Parliament: 11 critical sectors to shore up defences in response to SingHealth COI report, says Iswaran

Minister-in-charge of Cyber Security S. Iswaran said the public sector will continue to strengthen defences on all fronts - people, process, technology and partnerships.
Minister-in-charge of Cyber Security S. Iswaran said the public sector will continue to strengthen defences on all fronts - people, process, technology and partnerships.PHOTO: SCREENGRAB FROM YOUTUBE/GOVSINGAPORE

SINGAPORE - More technology will be used to automate cyber-security tasks like the roll-out of software patches. Also, security audits and drills will be intensified to sharpen public officers' readiness to respond to cyber incidents.

These new measures to shore up the cyber security of public sector systems were disclosed in Parliament on Tuesday (Jan 15) by Minister-in-charge of Cyber Security S. Iswaran. They are a response to the recommendations of a high-level panel that investigated June's cyber attack on SingHealth, Singapore largest cluster of healthcare institutions.

In all, the model would be implemented across 11 critical information infrastructure sectors, including healthcare, energy, telecommunications and transport.

Mr Iswaran said the findings and recommendations of the Committee of Inquiry (COI) gave "added impetus" to the ongoing efforts of the Smart Nation and Digital Government Group (SNDGG) to enhance the cyber security of government systems.

"In particular, the findings reaffirmed the 'defence-in-depth' approach that the public sector had adopted towards cyber security," he noted.

"The public sector will also continue to strengthen our defences on all fronts - people, process, technology and partnerships, as informed by the COI recommendations," he said.

The COI recommendations were issued last week as part of a public report detailing the events that led to June's cyber attack that compromised the personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong.

 
 
 
 

On the technical front, SNDGG will look into improving the architecture of government systems to allow more extensive monitoring and detection of abnormal activities. It will also continue to introduce measures to better detect and respond to intrusions, and monitor critical databases.

Acknowledging the Government cannot fortify its cyber security alone, it will enlist the help of the larger cyber-security community, including ethical hackers.

The Cyber Security Agency of Singapore will oversee and follow up on how the COI recommendations will be carried out across the 11 critical sectors.

Mr Iswaran said: "The measures recommended by the COI will help us defend ourselves better against malicious cyber activities, including from international attackers. This was not the first instance where we were targeted and it will not be the last."