Singapore Sets High Bar in Cybersecurity Preparedness

While Singaporean organizations have adopted the majority of their governments cybersecurity recommendations, they arent immune: More than eight in 10 experienced a cybersecurity incident over the course of the year.

Singapore is leaving other countries in the dust when it comes to cybersecurity preparedness, according to a new government survey.
The Cyber Security Agency of Singapores (CSA)
Cybersecurity Health Report 2023
polled 2,036 small, medium, and large organizations, across 23 sectors, about various aspects of their cybersecurity — breaches faced, business impacts, measures implemented, and the like. It found that, on average, organizations have implemented just over 70% of the requirements necessary to obtain a Cyber Essentials certification. The certification includes five categories of national cybersecurity standards: Assets, Secure/Protect, Update, Backup, and Respond.
Seventy percent is far from perfect, CSA emphasized, and some of its other results were a cause for further concern. But if graded on a curve, Singapores organizations are doing quite well compared with the rest of the world.
Governments and companies can take a page from Singapores playbook and focus on proactive protection, education of the public, and
discussion of cybersecurity initiatives
at the highest levels of government, says Stephanie Boo, the Singapore-based senior vice president at Menlo Security.
In contrast to the CSAs results, consider Ciscos 2024
Cybersecurity Readiness Index
, released last week.
In a poll of 8,000 cybersecurity and business leaders across 30 countries, Cisco assessed that only 3% of organizations have a mature level of security readiness needed to be resilient against modern cybersecurity risks. Seventy-one percent of organizations were graded as either in the formative stage (below average) or beginner (only just beginning to deploy security solutions).
When it comes to Singapores vastly better results, Boo says, Great government policies and ability to implement them across a small country are a couple contributing factors.
However, credit also goes to a very computer-savvy population with a highly digitized economy, and a thoughtful, problem-solving approach to breaches. When the country experienced
a breach in 2018
, rather than continue business as usual, the government instituted an Internet separation where computers connecting to business applications are air-gapped from the Internet, she says. For the many headline-grabbing breaches we have seen in the US, we have not seen a coordinated solution or mandate from other governments.
CSAs report also included some concerning results, however.
More than eight in 10 Singaporean organizations experienced a cybersecurity incident over the course of the year, and half experienced several. Among those, 99% experienced a business impact, with the most common consequences being business disruption, data loss, and reputational damage.
Singaporean business leaders were also found to suffer from the same recurring mental blocks that cyber professionals rail against no matter where they are in the world. When it came to why they havent implemented security measures, besides a lack of knowledge and experience, respondents — 46% of businesses, 49% of nonprofits — most often expressed the belief that they were unlikely to be a target of a cyberattack. They also admitted that cybersecurity is a low priority at their organizations (38% and 44%, respectively), and cited a perceived lack of return on investment (36% and 31%).
CSA highlighted the irony in these arguments
in a fact sheet, noting that the cost of meeting Singapores Cyber Essentials threshold for a small business ranges from around $1,800 to $4,500.
The amount is typically a small fraction of the cost of business disruptions or recovery procedures due to cyber incidents, the impact of which may also be extended beyond affected organizations to their customers and suppliers, according to the agency.
Boo notes that, in general, small businesses lack the resources to approach security from the business-case perspective.
Small businesses focus on the must-haves to run their business and don’t have the bandwidth or forethought to look at business enablers from security, Boo says. The best way to educate small businesses is to deliver the education through channels they already use — like their bank, credit card company, or their telecommunications provider. It is also important to keep it simple and focus on the business benefits rather than the complexity of cyber threats.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Singapore Sets High Bar in Cybersecurity Preparedness