Cyber-security literacy: S'pore ranks 2nd in study

Republic also wins praise for integrating cyber security into formal education system

Singapore has placed second in an international study that examined the cyber-security literacy of the population in 49 countries and the European Union.

Switzerland came out top and Britain followed the Republic.

The Cyber Risk Literacy and Education Index, published by management consultancy Oliver Wyman this month, looked at how countries handled cyber security across five categories, including in education and the labour market.

It also assessed how aware a country's population was of cyber-security risks and the degree of access to technology.

Australia and the Netherlands rounded off the top five in the list. The United States was 10th, while China was second from the bottom in 49th place.

Singapore was lauded in particular for integrating cyber security thoroughly into its formal education system, including at the primary and secondary school levels. It came out tops in this category.

"Crucially, cyber security instruction is also incorporated into subjects beyond ICT (information and communications technology) or computer science into subjects such as social studies, enhancing the quality of instruction," said Oliver Wyman partner Alon Cliff-Tavor on Thursday.

"Many countries fail to integrate cyber security instruction across disciplines, and often do not include the subject in primary schooling curricula at all."

The index's authors said increasing people's awareness and motivation on cyber issues should be a key element of every country's defensive strategy, as studies show that most cyber-security issues stem from human error.

Singapore ranked second for awareness of and demand for cyber-security skills in the labour market, and third for the population's commitment to practising cyber security.

Mr Cliff-Tavor pointed to the Republic's high rates of employment growth in sectors relevant to cyber security, and how studies by software firms Kaspersky and Microsoft found that computers in Singapore experienced lower rates of malware encounters and local infections compared with those in other countries.

"(This indicates) a cyber literate population with the ability to prevent such events. Residents of Singapore were also found to carefully manage their e-mails, passwords and use of browsers compared with populations of many other nations," he said.

But Singapore found itself in the middle of the pack in the index at 19th in the government policy category, which looked at the long-term vision of countries' national cyber-security strategies.

Mr Cliff-Tavor said Singapore's national cyber-security strategy has a broad coverage of important topics from education to workforce development, but does not include "strict qualitative or quantitative metrics and benchmarks to track success and ensure accountability".

"This would be rare for governments to do in general. We have seen only Switzerland and Estonia (do this) as the prime examples," he added.

"While governments set appropriate priorities and goals, they consistently fail to commit the resources necessary for their success. Committing funding and updates on progress to ensure accountability are lacking in many geographies."

A version of this article appeared in the print edition of The Straits Times on October 24, 2020, with the headline 'Cyber-security literacy: S'pore ranks 2nd in study'. Subscribe