Singapore government will launch a bug bounty initiative by end-2018, when local and international hackers will be invited to test systems for vulnerabilities, as well as a cybersecurity hub next year to facilitate collaboration and training efforts amongst Asean country members.
The Singapore government has announced plans to launch a bug bounty programme by year-end as well as a cybersecurity hub to coordinate training and collaborative efforts amongst Asean country members.
The bug bounty initiative aimed to identify « cyber blindspots » and benchmark the government’s defences against cyberattacks, said Deputy Prime Minister Teo Chee Hean, at the annual Singapore International Cyber Week conference this week.
The programme was scheduled to launch at the end of the year, during which both local and international white-hat hackers would be invited to test selected government systems and uncover vulnerabilities.
Teo said: « Through this process, we can bring together a community of cyber defenders who share the common goal of making cyberspace safer, and more resilient by securing our systems against malicious attacks. This builds a shared sense of collective ownership over the cybersecurity of our systems, which is vital to achieve our smart nation goals. »
Singapore also will set up a « multi-disciplinary » Asean Cybersecurity Centre of Excellence, which will operate as a think-tank and training centre as well as emergency response team for the region. Slated for launch next year, the facility will be supported with a fund of S$30 million over five years, through to 2023.
The move was an extension of the Asean Cyber Capacity Programme, which Singapore had kicked off in 2016 with a seed funding of S$10 million as part of efforts to boost the region’s cyber capabilities and infrastructure to combat emerging cyber threats. The initiative included the annual Asean CERT (Computer Emergency Response Team) Incident Drill (ACID), where member states participated in testing and improving their cooperation and responses to cybersecurity incidents.
With the new Asean centre, Singapore hopes to further strengthen member states’ legislation, technical, and research capabilities, train local CERTSs across the region, and facilitate « open source » information sharing between the response teams.
Noting that the centre would encompass policies, legislation, and operations, Singapore’s Minister for Communications and Information S. Iswaran said: « It reflects our conviction in the importance of aligning cyber diplomacy efforts with operational issues. We believe that this alignment will facilitate coordination towards a unified Asean perspective, so that we can better secure our collective regional interests at international platforms. »
He added that other governments outside the Asean member community had expressed interest to work with the region under the new centre, including New Zealand, Canada, and the European Union.
Singapore also is working on a framework to coordinate cybersecurity efforts amongst the 10 Asean member states, outlining cyber diplomacy, policy, and operational issues. In the interim, the countries have agreed to observe 11 norms of behaviours–related to cybersecurity–recommended in the 2015 Report of the United Nations Group of Governmental Experts (UNGGE) on Developments in the Field of Information and Telecommunications.
Elaborating on the importance of establishing cyber norm behaviours, Iswaran said: « A rules-based order is key because it gives all states, big or small, the confidence, predictability, and stability that is essential for economic progress, job creation, and technology adoption.
« Ultimately, this will help to enhance the lives of all our people. It is also important that the international community abides by the same rules, as our world grows ever more interdependent and interconnected, » he added.
