Proposed law will require owners of critical services like water, banking to report more types of cybersecurity incidents

SINGAPORE: Owners of critical information infrastructure (CII), such as those providing water, electricity and banking services, will be required to report more types of cybersecurity incidents, including those that happen in their supply chains, under a new proposed law.

This way, the Cyber Security Agency of Singapore (CSA) said it can be more aware of the cybersecurity threats that could potentially cause disruptions to Singapore’s essential services and work with owners more proactively to secure them.


Tabled in parliament on Wednesday (Apr 3), the Cybersecurity (Amendment) Bill will update existing provisions relating to the cybersecurity of CII as well as expand CSA’s oversight to cover Systems of Temporary Cybersecurity Concern or STCCs.

This refers to computer systems that are critical to Singapore and are at a high risk of cyberattacks because of certain events or situations.

The Bill seeks to amend the Cybersecurity Act 2018, which establishes a legal framework for the oversight and maintenance of national cybersecurity in Singapore.

The objective of the Bill, which would amend the Act for the first time, is to ensure that the law keeps pace with developments in the cyber threat landscape, as well as Singapore’s evolving technological operations, said CSA in a media release on Wednesday.

A key aspect of the Bill is also to ensure that CII owners remain responsible for the cybersecurity and cyber resilience of the systems, while embracing new technological and business models such as cloud computing, said CSA.

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Scroll al inicio