Published: 16 July 2019
Ladies and Gentlemen,
Very Good Afternoon.
1. It is my pleasure to be here today. This is the 7th year that the Singapore Ministry of Home Affairs (MHA) is supporting the RSA Conference Asia-Pacific & Japan in Singapore. This is an important platform for all of us, policy makers, thought leaders, and cybersecurity professionals from around the region to discuss issues pertaining to cyber threats.
2. The theme for this year’s conference is "Better". What does being "Better" mean? To be better, first we have to:
a) Work hard to find better solutions to cyber threats of today and tomorrow,
b) Make better connections with peers from across the world to address these threats, and
c) Keep the digital world safe so everyone can get on with making the real world a better place.
3. As we reach a critical juncture of the 4th Industrial Revolution and transition into the future digital economy, the theme for this year is most relevant.
4. Digital technologies, such as Artificial Intelligence, Internet of Things (IoTs), robotics and automation, are a double-edged sword. While digitalisation offers immense opportunities to transform our economies and way of life, the increasingly pervasive connectedness that comes along with it exposes all facets of society to cyber threats.
5. Just twelve years ago in 2007, Estonia became one of the first countries in the world to experience a serious cyberattack that crippled the online services of many Estonian organisations including banks, media outlets and Government agencies.
6. Cyber threats have since become increasingly prevalent, sophisticated and transboundary in nature. For instance, cybercriminals exploited the GozNym Malware to steal over US$100 million from more than 41,000 businesses and financial institutions in the US, Canada, Germany and Poland in 2016.
7. Globally, the cost of cybercrime has gone up. The US Center for Strategic and International Studies has estimated that cybercrime may cost as much as US$600 billion, or nearly one percent of global GDP, each year.
8. We need to adopt a multi-pronged approach to tackle increasingly complex and evolving cyber threats.
B. Better Regional and International Collaboration
9. First, we need to foster better regional and international collaboration.
10. Cybercrime has no respect for international boundaries. It is not tenable or sufficient for countries to tackle cyber threats unilaterally. We need to work together, to enhance our capabilities, and strengthen cooperation in preventing and responding to cybercrime.
Enhanced Regional Cooperation
11. As the ASEAN Voluntary Lead Shepherd on Cybercrime, Singapore has introduced new initiatives to raise the preparedness and response capabilities of ASEAN member states against cybercrime.
12. We are heartened that our ASEAN counterparts gathered in Singapore for the 6th ASEAN Senior Officials Roundtable on Cybercrime (SORC) to discuss efforts to increase cooperation, enhance capability development, and facilitate capacity building in the region and beyond.
13. Since 2015, the ASEAN SORC has also expanded to include our ASEAN Plus Three Dialogue Partners from China, Japan and the Republic of Korea to encourage further cooperation in combating cybercrime. We appreciate the wider perspectives that they have offered in addressing the growing threat of cybercrime.
14. I understand that aside from policymakers, our operational officers will be attending the ASEAN Plus Three Cybercrime Conference organised by the Singapore Police Force at the INTERPOL Global Complex for Innovation (IGCI). Such interactions and exchanges at the policy and operational levels help to enhance our collective capability to address increasingly sophisticated and transnational cybercrime.
Enhanced International Cooperation
15. Beyond regional partnerships, international organisations play a crucial role in capacity building, information sharing on latest trends and developments, best practices and international cooperation in the fight against transboundary cybercrime.
16. INTERPOL’s network of 194 members offers a wealth of opportunities for cross-boundary initiatives to enhance our competencies to combat cybercrime. The ASEAN Cyber Capability Desk (ASEAN Desk) was launched in the IGCI in July 2018 to tap on INTERPOL’s resources, to drive ASEAN-centric joint operations against cybercrime.
17. I urge all ASEAN member states to lend your support by seconding officers to the IGCI.
18. Beyond our ASEAN law enforcement counterparts, we have also received strong support from external partners for initiatives which enhance the region’s collective capacity to combat cybercrime. For instance, the ASEAN Cyber Capacity Development Project (ACCDP), funded by the Japan-ASEAN Integration Fund 2.0 and implemented by INTERPOL, will be embarking on Phase 2 soon. Global participation in such initiatives would be a meaningful and worthwhile investment bringing valuable returns to each country.
C. Better Government Capabilities
19. Second, we need to beef up Government capabilities to stay ahead of cyber threats.
20. Given the proliferation of digital technologies, where IoT devices and sensors in our daily lives can potentially be compromised by cyberattacks, cybersecurity is not just an "IT issue".
