The Cyber Security Agency of Singapore (CSA) has taken a significant step in its ongoing battle against cyber-attacks. It has launched the Cybersecurity Toolkits for Enterprises and new SG Cyber Safe Partnership Programme. These were announced by Minister of State for Communications and Information, Mr Tan Kiat How, at the SG Cyber Safe Partnership Programme, held as part of the Singapore International Cyber Week (SICW) 2021. The SG Cyber Safe Programme is one of the major initiatives under CSA’s Safer Cyberspace Masterplan. The Masterplan – launched at SICW 2020 – aims to bring up the general level of cybersecurity awareness and drive adoption of good cyber practices by individuals, businesses and the larger community. The SG Cyber Safe Programme targets specifically businesses and enterprises to raise their cybersecurity awareness, equip them with relevant tools and resources to take action in raising their enterprise cybersecurity posture, and encourage cybersecurity adoption. “Cybersecurity is a collective responsibility that requires the government and the industry to work closely together. The Government alone cannot reach out to all businesses to encourage them to strengthen their cyber resilience. Private-public collaboration is therefore key to ensuring that businesses stay cyber-secure. We welcome other industry partners who are keen to work with CSA to drive cybersecurity awareness, shift attitudes and encourage adoption amongst enterprises in their digitalisation journeys,” said Mr Tan. Simplifying Cyber security To help enterprises take greater ownership of cybersecurity, CSA has tailored the SG Cyber Safe cybersecurity toolkits for key enterprise roles: large enterprise leaders and Small Medium Enterprise (SME) owners, IT teams, and employees. The toolkit for enterprise leaders and SME owners will focus on the business reasons for business leaders and SME owners to invest in cybersecurity, such as rationalising investment in cybersecurity, and how fostering a culture of cybersecurity would enable enterprises to reap the benefits of digital transformation. Although 80 per cent of Singapore SMEs embrace digital transformation and have digital transformation in place, cybersecurity has been the key reason for small enterprises not digitalising. The toolkit is one way to simplify cybersecurity and enable business leaders of all enterprise sizes to make informed trade-offs between security, system usability and cost. Topics include the cultivation of cybersecurity leadership and guidance for employee cybersecurity education. As Singapore builds up its digital economy and more businesses go digital in the wake of the COVID-19 pandemic, cyber threats such as ransomware and supply chain attacks continue to remain major concerns. For instance, CSA’s Singapore Cyber Landscape report released in June 2021 showed a 154 per cent increase in ransomware cases year-on-year: from the 35 cases reported to CSA in 2019 to 89 reported cases in 2020. These cases affected mostly Small-and-Medium Enterprises (SMEs). SMEs and larger enterprises could also be susceptible to the downstream ramifications of supply chain attacks, as highlighted by the SolarWinds and Kaseya supply chain cyber incidents in the past two years. For employees the cybersecurity toolkit for employees is intended for enterprises to “plug and play” as an employee programme for raising awareness and conducting cybersecurity training. This is crucial as employees are the first line of defence and key to any enterprise’s cybersecurity. The toolkit encourages employees to self-serve and learn about cybersecurity to stay cyber safe at work as well as in their private life. The content addresses the most common cyber threats faced by employees such as phishing, as well as weak cybersecurity practices such as using compromised and weak passwords. Industry Partnership CSA will also be partnering the industry to further drive cybersecurity awareness to local businesses, individuals and the wider community. Under the new SG Cyber Safe Partnership Programme, enterprises could develop training content, products and services, or community outreach programmes to raise awareness and encourage adoption of good cybersecurity practices by businesses and public. Under the programme, partnering organisations are classified under two categories: SG Cyber Safe “Advocate” and “Member”. Advocates would typically have a greater and deeper level of collaborations with CSA – such as co-developing programmes and conducting enterprise outreach that complement SG Cyber Safe initiatives. For a start, CSA has secured the support of 19 partners – comprising global and local business organisations, trade associations and societies – under the programme. The cybersecurity toolkits for enterprise leaders and SME owners, and employees are now available for download and use at www.csa.gov.sg/sgcybersafe.