Speech by SMS Tan Kiat How at the Cybersecurity Awards 2023

13 OCT 2023

Professionalising cybersecurity sector is key to developing talent

Mr David Koh, Chief Executive of the Cyber Security Agency of Singapore (CSA)

Mr Johnny Kho, President, Association of Information Security Professionals (AiSP)

Ladies and gentlemen

  1. Good evening. It is always good to be here at The Cybersecurity Awards 2023. 

  2. I would like to thank AiSP and the associations in the Singapore Cyber Security Inter-Association for organising the Awards.

  3. Cybersecurity is a fast-paced field, and we are working hard to ensure that Singapore remains at the forefront. 

  4. Three weeks ago, Singapore held its flagship cyber defence exercise, Exercise Cyber Star, involving over 450 participants. Two weeks ago, Minister Josephine Teo unveiled major initiatives to the tune of $110 million at the Cybersecurity Innovation Day. 

  5. Tonight, we are honouring the contributions of outstanding individuals and organisations. 

  6. And next week, we will welcome overseas dignitaries and experts who are participating in the Singapore International Cyber Week. Every week there is something, and that shows the vibrancy and dynamism of the community.

  7. Across all these efforts, the common thread and critical success factor is people. 

  8. In this regard, we are seeing positive results. The cybersecurity workforce in Singapore tripled from about 4,000 in 2016 to around 12,000 in 2022. 

  9. Additionally, through the Cybersecurity Strategic Leadership Programme (CSLP), we are developing current and future leaders. 

  10. We are also going further upstream to nurture younger talent. Through initiatives like the SG Cyber Youth Programme, we offer cybersecurity bootcamps and mentoring sessions to support students in secondary schools who are interested in cybersecurity. 

  11. Overall, we are making good progress and I would like to thank all of you for your dedication, support and unwavering contributions to this effort. 

  12. Looking ahead, with the growth of the sector, the demand for qualified and experienced cybersecurity professionals is expected to remain strong. 

  13. Therefore, as we invest in the next phase of manpower development, besides building up our talent pipeline, we intend to place greater emphasis on improving the quality of our cybersecurity workforce, i.e. improving quality and not just increasing quantity. 

  14. CSA will study the feasibility of establishing a professional framework for cybersecurity professionals, similar to those in more established fields like professional engineers and accountants.

  15. For cybersecurity practitioners, besides elevating the standing of the profession, more structured development pathways and recognition will raise the attractiveness of cybersecurity careers.

  16. For organisations, such a framework can facilitate skills-based hiring, retention and development of talents. 

  17. In doing so, we need to carefully weigh the pros and cons of such an approach. For instance, would there be a need for a professional body responsible for setting professional standards and licensing practitioners undertaking certain cybersecurity roles? How do we raise standards without discouraging the growth of this profession? These are not trivial questions.

  18. Fortunately, we are building on a strong foundation. Over the years, we have increased the number of degree and diploma cybersecurity courses offered by our universities and polytechnics. Today, interested students have more than 20 courses to choose from. 

  19. These courses attract among the best students and produce more than 900 graduates annually. Outside of the Institutions of Higher Learning, the number and quality of cybersecurity training and certifications offered in Singapore have also increased significantly.

  20. More recently, Singapore launched a Skills Framework for Infocomm Technology with a cybersecurity track, as well as an Operational Technology Cybersecurity Competency Framework to guide career development and professional training. 

  21. We could not have done this without our partners. For example, with support from CSA, AiSP published a second version of the Information Security Body of Knowledge recently.

  22. We intend to build on this strong foundation. 

  23. As CSA is embarking on this study, CSA will consult widely, including stakeholders from the industry, professional community, academia and government. The study will take reference from existing skills frameworks, learn from other professional boards, and international efforts like the UK Cyber Security Council’s Chartership scheme, which was piloted last year.

  24. To guide this study, CSA will convene a tripartite advisory group which will be co-led by Mr Wong Choon Bong, Director for Workforce Development from CSA, Professor Steven Wong from the Singapore Institute of Technology – and a past winner of The Cybersecurity Awards Leaders category – and Mr David Ng, a CSLP graduate and Head of Group Technology Information Security Office at OCBC. 

  25. The Group will reach out to stakeholders and members of the cybersecurity community for their inputs. I encourage all of you to participate actively. Do join us and give us your feedback and suggestions as we embark on this study.

    Conclusion

  26. Lastly, I would like to congratulate the nominees and winners of the awards. You have made significant contributions to the development and growth of the cybersecurity sector. 

  27. I would also like to wish everyone a wonderful evening.

PDF version of the speech