In our continued coverage of Singapore’s Cybersecurity status, a national committee composed of top-ranking ministers partnered with captains of Singapore’s IT industry are set to review the city-state’s current data security policies. The city-state made its decision to form a super committee which will be headed by the Deputy Prime Minister, Teo Chee Hean, he is also concurrently serving as the National Security Coordinating Minister. Many government agencies will be directed by the committee with full consultation with the private sectors and local officials.
Singapore has been hit by a very controversial data breach which affected SingHealth, the biggest one in the country’s history. 1.5 million patients, including the personal records of the Prime Minister, was stolen. It only took SingHealth’s until July 2018 to release the information about the breach publicly, but the actual data included patients’ records since May 2015.
With a follow-up investigation, it was later revealed that SingHealth lost 160,000 patients record earlier than 2015, as the front-end computers used by the hospitals affiliated with SingHealth was taken over by hackers.
The start of 2019 was not good for the Singapore health sector, as news about a data breach involving the Ministry of Health, where HIV records of 14,200 patients were released by an unknown party to the Internet. Another data breach was recorded which involved the loss of 800,000+ publicly identifiable information of blood donors.
It only goes to show that the initial policies like the anti-USB device policy in 2017 and Internet access isolation procedure started in 2016 weren’t effective enough to prevent data breaches involving millions of personally identifiable information.
The good thing about the city-state’s government is its resolve when it comes to admitting to the weaknesses and vulnerabilities endured by the less maintained systems that were hacked. The government also sees the importance of releasing enough funding to make mitigation and security procedures implementable for long-term security for all sectors involved.
“Recent data-related incidents have underlined the urgency to strengthen data security policies and practices in the public sector. While individual agencies are investigating and taking action on the specific incidents, this committee will undertake a comprehensive review and incorporate industry and global best practices to strengthen data security across the public sector,” said in the report.
The following who were named members of the committee are Vivian Balakrishnan, S. Iswaran, Chan Chun Sing, Janil Puthucheary. The agencies which will comprise the ministers are the Government Technology Agency, Communication and Information, Public Service, Trade and Industry, and Cybersecurity. The PMO has made a commitment to increase IT audits in the hopes of increasing the security of the affected industries. “The Government has also increased the number and types of internal IT audits to check on agencies’ data access and data protection measures. This is essential to uphold public confidence and deliver a high quality of public service to our citizens through the use of data,” explained by PMO. The committee is given until November 30, 2019, to submit its proposal to the Parliament and to the Prime Minister. Singapore styles itself as a Smart Nation, given its high data security standards compared to other members of the ASEAN (Association of Southeast Asian Nation).