Singapore Cybersecurity Update Puts Cloud Providers on Notice

Lawmakers in Singapore updated the nation's cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that critical information infrastructure operators report any cybersecurity incident to the government.
The Cyber Security Act amendment takes into account the impact of running critical infrastructure management systems on cloud infrastructure and the use of third-party providers by critical infrastructure operators, as well as a cyber threat landscape that is growing more dangerous.
In effect, since so many critical information infrastructure operators have outsourced some facets of their operations to third parties and cloud providers, new rules were needed to hold those service providers accountable, Janil Puthucheary, senior minister of state for the Singapore Ministry of Communications and Information, said in a speech before the country's parliament.
Singapore's amendment to its Cyber Security Act is the latest update to rules among Asia-Pacific nations.
In early April, the Malaysian Parliament passed its own Cyber Security Bill, which aims to establish a strong cybersecurity framework for the country, including requiring licensing for some firms and consultants.
The same month, Japan, the Philippines, and the US put in place a trilateral information-sharing arrangement to blunt nation-state attacks from China, North Korea, and other rival nations.
The Cyber Security Agency and the additional regulations have broad support in Singapore following extensive outreach to critical infrastructure providers, citizens, businesses, and legal experts, says Donny Chong, product director at Nexusguard, a denial-of-service defense firm.
Cybersecurity for Changing Times The original Cybersecurity Act aimed to strengthen the protections around CII, gave the Singaporean CSA the authority to manage the nation's cybersecurity prevention and response programs, and created a licensing framework for regulating cybersecurity service providers.
Officials quickly realized that stronger powers were needed to protect the national infrastructure and, as time went on, that cloud computing and cloud services have changed the regulatory landscape.
The CSA, for example, could not regulate any critical infrastructure provider or CII service provider that was wholly located overseas.
The amendment divides businesses and infrastructure operators into five categories: provider-owned CII, non-provider-owned CII, foundational digital infrastructure services, entities of special cybersecurity interest, and owners of systems of temporary cybersecurity concern, according to Lim Chong Kin, managing director and co-head of the data protection, privacy, and and cybersecurity group for Singapore-based law firm Drew & Napier.
The requirements for such organizations include audits, risk assessments, reporting of cybersecurity incidents, and required contract language for third parties, Lim says.
Geopolitics and AI Pose Key Challenges Because Singapore relies heavily on global trade and maintains an open digital economy, the country continues to be a popular target among threat actors, with both nation-state and cybercriminal groups targeting Singaporean organizations and individuals.
The future will also hold uncertainty, as both artificial intelligence and quantum computing are disruptive technologies that appear to be changing the threat landscape, Lim says.
For those reasons, updated regulations are just the beginning of a road to better cybersecurity, he says.
The country is already one of the most cyber-literate nations in the world.
More than 90% of Singapore residents communicate online, with the technology adoption rate at 94% in 2022, up from 74% in 2018, according to Singapore's Puthucheary.


This Cyber News was published on www.darkreading.com. Publication date: Wed, 15 May 2024 01:05:35 +0000


Cyber News related to Singapore Cybersecurity Update Puts Cloud Providers on Notice

Singapore Cybersecurity Update Puts Cloud Providers on Notice - Lawmakers in Singapore updated the nation's cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that ...
7 months ago Darkreading.com
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
9 months ago Techtarget.com
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
1 year ago Cybersecurity-insiders.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
11 months ago Techtarget.com
What's next on the horizon for telecommunications service providers? A look at 2024 with Red Hat. - In 2023, Red Hat met with so many customers and partners - from industry event interactions and individual meeting rooms to cross country visits and late-night service calls, we've learned so much from our trusted ecosystem. Now, service providers ...
10 months ago Redhat.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
11 months ago Feeds.dzone.com
7 Considerations for Multi-Cluster Kubernetes - A hybrid cloud is a cloud computing environment that combines public and private clouds, allowing organizations to utilize the benefits of both. In a hybrid cloud, an organization can store and process critical data and applications in its private ...
11 months ago Feeds.dzone.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
10 months ago Esecurityplanet.com
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
6 months ago Esecurityplanet.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
6 months ago Esecurityplanet.com
Managing the Requirements of a MultiCloud System - The use of digital technology has advanced to include cloud computing in the delivery of services, cost reduction, increased agility, and improved security. The emergence of various cloud solutions has led organizations to move their assets from ...
1 year ago Blog.isc2.org
What is cloud load balancing? - Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources. Cloud load balancing helps enterprises achieve ...
9 months ago Techtarget.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
7 months ago Crowdstrike.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
5 months ago Esecurityplanet.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Benefits and challenges of managed cloud security services - Too many organizations lack the in-house cloud security expertise and resources needed to protect cloud assets effectively. One option to address these challenges is managed cloud security. Outsourcing cloud security to a third party not only helps ...
10 months ago Techtarget.com
4 types of cloud security tools organizations need in 2024 - By now, organizations know which on-premises security tools they need, but when it comes to securing the cloud, they don't always understand which cloud security tools to implement. While many traditional on-premises tools and controls work in the ...
8 months ago Techtarget.com
Survey Surfaces Raft of Cloud Security Challenges - A global survey of 414 IT practitioners published this week found 40% of respondents are relying on legacy platforms and practices originally designed for on-premises IT environments to secure cloud computing environments. Conducted by Aviatrix, a ...
10 months ago Securityboulevard.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
10 months ago Cybersecuritynews.com
Middle East CISOs Fear Disruptive Cloud Breach - As organizations in the Middle East increasingly adopt cloud services, business leaders worry that their cloud-security measures are falling short. Running in the Cloud The worries arise as organizations in the Middle East accelerate their cloud ...
1 year ago Darkreading.com
Cloud Security: Ensuring Data Protection in the Cloud - Data Encryption: Protecting sensitive data is a top priority in cloud security. Cloud security is of utmost importance when it comes to protecting and ensuring the confidentiality of data stored and transmitted in the cloud. Data protection in the ...
10 months ago Securityzap.com
What is a cloud application? - A cloud application, or cloud app, is a software program where cloud-based and local components work together. Cloud application servers are typically located in a remote data center operated by a third-party cloud services infrastructure provider. ...
9 months ago Techtarget.com
REVIEW: ISC2 CERTIFIED CLOUD SECURITY PROFESSIONAL CERTIFICATION - The Certified Cloud Security Professional is a highly respected cybersecurity certification that addresses the needs of professionals and employers for robust and adaptable cloud security expertise. As cyber threats continue to escalate, the demand ...
11 months ago Cybersecurity-insiders.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
7 months ago Feeds.fortinet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)