Peek Into the New Cybersecurity Act, Latest Attack & Demand for Cybersecurity Insurance
For further information please contact
Andy Leck +65 6434 2525 firstname.lastname@example.org
Lim Ren Jun +65 6434 2721 email@example.com
Baker & McKenzie.Wong & Leow 8 Marina Boulevard #05-01 Marina Bay Financial Centre Tower 1 Singapore 018981
The Singapore Government announced earlier this year that a new, standalone Cybersecurity Act will be tabled in Parliament in 2017. On 26 October 2016, the Minister for Communications and Information, Mr Yaacob Ibrahim, provided a further glimpse of the impending laws. The Minister was speaking at the Financial Times Cyber Security Summit Asia Pacific held in Singapore.
The new Cybersecurity Act will institute standards for incident reporting, audits and risk assessments. It will also facilitate the sharing of cybersecurity information, and mandate the participation of critical information infrastructure operators in cybersecurity exercises.
Importantly, the Government envisions that the new Act will complement the existing Computer Misuse and Cybersecurity Act, which will continue to govern cybercrime investigation.
The Minister also observed that businesses need to spend more on cybersecurity, to keep pace with increased digitisation. At present, the Government is the largest contributor of cybersecurity expenditure. It plans to further increase its cybersecurity spending to 8% of its information technology budget.
The Minister's speech follows Singapore Prime Minister Lee Hsien Loong's recent announcement that the country will embark on a new cybersecurity strategy, which seeks to construct a more robust cyber environment for Singapore.
The Government's latest policy initiatives come in the wake of increased cybercrime in Singapore. Recently, local telecommunications provider Starhub suffered two broadband service outages that were the result of malicious distributed denial-of-service (DDoS) attacks on Starhub's domain name servers (DNS). As a result, some customers temporarily faced intermittent broadband access.
In view of the growing threat of cybercrime, more companies in Singapore are looking to obtain cyber insurance coverage. Local insurance companies report a marked increase in enquiries on cyber insurance policies. Given the high financial and reputational costs of remedying cybersecurity breaches, this surge in demand comes as no surprise.
While the actual take-up rate of cyber insurance policies remains modest, it is likely that the adoption of such policies will become ubiquitous as companies strengthen their cybersecurity frameworks.
It will be interesting to see if the Government provides further information on the impending Cybersecurity Act, such as whether critical information infrastructure operators will be subject to mandatory reporting obligations, and the extent to which these obligations, if any, may extend across all business sectors.
2016 Baker & McKenzie. All rights reserved. Baker & McKenzie International is a Swiss Verein with member law firms around the world. In accordance with the common terminology used in professional service organizations, reference to a "partner" means a person who is a partner, or equivalent, in such a law firm. Similarly, reference to an "office" means an office of any such law firm.
This may qualify as "Attorney Advertising" requiring notice in some jurisdictions. Prior results do not guarantee a similar outcome.