The Cyber Security Agency of Singapore (CSA) has launched an Operational Technology (OT) Cybersecurity Masterplan as a key part of its efforts to enhance the security and resilience of Singapore’s Critical Information Infrastructure (CII) sectors in delivering and maintaining essential services.
The OT Cybersecurity Masterplan will serve as a strategic blueprint to guide Singapore’s efforts to foster a resilient and secure cyber environment for OT CII, while taking a balanced approach between security requirements, rapid digitalization and ease of conducting business-as-usual activities.
Coordinating Minister for National Security, Teo Chee Hean announced the masterplan at the October 1 opening of the fourth Singapore International Cyber Week (SICW). The theme for SICW 2019 is Partnerships for Trust and Confidence, to emphasize the importance of close collaborations among governments, industry and various stakeholders to ensure a trusted and secure cyberspace, which will be an enabler for economic growth.
OT Cybersecurity Masterplan: Four Key Thrusts
Aiming to improve cross-sector response to mitigate cyber threats in the OT environment and to strengthen partnerships with industry and stakeholders, the OT Cybersecurity Masterplan outlines key initiatives covering the areas of People, Processes and Technology to raise the cybersecurity postures of Singapore's Critical Information Infrastructure owners and organisations that operate OT systems.
Key thrusts in the OT Cybersecurity Masterplan include:
1. Providing OT cybersecurity training to develop human capabilities
2. Facilitating the sharing of information through an OT Cybersecurity Information Sharing and Analysis Centre (OT-ISAC)
3. Strengthening OT owners’ policies and processes through the issuance of an OT Cybersecurity Code of Practice (CCoP)
4. Adopting technologies for cyber resilience through Public-Private Partnerships
In addition, the Masterplan encourages OT equipment manufacturers and service providers to implement cybersecurity in the developmental phase, so that products and systems are in-built with strong cybersecurity measures.