Shangri-La Dialogue: Dealing with cyber threats requires greater partnership, say cyber defence chiefs

Mr David Koh, chief executive of Singapore's Cyber Security Agency, taking his leave after the special session “Cyber-Capability Development: Defence Implications” at the Shangri-La Dialogue on June 1, 2019. ST PHOTO: KEVIN LIM

SINGAPORE - As malicious cyber attacks increasingly target civilian arenas like finance or healthcare, preparing for them requires a mindset change on the part of cyber security agencies.

Mr David Koh, chief executive of Singapore's Cyber Security Agency, said agencies must learn to rely on partners across government because the wider attack surface requires whole-of-government vigilance.

"Agencies that may not be used to security threats have to be alert and know when to share information with security agencies and determine whether an incident was just a benign glitch or the first indicator of a sophisticated cyber attack," he said.

Mr Koh was part of a five-member panel discussing cyber capabilities at the annual Shangri-La Dialogue defence forum on Saturday (June 1).

He also said security agencies should learn to work more closely with two other groups: civilian industry partners, and technology and academic researchers.

Referring to the first group, he said: "Our chances of recognising and thwarting a cyber attack will be much higher if industry partners share information voluntarily and as the situation develops."

He said the Cybersecurity Act, passed last year (2018), helps in this regard. The laws require owners of computer systems directly involved in providing essential services - such as for national security or foreign relations - to report cyber security incidents and conduct risks assessments, among other things.

As for the second group, Mr Koh said governments and militaries no longer have a monopoly on the most advanced technologies.

"We must work closely with the tech industry, academia, to find solutions for today's cyber security gaps and what tomorrow's challenges may look like," he said.

Other speakers included the United States' General Paul Nakasone, who is also the director of its National Security Agency, and Commander of the US Cyber Command.

Gen Nakasone said being able to realise a safe, secure, open and free Internet, based on the rule of law and internationally accepted norms, is a vision that "requires the cooperation of all nations, large and small, who share the belief that such an achievement is best for all nations".

He said the US sees the "continuous theft of our intellectual property and personally identifiable information as having an accumulative effect that is corrosive to our economy and national security."

"Furthermore, campaigns by our adversaries attempting to undermine our democratic processes and sow discord within our national discourses can also have caustic effects over time," he said.

At the same time, he noted that these risks should not overshadow how technology can improve human lives.

Senior Colonel Xu Manshu from China's National Defence University, also noted the need for increased global cooperation in dealing with cyber threats offered several confidence-building measures.

These include cyber security agencies notifying one another in case of a perceived threat and working on academic research together.

She added that "no technology should be used as an excuse to start a war... It's the responsibility of the military to maintain strategic restraint on how to use cyber capabilities."

During the question-and-answer session, the panellists were asked for their thoughts on building up offensive strategies in cyber space.

All of the panellists agreed on prioritising defensive capabilities, with Senior Col Xu adding: "What would you do when you experience a cyber attack? I think no one would want to say, 'How to retaliate.' The first concern would be about how to recover."

But Gen Nakasone said defensive practices are only one side of the coin, and added that the US practices "persistent engagement".

This means that it shares information with its partners, but it also acts outside national boundaries to look for malware and adversaries attempting to do the country harm.

"We need a good balance: not only the defence but also the capability to act when authorised, because our adversaries, operating below this level of armed conflict with almost all the advantages they have, with very low barriers to enter, have tremendous advantages," he said.

Join ST's WhatsApp Channel and get the latest news and must-reads.