21. Just as criminals and malicious actors exploit technology for nefarious purposes, our security and law enforcement agencies need to continuously innovate, adapt and leverage on technological breakthroughs to fundamentally change the way we operate or we risk lagging behind cyber threats and malicious actors.
Setting up of New Home Team S&T Agency
22. To ramp up on our capabilities, MHA will be setting up a Home Team Science & Technology (S&T) Agency by the end of this year. The new Statutory Board will:
a) First, drive capability development and develop tailored solutions in S&T domains critical to the Home Team’s operations. Cybercrime and digital forensics will be one key domain of focus for this new Statutory Board. Other domains include CBRNE (Chemical Biological, Radiological, Nuclear and Explosives) threats, sense-making and surveillance technologies, command and control systems, biometrics, data science and artificial intelligence and forensic investigations in crime scene, drugs, document fraud and fires.
b) Second, attract and develop organic S&T talent in these domains of interest, including in the cyber and digital forensics domains.
c) Third, conduct Research and Development (R&D) and push the innovation boundaries for cutting-edge S&T capabilities to support the Ministry’s mission of keeping Singapore safe and secure.
Improving Upstream Catchment of Cyber and Digital Forensics Talent
23. With increasing cyber threats, the demand for cyber and digital forensics talent will only continue to rise. There is currently a shortage of cybersecurity professionals worldwide and the situation is no different in Singapore. The Cyber Security Agency of Singapore (CSA) has warned that Singapore is set to face a potential talent shortage of up to 3,400 cyber-security professionals in 2020.
24. Therefore, to develop a sustainable pool of skilled practitioners to meet our cyber and digital forensics needs, we must start now to groom young and passionate professionals.
25. Today, I am happy to announce the launch of the inaugural "Cyber Investigators’ Challenge".
26. It is a 1-day "Capture-the-Flag" event, where students from Junior Colleges (JCs), Polytechnics, Institutes of Technical Education (ITEs) and Universities can play the role of cyber and digital forensic investigators. They will work on challenging cyber and digital forensics "criminal" cases and be able to experience for themselves the thrill and satisfaction of solving some of these cases.
27. Through the "Cyber Investigators’ Challenge", we hope to generate interest among the young in the cyber and digital forensics profession and attract more budding enthusiasts and talent into this sector. At the same time, this serves as a platform for them to challenge themselves and put their skills to the test.
28. MHA has also launched a new S&T Associates Programme to attract and develop organic S&T talent, including in the cyber and digital forensics fields, for the new S&T Statutory Board.
29. The programme provides young professionals interested in a S&T career the opportunity to work on a diverse range of meaningful and interesting projects that have a direct bearing on the safety and security of Singapore.
30. Given the close nexus and the quick turnaround between R&D and deployment of new cyber and digital forensics solutions to support real-life operations against cybercrime, S&T Associates will be able to derive immense satisfaction from seeing how their work can positively affect the daily lives of fellow citizens.
31. We hope that this will improve the attractiveness of cyber and digital forensics careers for aspiring young professionals as they start their working lives.
D. Improve Public Awareness
32. The third area is we need to improve public awareness of cyber threats.
33. As a community, we are only as strong as our weakest link. We need to adopt a whole-of-society approach to prevent cybercrime and empower our citizens to better protect themselves against these threats.
34. For example, the Singapore Police Force has a dedicated scam advisory hotline and a ‘Scamalert.sg’ website for individuals to share their personal experiences. Their stories helped to alert the community on Internet love scams, lottery scams, and other types of scams. This reinforces the message that the threat of cybercrime is real, and anyone can be a victim.
35. For vulnerable groups, such as our senior citizens, the Singapore Police Force engages them through house visits and Silver Watch, a programme to equip them with crime prevention knowledge.
36. With a more cyber-literate public, our societies will be better able to prevent cybercrime and other cyber threats.
37. Digitalisation brings both opportunities and convenience to our societies and economies. As our lives and societies become more digitalised, it is imperative that we continue to build up our capabilities to address increasingly sophisticated cyber threats.
38. To recap, it is important to adopt a multi-pronged approach to address these cyber threats, through:
a) Better regional and international cooperation;
b) Better government capabilities; and
c) Better public awareness.
39. A conference like this is important. It allows us to share best practices from around the region, generate awareness and interest in cybersecurity, and most importantly, foster strong networks of collaboration with government authorities, industry and the academia.
40. On this note, I wish you a fruitful and engaging conference in Singapore. Thank you.