THE Singapore government has introduced its updated Operational Technology Cybersecurity Masterplan, as reported earlier this week, while Malaysia is mulling on an internet “kill switch” to enhance online security and combat cybercrimes.
The revised plan from the island city-state focuses on enhancing cybersecurity measures to protect both critical and non-critical information infrastructure against the rising threat landscape. This includes key strategies such as “strengthening the cybersecurity workforce, improving threat intelligence sharing, and integrating secure-by-design principles into the lifecycle of operational technology systems.”
“This move demonstrates a proactive approach taken by the government in addressing the ever-evolving threat landscape and ensuring the security of infrastructure,” said Kelvin Lim, senior director of Security Engineering at APAC, Synopsys Software Integrity Group. “This is a forward-thinking government in action, playing the role of a catalyst in enacting new policies to improve Singapore’s cyber resilience.”
The master plan, according to regional cybersecurity experts, is extending its focus to include non-critical infrastructures, and there is now a concerted effort to apply these secure-by-deployment principles universally. This would ensure that all organizations, regardless of their criticality, are equipped to tackle cybersecurity risks effectively.
“Adopting a stronger security posture aimed at preventing cyberattacks for all industries will help keep things secure and running smoothly, which is important as the country continues to grow in the digital age,” said Patrick Tiquet, vice president of Security & Compliance at Keeper Security. “Additionally, as the threat landscape continues to evolve, the master plan must remain adaptable. Regular updates and reviews will be necessary to ensure that the plan addresses new and emerging threats effectively, particularly as it now encompasses a broader range of sectors.”
Mobile Guardian removed
A couple of weeks ago, Singapore’s Ministry of Education decided to remove an application from all students’ devices following a significant hacking incident. The breach was part of a “global cybersecurity incident” that affected Mobile Guardian’s platform, impacting customers worldwide, including those in Singapore.
Mobile Guardian is a device management application that allows parents to control their children’s device usage by restricting certain applications or websites and managing screen time. Around 13,000 secondary school students had their iPads or Chromebooks remotely wiped out by hackers.
“Continuous education and training for staff, students and parents on cybersecurity best practices are essential,” said Darren Guccione, chief executive and co-founder of Keeper Security. “This includes recognizing phishing attempts, securing devices and understanding the importance of strong, unique passwords. Schools need to develop and enforce comprehensive security policies that cover all aspects of digital usage, from device management to data protection.”
Such incidents are part of the Singapore government’s new focus on cybersecurity by looking at non-critical infrastructure sectors, including small businesses, and making sure that all parts of the economy are better protected from attacks, cybersecurity experts said.
Malaysia’s ‘kill switch’
Malaysia, on the other hand, was reported in July to introduce a “kill switch” to enhance online security and combat cybercrimes such as online scams, cyberbullying, child pornography and sexual harassment.
This initiative, expected to reach the Malaysian Parliament in October, will increase the responsibility of social media and internet messaging service providers, with additional plans on amendments to the country’s penal code.
“Introducing a ‘kill switch’ adds an additional layer of protection of the last resort for users,” said Kelvin Lim, senior director for security engineering at Synopsys Software Integrity Group. “This will provide immediate protection for the users against online scams and frauds. However, caution needs to be taken as well to ensure that the ‘kill switch’ will not be a target of Denial-of-Service attacks where malicious actors trick the social media service provider or users into activating the ‘kill switch’ to interrupt service.”
Be the first to comment