Speech by SMS Tan Kiat How at the Cybersecurity Awards & Gala Dinner

BUILDING A TRUSTED FUTURE TOGETHER

Mr Tony Low, President, AiSP

Colleagues and Friends

1. Good evening. Thank you for inviting me to join you at the Cybersecurity Awards and Gala Dinner. When I attend these cybersecurity events, I am very happy to see the cybersecurity community growing from strength to strength. As I look across the room, I see much more diversity, which is important, because cybersecurity requires diverse perspectives, and it is very good to see more participation across communities.

2. I would like to thank AiSP and the associations from the Singapore Cyber Security Inter Association (SCSIA) for organising this event.

3. This year is a little unique for my ministry. We changed our name to the Ministry of Digital Development and Information. However, what we do is substantively the same. I wanted to express our emphasis on “digital development”. We cannot do “digital development” without trust, and without cybersecurity. This is an important area for Singapore as we move forward.

4. This was highlighted by our Prime Minister, Lawrence Wong at the launch of the refreshed Smart Nation Strategy a month ago. Trust is one of the key building blocks of our Smart Nation efforts.

5. Only when our citizens and enterprises feel safe and confident in the digital infrastructure that they depend on for their daily lives, work and business operations, can we build a shared digital future.

6. However, building and maintaining trust is a never-ending task. Malicious threat actors are constantly innovating and evolving their techniques, and every incident chips away at the trust we have painstakingly built.

7. Therefore, having good cybersecurity to prevent incidents and robust digital resilience to recover quickly are crucial.

8. To do this well, we need a strong cybersecurity community, and our people are at the heart of everything we do in cybersecurity.

9. Developing and nurturing a robust talent pipeline for the cybersecurity ecosystem is a priority for the Government.

10. Singapore's cybersecurity workforce has tripled from 4,000 in 2016 to around 12,000 in 2022. We expect the demand for cyber talent to keep growing at around 6 to 7%, especially with new and emerging technologies being adopted. Some jobs such as security and threat analysts, vulnerability assessment and penetration testers, as well as security architects and engineers will be in even higher demand than this.

11. To meet this demand, we are gearing up our education pipeline and career conversion programmes for aspiring cybersecurity practitioners - not just students or young people who are in school or about to graduate who have a keen interest in a career in cybersecurity. We want to make sure that there are pathways available for those who are already in their careers.

12. It does not matter if you are not in the cybersecurity field. If you have the passion, the interest, and are willing to learn, we want to create those pathways for you to join the cybersecurity workforce, and we want companies to benefit from this group of people.

13. I have met many career-switchers with interesting, diverse backgrounds. I have met someone who was a chef, before becoming a cybersecurity analyst in one of the operations centres. I have met people who were musicians, who then converted to a cybersecurity career. This is why I think cybersecurity is an interesting career choice for them, because there are enough roles in the cybersecurity ecosystem that need not require having a technical background. We want to create these pathways for mid-career progression.

a. Today, our universities and polytechnics offer more than 20 degree and diploma cybersecurity courses with more than 900 students graduating annually.

b. Working adults can also enrol in Career Conversion Programmes supported by the Government to gain entry into cybersecurity job roles. Furthermore, CSA is working with training partners to roll out the accelerated conversion programme to allow experienced or mid-career professionals to transit into cybersecurity careers. The accelerated conversion programme is being developed, and CSA will provide more details when ready early next year.

14. I am heartened that the community is also stepping up to support talent development.

15. In August this year, I attended the programme launch for the Design x AI x Tech (Cybersecurity) certification programme, which sought to support non-cyber professionals to take on cybersecurity roles. The programme is a result of a collaboration between SUTD, NTUC, AiSP and Tech Talent Assembly. I am glad to see the industry coming together to pool resources and expertise to support the development of our ecosystem, and I urge all of you to step up, and encourage you to tap on many of these programmes available today.

16. That said, we are not stopping at just growing more cyber professionals. Cybersecurity is ultimately a team sport; having a secure and safer digital domain is not just about having more cyber professionals, but also professionals who are sensitive to the importance of cybersecurity so that they will consider and incorporate cybersecurity in their line of work and in their organisations.

17. Cybersecurity is not just a Chief Information Security Officer’s job. It is the responsibility of the leadership and management, where the CEO and the board themselves pay attention to this and take ownership of it. Hence, we want more of our software products to be more cyber-secure at the start.

18. For example, engineers and software developers should possess a strong understanding of cybersecurity principles that will allow them to design more secure systems at the outset. Lawyers and auditors can also have firm understanding of compliance requirements, so that they can help their clients better manage cyber risks.

19. This is why CSA rolled out the SG Cyber Associates programme last year, to provide cybersecurity trainings to non-cyber professionals. The take-up has been very positive – more than 350 individuals signed up for the first iteration of the programme, and I encourage more to participate.

20. The Government will continue to do our part to nurture and protect this trust. However, our digital domain is constantly evolving, and new technologies are always emerging. Yesterday was the cloud, today it is AI, tomorrow can be quantum computing, and the day after it can be something else. While these new technologies promise economic and social benefits for the future, they also come with many unknown cybersecurity risks.

21. As such, all of us need to play our part, including organisations and individuals.

22. The first edition of our Guidelines and Companion Guide for Securing AI that was recently launched at the SICW is one good example of such a collaboration. The guide draws on contributions from industry and government, both local and international, and is intended to be a live community resource to guide companies and organisations on how they can deploy AI in a safe and secure manner. Many of you in the room contributed to the guide, including AiSP, and I thank all of you for your contributions and support.

23. Let me conclude by offering my warmest congratulations once again to all award recipients.

24. I look forward to seeing the positive impact that you will make in the future.

25. Thank you and have an enjoyable evening!