Firms can't leave their cyber defence to tech dept: Iswaran


As companies embrace the new frontiers of digital trade, they too have to shore up their cyber defences by not leaving the job to the technology department, said Minister for Communications and Information S. Iswaran.

"It is a responsibility that has to be undertaken at the highest level - for a company, it would be the CEO or at the board level," he said, speaking to reporters yesterday on the sidelines of the World Economic Forum (WEF).

The more businesses embrace digital connectivity, the greater the risk of cyber attacks, he said, responding to questions on what was discussed during a private panel session, Future Frontiers of Cybersecurity, the day before.

Another key point shared was the need to have greater awareness of cyber hygiene habits among the population and in the working environment. "In Singapore, we have emphasised the need for strong passwords, for discipline when you receive unsolicited e-mails and also two-factor authentication," he said.

These were some of the recommendations of a high-level Committee of Inquiry that investigated last June's cyber attack on SingHealth, which had compromised the personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong.

The recommendations were accepted by the Government after recognising that there were severe lapses by SingHealth's IT vendor Integrated Health Information Systems (IHiS) in securing patient data.

Earlier this month, SingHealth and IHiS were given the largest combined fine of $1 million for failing to protect patient data.

The third key point - which Mr Iswaran said was the most important in the context of Davos - was the need for international norms and rules governing cyberspace.

"Unless there is an agreement among countries on a code of conduct in cyberspace, you cannot have a stable, reliable cyberspace which will foster trust and confidence and allow the growth of the digital economy."

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on January 25, 2019, with the headline Firms can't leave their cyber defence to tech dept: Iswaran. Subscribe