Signal: Singapore Invests More Than $16 Million in Cybersecurity R&D
Singapore is going to invest $16 million (EUR 9.9 million) in cybersecurity research and development (R&D). In addition, the country is also ramping up its cyber defence and cybersecurity legislation. This report discusses these measures as well as the underlying notable increase in cyberattacks and cyber crime in Singapore during the last years. The report concludes with some insights on possible opportunities for Finnish companies providing different cybersecurity solutions.
Rise of cyber crime and -attacks
Cybersecurity and cyber defence are of high importance in Singapore and the country has experienced a rise in cyber crime and cyberattacks during the recent years. The Singapore Police Force (SPF) has noted an increase in the proportion of cyber crimes to overall crime cases from 7.9 per cent in 2014 to 13.7 per cent in 2016. The SPF also observed that the portion of non-traditional cyber crimes such as hacking, ransomware and the compromise of online accounts had increased in relation to traditional crimes committed via the means of a computer system. These traditional crimes refer to e.g. online cheating through e-commerce scams. The number of non-traditional cyber offences grew from 280 cases in 2015 to 691 cases in 2016.
Singapore has also experienced major cyberattacks over the last years. An unnamed government agency became victim of a state-sponsored cyberattack in 2016, the personal details of 850 staff members of the Ministry of Defence were stolen in February 2017 and in April 2017 two universities were the subject of high-profile Advanced Persistent Threat (APT) attacks that were aimed at stealing government and research data.
The investment in cybersecurity R&D
During the Singapore Week of Innovation and Technology in September 2017 Singapore's Finance Minister, Heng Swee Keat, announced that Singapore will invest over SGD 16 million (EUR 9.9 million) in cybersecurity research and development. The investment will fund two separate programmes that seek to produce more commercial cybersecurity solutions.
The first programme grants funding of SGD 15.6 million (EUR 9.65 million) to nine projects under a grant call by the National Security R&D programme. All of these projects will be based upon the co-operation between academic researchers and a cybersecurity company. They will also pertain to the three key cybersecurity priorities set by Singapore: national security, critical infrastructure and SmartNation. The other programme consists of a SGD 600.000 (EUR 372.000) investment in six projects under a seed grant call by the Singapore Cybersecurity Consortium.
The Government Technology Agency of Singapore (GovTech) has also awarded six different companies with a contract worth about SGD 50 million (EUR 30,8 million). The purpose of the contract is to tighten the defence against sophisticated attacks and the awarded companies are expected to keep the government websites running and fully available to the public even while under attack.
Enhancement of cyber defence
In addition to the investment in cybersecurity R&D, Singapore is also putting aside $1.5 million (EUR 0.9 million) to train the technical officers of ASEAN member states in order to enhance the region's preparedness to combat cyber threats.
Singapore Armed Forces (SAF) are also building a corp of about 2.600 so called "cyber defenders" that will constitute of both regulars and national servicemen. The SAF is also going to form a command that will be in charge of the countermeasures to cyberattacks and the running of the military's networks. According to the country's Defence Minister, Ng Eng Hen, Singapore has become a target for orchestrated cyber attacks and the SAF is adapting to a new threat environment.
Singapore's Cyber Security Agency (CSA) released a proposal for a Cybersecurity Act on the 10th of July 2017. One of the Bills main objectives is to increase the powers of the CSA. The new legislation would enable the CSA to order investigations into suspected cyberattacks. The Act would also prevail over current privacy and banking legislation that forbids data sharing. This has raised concerns and stimulated debate in Singapore regarding the relationship between security and privacy. Some consider the Bill as a "Big Brother Bill" that would give too much power to the CSA whereas others question whether the authorities would acquire enough power through the Bill in order to be able to thwart digital threats efficiently.
The public consultation regarding the Bill was concluded in August 2017. The aforementioned concerns about the increased powers of the CSA were raised during the consultation which resulted in some minor adjustments. The Bill is currently being finalised and it will be tabled for debate in Parliament during 2018.
Insights for Finland
It is clear that cybersecurity and cyber defence are major concerns in Singapore and that the country is putting a lot of effort in the enhancement of its cybersecurity and cyber defence. The country could possibly be interested in different cybersecurity -solutions that Finnish companies might would be able to provide.