Singapore Cybersecurity Bill: are you prepared?

Unless you have been hiding under a rock or stuck on a desert island, cybersecurity has been unmissable in the last few years as we all struggle to get a handle on the situation with individuals, firms and governments crashing from one breach to the next.

Beazley’s regional manager, financial lines, Nicholas Tey says Singaporean risk managers have become accustomed to reading material of this nature and being aware of the risk, though Singapore has been a little slower off the mark in terms of regulation implementation. But all that has changed and the country has now implemented some of the toughest regulations seen to date.

On 5 February 2018, the Cybersecurity Bill was passed by Singaporean Parliament. A draft version of this bill previously been issued for public consultation by the Ministry of Communications and Information (MCI) and the Cyber Security Agency of Singapore (CSA) on 10 July 2017.

Tey says: “The idea behind the bill is to set up a centralised notifications centre, whereby the critical infrastructure industry is able to notify of a breach, and as such, the government is able to be aware and keep up to date on the various cybersecurity breaches on critical infrastructures.” The bill has now passed through parliament it is in the final process of being signed off.

“Unlike any other countries or jurisdictions where they start to implement more robust regulations around breaches, this bill is finally starting to get everyone to take greater notice of the issue of cybersecurity breaches. This is essential if cyber defence is going to be maximised at every level; and ensures the matter is given proper management attention at the leadership level,” Tey adds.

Further to this, Tey says risk managers need to ensure that all levels of management are aligned with their thinking and that the whole business tries to maximise the efforts of security.

“This bill will get the managements’ attention, especially for the critical infrastructure suppliers, which can range from a small-to mid-sized financial institutions to a large energy infrastructure.”