest breaking news delivered to you.