Singapore updates OT security blueprint to focus on data sharing and cyber resilience

Singapore has updated its operational technology (OT) cybersecurity blueprint to focus on enhanced data sharing, policies and processes, and skills training. According to the Cyber Security Agency (CSA), it has also been expanded to include non-critical infrastructures. 

Also: AI-powered ‘narrative attacks’ a growing threat: 3 defense strategies for business leaders

First released in 2019, the OT security masterplan needed an update to keep up with a threat landscape that has evolved in scale, sophistication, and frequency, CSA said. As digital tools and connectivity are now widely adopted, cyber resilience is essential for non-CII (critical information infrastructures) sectors, and all organizations must think about “secure by deployment” principles. 

“The OT cyber landscape environment has become increasingly perilous due to the evolving tactics and strategies of threat actors,” CSA said. 

It added that the updated masterplan aims to address threats that target OT systems amid geopolitical and technological shifts, including a significant spike in hacktivism attacks targeting OT assets of “non-aligned countries” and the integration of technologies, such as edge computing and the Internet of Things (IoT), which have increased the attack surface for OT systems.

Also: As use of IoT devices grows, so do the associated security risks

CSA said the masterplan was revised based on consultation with OT stakeholders, government agencies, industry players, and academia. 

The 2019 masterplan included a list of mandatory cybersecurity measures for OT systems and cyber defense drills, resulting in the establishment of the OT Cybersecurity Information Sharing and Analysis Center to ease information sharing and facilitate responses against OT cyber threats.  

The 2024 update encompasses initiatives that look to boost cyber resilience and “shape OT organization’s behavior” through new policies and training to drive fast response to threats, CSA announced. These include plans for a framework to develop the local cybersecurity workforce and professional competency through partnerships with Institutes of Higher Learning to integrate the OT cybersecurity syllabus into computer science and engineering degree courses. 

The updated blueprint will also ease data sharing and reporting to bolster situational awareness of Singapore’s cyber landscape and better protect its CIIs and essential OT infrastructures. 

Also: Singapore updates cybersecurity law to expand regulatory oversight

Moreover, CSA explained that these initiatives would help streamline processes to accelerate information sharing and deepen collaboration with the OT information and analysis center and sector regulators. As the security authority begins to assess mechanisms to support incident reporting, ultimately motivating organizations to step up and report such activities. 

In addition, it is developing a data-driven model to enhance visibility across the supply chain that impacts both CII and non-CII sectors. The aim here is to provide accurate and up-to-date data and analysis of vendor risks, CSA said. 

“Cyber risks are widespread and impact CII and other important OT systems due to dependency or supply chain risks,” it said. A data platform will improve CSA’s visibility of cybersecurity risks OT infrastructures face and monitor these risks. The regulator can then issue alerts and advisories to guide these sectors on the necessary remediation or mitigating controls, CSA explained.  

The 2024 masterplan aims to drive fundamental development principles embedded within security rather than included as an afterthought. 

Also: The biggest challenge with increased cybersecurity attacks, according to analysts

“The adoption of the secure-by-deployment principles is crucial in safeguarding the entire lifecycle management of OT systems, from product design, deployment, and maintenance involving multiple stakeholders from original equipment manufacturers (OEMs), systems integrators to asset owners,” CSA said. 

OEMs, for instance, should ensure their products incorporate industry best practices to mitigate cyber threats throughout their lifecycle. They should also ensure their products are secure by default and mindful of the complexities and costs of protecting users. 

CSA added that 14 OEMs and cybersecurity vendors, including Honeywell, Schneider Electric, Siemens Energy, ST Engineering, Yokogawa Engineering Asia, Check Point Software Technologies, and Fortinet, have pledged to adopt secure-by-deployment principles. 

Plans are also underway to establish an OT cybersecurity center of excellence to facilitate research into emerging OT cybersecurity technologies and develop tools to address industry concerns about their impact on business operations, CSA said. 

Also: AI is changing cybersecurity and businesses must wake up to the threat

“From the 2010 Stuxnet incident, the EKANS attack on Honda in 2020, to the discovery of the Pipedream malware toolkit in 2022, it is clear that threats to our OT environment are real and growing in sophistication and intent,” said David Koh, CSA’s chief executive, and Singapore’s cybersecurity commissioner. “Successful compromise of [OT] systems, which the delivery of essential services depends on, will jeopardize our national security, public and environmental safety, the economy, and our way of life. The stakes are too high to ignore, and we must push the envelope and do more.”

“The growing convergence between IT and OT systems also expands the attack surface and introduces new risks that must be mitigated,” Koh said, reiterating the need for more robust training while boosting the cybersecurity resilience of OT systems by adopting cybersecurity best practices.