Dubbed the Infocomm Security Masterplan, the program will focus on developing the manpower capabilities to manage the increasing number of online threats and establishing an early-warning system for cyber attacks.
Speaking at the launch, Tony Tan, Singapore's deputy prime minister and coordinating minister for security and defense, noted that infocomm security is critical to prevent the country's economy and society from being disrupted in the event a Web-based attack is launched against the country.
The investment will be spread over three years and is the "seed funding" for developing the necessary capabilities and initiatives outlined in the Masterplan, said Peter Ho, chairman of the National Infocomm Security Committee.
To be jointly implemented by the committee and Infocomm Development Authority of Singapore (IDA), the program is aimed at all user groups, from government sectors to private companies to the general public.
Some initiatives planned include enhancing training and certification programs to elevate the skills of security practitioners, ramping up campaigns to increase public awareness of information security, and setting up a new National Cyber-threat Monitoring Center.
Scheduled for launch in the second half of 2006, the facility will provide 24 by 7 tracking and analysis of cyber threats including computer worms and viruses, phishing scams and hacking attempts, Ho explained.
While the center will be manned by its own team of professionals, it will also leverage commercial monitoring services from security software vendors such as McAfee and Symantec, he said.
Alerts will then be pushed out to government agencies and businesses that are linked with the National Cyber-threat Monitoring Center, he added. The facility will complement the services provided by the Singapore Computer Emergency Response Team, an IDA-operated group that assists the public and companies in handling hacking incidents and virus attacks.
There are also plans to introduce a Common Criteria Certification Scheme so that Singapore will have the capability to certify infocomm products against an international benchmark, Ho said.
Assuming accountability
Organizations must also take the lead and assume responsibility for the security of their assets, including the security of their networks, IT systems and data, Ho said.
"You may delegate the authority and you may outsource the work, but ultimately, you must be fully-accountable if the security of your data systems and infocomm infrastructure is compromised," he stressed.
Play video
There are currently no comments for this post.