Cybersecurity 2025

SINGAPORE Law and Practice Contributed by: Lim Chong Kin, David N Alfred, Albert Pichlmaier and Goh Boon Yeow, Drew & Napier LLC

1. General Overview of Laws and Regulators 1.1 Cybersecurity Regulation Strategy The first iteration of the Singapore Cybersecurity Strategy was published by the Cyber Security Agency of Singapore (CSA). It outlined meas - ures to build resilient infrastructure, and create a safer cyberspace for Singapore, among other objectives. The strategy was revised in 2021 to take a more proactive stance to addressing the evolving cyber threat landscape. The Singapore Cybersecurity Strategy 2021 extends the previ - ous strategy by recognising the emergence of disruptive technologies like edge computing and quantum technologies, alongside increasingly sophisticated threat actors exploiting pervasive connectivity. Developed in consultation with multiple stake - holders, including industry, and local and overseas academia, the 2021 strategy aims to proactively defend Singapore’s cyberspace, simplify cybersecurity for users, and advance international cybersecurity norms. The 2021 strategy also emphasises the importance of a strong cybersecurity workforce and ecosystem as key enablers of Singapore’s cybersecurity. Key components of the 2021 strategy include the following. Three Strategic Pillars • Building resilient infrastructure: beyond expanding the CSA’s regulatory remit under the Cybersecurity Act 2018, the CSA also encourages enterprises and organisations to adopt a risk management mindset (as opposed to a compliance mindset) and invest in their digital infrastructure. • Enabling a safer cyberspace: the government will take the lead in securing digital infra - structure and support the development of a

healthy digital environment. In particular, the government will make it easier for everyone to secure their devices and use secure applica - tions. • Enhancing international cyber co-operation: the government will advance the develop - ment and implementation of voluntary, non- binding norms, which sit alongside interna - tional law. The government will also advocate the development and adoption of technical and interoperable standards and step up operational co-operation with international partners. Two Foundational Enablers • Developing a vibrant cybersecurity ecosys - tem: the government will galvanise the cyber - security industry and academia to develop advanced capabilities, build world-class products and services, and grow Singapore’s cybersecurity market. • Growing a robust cyber talent pipeline: the government will work closely with schools to educate students in cybersecurity and nur - ture budding cybersecurity enthusiasts and partner with industry and institutes of higher learning to develop skills and competency frameworks for cybersecurity professionals. The Singapore Cybersecurity Strategy 2021 underscores Singapore’s commitment to a mul - ti-faceted approach to cybersecurity, recognis - ing the shared responsibility of all stakeholders in safeguarding the nation’s digital interests. In terms of cybersecurity regulation, the dedi - cated cybersecurity law, the Cybersecurity Act 2018 (see further details at 1.2 Cybersecurity Laws ), had three objectives when it was first promulgated:

225 CHAMBERS.COM

Powered by