“We have to go forward, to build a secure and smart nation,"
Lee Hsien Loong,
Prime Minister of Singapore
Over the years, Singapore has ranked top 10 of all
countries in many surveys and lists based on IT innovation, smart city
initiatives and e-government development. Utilising technologies such as
Internet of Things, Big Data, and Cloud, Singapore has advanced well in
implementing technology in the government.
With the use of new technologies, data is more important
than ever before. More data is collected and stored, which requires high
security to keep it safe. Unable to secure data would result in high risk of
threats, such as network breaches and stolen data, which ultimately affects data
credibility. Leaving data and infrastructure vulnerable could bring
opportunities of identity theft, access of confidential data and even loss of
data. Unfortunately, we are seeing more of this.
So how safe are we?
The growing amount of data is requiring government to
rethink their systems which includes data governance, security system,
infrastructure and risks. The risks could be lessened by focusing on the
improvements of how we collect, manage and secure data.
How could data affect the
organisation and the country?
Technologies such as IoT and cloud are accompanied by cyber
threats with the nature of the technology highly depending on the internet.
Cyber threats are an extension of data security as it includes more methods to
approach data, compared to the conventional way. Some think that organisations
that use cloud computing have more issues to be concerned of regarding their
data. This is an ongoing debate.
The success of
Singapore’s Smart Nation vision is heavily dependent on its ability to mitigate
new forms of cyber risks. Speed and accuracy in the delivery of public
services is important but equally important is the need for speed in addressing
cyber-threats that can come from anywhere and move faster than
So where are the answers? What is the solution?
OpenGov is pleased to bring a very
timely Breakfast Insight to discuss
and deliberate these issues with the top Singapore agencies that would help the
attendees to enhance their knowledge, learn from the experiences of your peers
and the gain insights into the latest tools and practices available to develop
cutting edge strategies to help protect their organisations from these
We will be discussing:
Privileged Access Security - Implementing Comprehensive Privileged Access Security
Privileged Access Security is
designed to stop attacks before they stop business. The purpose it to make it difficult for
attackers to access privileged accounts, and endeavour to allow security teams
to monitor behaviours for unusual privileged access.
A good privileged access
security solution proactively
secures against cyber threats before attacks can
escalate and do irreparable damage. By managing privileged access,
organisations can meet compliance requirements and reduce their security risk
without introducing additional operational complexity.
Recently, the Auditor-General
Office released its annual audit report on the public sector that
highlights several issues on the management
of contracts, financial and technology weaknesses. Particularly regarding
technology, it mentioned the insufficient
monitoring of privileged users’ activities and the failures to manage user
accounts and access rights.
How are leading agencies and departments
protecting their privileged accounts and what are the best practices? When was
the last time you assessed your organisation’s privileged access?
Automation, Agility and DevOps:
A Marriage of Convenience or a Match Made in Heaven?
practices such as DevOps are adopted, the level of automation and agility
required increases. Agility and automation enables the agencies to move
rapidly, and at the same time, develop and deploy programs to better serve
citizens and their evolving needs.
to understand some of the core
vulnerabilities and risks that need to be addressed to protect an
organisation’s cloud environment. As the level of automation increases, the vulnerabilities
and attack surface also increase. Consequently, it is important that
organisations are aware of and defend against the vulnerabilities that can come
with automation. How can automation
affect data security?
The collaborative approach of DevOps also allows
the government agencies to monitor the compliance of contractors to
avoid any data leakage, weak system infrastructure and risks.
instance of DevOps project under
Smart Nation initiative is the Parking.sg
by GovTech with the support of the Ministry of National Development (MND), the
Urban Redevelopment Authority (URA) and the Housing and Development Board
(HBD). Launched in October 2017, this app is designed to eliminate parking
coupons and replacing it with a more tech-savvy system for Singaporeans to
digitally pay their parking.
Will this kind of implementation ensure that breaches of this scale are
managed? It appears cyber security teams can learn a lot from the experiences
of DevOps, and if this is the case, will breaches become less likely?
Government’s multi-pronged Cloud Strategy – Governance and
The Singapore Government is
adopting a multi-pronged approach to cloud computing by leveraging on
commercially-available public cloud offerings where appropriate. At the same
time, implementing a private government cloud called, Central G-Cloud, for
whole-of-government use for security and governance requirements that cannot be
met by public clouds. For
example, GovTech’s Centralised Content
Website Platform (CWP) framework aims to deliver government agencies with a
standardised software suite which includes website hosting unclassified
information securely on the cloud.
Is this the
answer we are looking for or is two levels of security and governance a stop
invites you to discuss these
areas of concern to a closed door,
invitation only Breakfast Insight session which will be a concise, focused, strategic level
discussion designed to enrich learning within a short span of just 3 hours!
You will hear expert presentation by internationally renowned
cybersecurity expert Prof. Greg Austin. Dr Austin is a Professor in the
Australian Centre for Cyber Security at the University of New South Wales
He concurrently serves as a Professorial Fellow with the East
West Institute (EWI) in New York. He has a 40-year career in
international security affairs, including consultancy research, with
specialisation in cyber security, counter-terrorism, China and Russia.
He has led consultancy teams for the UK and Australian
Dr. Austin has worked with leaders in government and
business at high levels, and diplomats, in many countries (China, Russia, UK,
USA, France, Germany) and international organisations (UN, NATO, OSCE, OIC,
SCO, APEC and ASEAN). He has led several high profile multinational research
and policy projects with visible impact.