Introduction
1. Good morning. It is a pleasure to be here.
2. The TechCon is now in its third year to bring together industry, partners, government, and defenders from all over the world. It has become a close-knit community of like-minded cyber practitioners, with one common mission to deal with digital threats.
3. I will touch on three aspects. First, the digital landscape today. Second, the need for collaborations to build a resilient digital defence. Third, the need to build capabilities.
Challenging Digital Landscape
4. Today, nearly every sector has gone digital. Many government services are delivered online. Our national digital ID, Singpass, powers more than 2,700 digital services. Our critical infrastructure, like energy and healthcare, also runs on digital networks and systems. This has provided convenience and efficiency.
5. However, opportunities often come hand in hand with threats. As the boundaries between the digital and physical worlds continue to blur, new risks emerge.
6. One threat actor that many of us are familiar with is the Advanced Persistent Threat Actor (APT). APTs are highly sophisticated, well-resourced actors that steal sensitive information and disrupt essential services. In the Russia-Ukraine war, APTs took down critical infrastructure and caused widespread power outages, ahead of physical attacks.
7. Singapore also continues to be a target. Between 2021 and 2024, suspected APT attacks on Singapore increased more than four-fold. In July, I shared that Singapore uncovered an APT – UNC3886. It was targeting our key Critical Information Infrastructure (CII). The potential damage from such attacks by APTs is serious and undermines our national security.
8. Other forms of digital threats such as ransomware attacks and digital scams are also evolving quickly and can severely disrupt society. Many leverage advanced technology and AI.
9. As these challenges continue to grow, strengthening our digital defence is a clear priority.
Deepening Collaborations
10. This brings me to my second point – Collaboration.
11. We have to work together because the bad guys are increasingly sophisticated and can conceal their activities. We need many different brains and torches to shine light, uncover the activities, and make it difficult for the attackers.
12. This is not one where you ever say that you have reached the end goal. It is always going to be a cat and mouse game and everyone tries to keep one step ahead. The attackers keep one step ahead but we have to be one step ahead of them. Collaboration is critical as we can develop playbooks that try to anticipate their moves and disrupt their activities.
13. Not everything can be done in the public sector. In Singapore, the government believes in actively working closely with industry partners.
14. For example, CSIT collaborates with many of the industry partners here today to discuss cyber threats targeting Singapore.
15. There are regular exchanges of salient threat intel and hands-on workshops. Such collaborations allow all parties to develop a more complete picture of the threat landscape and actors, so that we can be better prepared and take quicker action.
16. That is the way that we have managed to investigate the activities of UNC3886. Some of you here were deeply and actively involved with us. Without your support, we could not have done it as quickly and as effectively as we did. We thank you for that, and I hope we can continue to develop such valuable partnerships.
17. Events and platforms like this, and the partnerships being built, are extremely important. Next week, we have the Singapore International Cyber Week (SICW). It is another key platform for building relationships and discussing salient topics.
18. Sometimes it is more difficult to work within the government than outside in some countries, thankfully in Singapore it is not so difficult.
19. Collaboration within government is also critical. Agencies have to work closely and operate as one. From my perspective, I am glad to see that Singapore agencies have been working together. Perhaps our small size helps.
20. For example, after the SingHealth data breach in 2018, MOH, Singhealth, CSA, and law enforcement agencies came together to learn lessons and strengthen defences. CSA, CSIT and Govtech also work closely with the Police to combat scams.
21. Collaboration is critical within government and beyond government. When we work together, we are stronger.
Investing in Capabilities
22. My final point is on Capability-Building. For the public sector, investing in key technologies is absolutely essential.
23. We have to do exercises in realistic, operational settings. The Cyber Security Agency (CSA) is one example. It was established 10 years ago to safeguard our cyberspace and support national security. I recently made a visit to observe its annual nationwide cyber crisis management exercise, Exercise Cyber Star. This was its largest exercise to date, with close to 500 participants from CII owners across 11 sectors. It gave everyone a better understanding of how serious the problem is. Over time, we are able to build up our capabilities.
24. CSIT is another example. It was founded in 2003. Over 22 years, CSIT has built up a suite of cybersecurity capabilities and developed a deep understanding of digital threats. It also provides secure digital solutions for government agencies.
25. One key factor for its success is its very strong engineering core. I met several technical specialists when I visited them. They have been studying how threat actors exploit different technologies, some even before the term APT became well known.
26. In recent years, CSIT has been developing and stepping up its partnership with other government agencies. For example, CSIT and CSA have been working closely to strengthen defences for our CIIs.
27. This year, CSIT is taking a very important new step. It will further substantially enhance capability-building for Singapore’s digital defence. I am pleased to announce that CSIT will be setting up a new Digital Defence Hub (DDH). The DDH will focus on developing and deploying capabilities to support a wider range of agencies.
28. This will include capabilities that can be customised to bolster operational outcomes. It will also support a wide range of missions that are important to our national security, such as countering APTs and strengthening defenses. The DDH will be a key platform that facilitates collaborations for CSIT.
29. In summary, the DDH will bridge CSIT’s developing expertise with emerging needs and drive collaboration. This reflects CSIT’s commitment to learn more, share more, and do more together. I am confident that the DDH will play a critical role in strengthening our digital defence.
30. Thank you everyone for being here. I wish everyone a fruitful and engaging conference.
