The Prime Minister has set up a Public Sector Data Security Review Committee to conduct an extensive review of data security practices across the entire Public Service.
This includes all actions related to the collection and protection of citizens’ personal data by public sector agencies, as well as by vendors who handle personal data on behalf of the Government.
The Committee will be chaired by Deputy Prime Minister and Coordinating Minister for National Security, Mr Teo Chee Hean. Mr Teo Chee Hean is also the Minister-in-charge of Public Sector Data Governance. The Committee will include private sector representatives with expertise in data security and technology, as well as Ministers involved in Singapore’s Smart Nation efforts – Dr Vivian Balakrishnan, Mr S Iswaran, Mr Chan Chun Sing, and Dr Janil Puthucheary.
Government review on how they are securing and protecting citizens’ data from end-to-end
The aim of the Committee is to review how the Government is securing and protecting citizens’ data from end-to-end, including the role of vendors and other authorised third parties. It will also recommend technical measures, processes and capabilities to improve the government’s protection of citizens’ data, and response to incidents as well as develop an action plan of immediate steps and longer term measures to implement the recommendations
The Committee will use the experience of international experts and industry professionals, from both the private and public sectors. The Committee will also be supported by an inter-agency taskforce formed by public officers across the Whole-of-Government.
Next step in government data security initiatives
The Government has progressively enhanced security measures to safeguard sensitive data over the last few years. These security measures have included the Internet Surfing Separation policy in 2016 and the disabling of USB ports from being accessed by unauthorised devices in 2017. The Government has also increased the number and types of internal IT audits, to check on agencies’ data access and data protection measures. In 2018, they introduced measures to detect and respond more quickly to cyber threats that target critical government databases.
Recent hacks in public sector databases have created urgency for a data security review
In a release by The Prime Ministers Office, it said that the “Government has acknowledged that recent data-related incidents have underlined the urgency to strengthen data security policies and practices in the public sector. “
While individual agencies are investigating and taking action on the specific incidents, this Committee will undertake a comprehensive review and incorporate industry and global best practices to strengthen data security across the public sector.
This review will help to ensure that all public sector agencies maintain the highest standards of data governance. The government has recognised that it is essential to uphold public confidence and deliver a high quality of public service to citizens through the use of data. The work of this Committee will complement the governments efforts towards achieving the Smart Nation vision.
The Public Sector Data Security Review Committee will submit its findings and recommendations to the Prime Minister by 30 November 2019.