Singapore
Mr Ng Hoo Ming says the onus is on governments and private sector organisations to work together to foster trust on the Internet.
CSA deputy chief executive Ng Hoo Ming giving his keynote speech at the RSA Conference in Singapore. (Photo: RSA Conference)
SINGAPORE: Past events like the Facebook-Cambridge Analytica data leak has shown that “leaving industry to self-regulate doesn’t work”, said Mr Ng Hoo Ming, deputy chief executive of operations at the Cyber Security Agency of Singapore (CSA) on Wednesday (Jul 25).
Mr Ng, who was speaking on data governance in his keynote speech at cybersecurity trade show RSA Conference, pointed out that this aspect of safeguarding information tends to be viewed by decision-makers as a hindrance to doing business and only addressed later on.
However, this should not be the case, given that “data is the lifeblood” of today’s digital economy and more care should be focused on this.
The CSA executive also cited Uber’s data breach as another example of how these would eventually erode people’s trust in embracing digital services.
The US-based ride-hailing company revealed last November that the personal data of about 57 million riders and drivers were compromised following a hack in 2016. Compounding the issue was the fact the company did not disclose the incident to those affected, but paid the hackers US$100,000 to destroy the data.
Of the 57 million, 380,000 were Singapore users and the Personal Data Protection Commission said then it was investigating whether the company had breached the Personal Data Protection Act.
“The push for convenience should not be at the expense of security,” Mr Ng said.
He also briefly reiterated the Government’s message regarding Singapore’s most serious breach of personal data, when hackers burrowed into the patient database of healthcare provider SingHealth and made away with 1.5 million people’s data, including that of Prime Minister Lee Hsien Loong.
The CSA deputy chief executive demurred on giving “juicy insider stories” about the hack, but stated, again, that such incidents while serious, should not derail the nation’s Smart Nation ambitions. This was the message put out by both Mr Lee and Minister for Communications and Information S Iswaran when the cyberattack was first announced last Friday.
Thus, Mr Ng said the onus is on governments and organisations to work together to foster trust on the Internet.
He pointed out that many organisations today have corporate social responsibility programmes that allow them to give back to the wider society, and some of them even have key performance indicators baked into how they conduct such initiatives.
Similarly, organisations should consider doing so for something Mr Ng coined as “corporate cybersecurity responsibility”.
This way, companies would have a compelling reason to regularly relook and improve their cybersecurity processes and posture, he explained.
