As part of the Safer Cyberspace Masterplan, the Cyber Security Agency (CSA) of Singapore is set to launch the Cybersecurity Labelling Scheme (CLS). For the time being, CSA will extend its rating-based CLS for Wi-Fi routers and IoT devices like smart home hubs.
Later this year, CSA will be launching the Safer Cyberspace Masterplan to increase the cyberspace hygiene in the country as it moves towards digitization and achieving the “Smart Nation” tag. The CLS is a first of its kind cybersecurity rating in the APAC region aimed at helping the consumers make informed choices. These cybersecurity labels will act as a scale or measure for the security provisions that a certain product offers. The rating will be decided on a series of assessments and tests including but not limited to:
- Meeting of basic security requirements (e.g. unique default passwords)
- Adherence to software and hardware secure-by-design principles
- Common software security vulnerabilities should be absent
- Resist basic penetration testing activity
The CLS will distinguish and grade the smart devices available in the market. CSA also plans to start incentive-based labeling with an aim to develop products with improved security features. Currently, consumer-based IoT devices are often designed to optimize functionality, reduce cost and have a very short time-to-market cycle, thus giving cybersecurity a backseat. However, the implementation of CLS shall change this perception and give more stress on the cybersecurity quotient of these IoT devices.
Earlier in November 2019, in order to boost cybersecurity and tackle next-generation cyberthreats, the Singapore government decided to adopt new data protection measures. The government also established a committee, named Public Sector Data Security Review Committee, to review its data security practices.
As per reports, the committee chaired by the Minister-in-charge of Public Sector Data Governance, Teo Chee Hean, inspected around 336 network systems across 94 government agencies and observed international data security practices in the financial and healthcare sectors.