Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
RESTRICTEDRESTRICTED
2 of 7
Establishment of CSA- Cyber Security Agency of Singapore
- Established on 1 Apr 2015
- Under the aegis of the Prime Minister’s Office
- CSA provides dedicated and centralisedoversight of national cyber security functions
- It takes over and builds on functions from IDA and SITSA/MHA.
RESTRICTED
RESTRICTEDRESTRICTED
3 of 7
CSA - ROLES, FUNCTIONS & CAPABILITIES
Critical Sector Development
Standards & RegulationCritical Sector
ReadinessSector Cyber
Exercises
Partnership & Outreach
International Partnership
Public Awareness & Outreach
SingCERTEngagement
Crisis Communication
Consultancy
Technical & System Design Consultancy
Accreditation & Certification
Systems Testing & Evaluation
Research & Analysis
Cyber Situational Awareness
Cyber Research Threat Analysis
& AssessmentAlerts &
Advisory
Cyber Incident Response
Incident Response & RecoveryInvestigation
& ForensicsMalware
Mitigation
Capability Development
Capability & Technology DevelopmentResearch
Development
Policy & Legislation
Cyber Security PoliciesLegislation &
Governance
IndustryEngagement
Industry & Manpower Development
Education & Training Development
Private Sector Engagement
CSA
RESTRICTED
RESTRICTEDRESTRICTED
Cyber Incident Management
• Tiered approach
CII Operator
Sector Lead
CSA
RESTRICTED 4 of 8
RESTRICTEDRESTRICTED
Critical Information Infrastructure (CII) Sectors
• 10 Critical Information Infrastructure (CII) sectors identified
RESTRICTED 5 of 8
Aviation Energy Finance Government
Health Infocomm Land Transport Maritime
Security & Emergency Water
RESTRICTEDRESTRICTED
CII Operators• The CII Operators are the companies that
operate the identified CII systems, e.g. power plant operators
• CII Operators are responsible for the protection of their own system – Cyber security should be part of their business
requirement– CII operators will report the incidents to the
respective Sector Leads
RESTRICTED 6 of 8
RESTRICTEDRESTRICTED
Sector Leads• Sector Leads are responsible for cyber security in their
respective sectors, which includes both CIIs and non-CIIs– Responsible to assist the CII operators
• Every sector must have its own detection and early warning capability on a 24/7 basis
• Sector Leads need to take charge at sector level in the event of incident. – CII Operator/Sector Leads will be first-line responder to
sector incidents– Need to report all cyber incidents to CSA
RESTRICTED 7 of 8
RESTRICTEDRESTRICTED
National Cyber Incident Manager
• CSA is the National Cyber Incident Manager and operates the National Cyber Security Centre (NCSC) – Oversees the handling of the incidents within the
CII Sectors – Oversees National Cyber Threat Alert Level
(NCTAL) via assessment of the incidents across all CII Sectors, the cyber threat landscape and other information received
– Determines the national level measures that need to be implemented country wide.
RESTRICTED 8 of 8
RESTRICTEDRESTRICTED
National Cyber Incident Manager
• CSA controls the National Cyber Incident Response Team (NCIRT)• Coordinate cross-sector incidents and lean forward to
augment the sectors with more resources when needed
• CIRT teams from other agencies can be pulled together to support the impacted sectors during crisis (2nd tier support to the first-line responder)
RESTRICTED 9 of 8
RESTRICTEDRESTRICTED
Partners and Stakeholders
CSAInternational
Partners
Like-minded Nations
Cyber Security
Communities
SectoralStakeholders
RESTRICTED 10 of 8
RESTRICTEDRESTRICTED
Legislation• CSA needs to be appropriately empowered to
carry out its national duty.• Growing international trend towards
enactment of unified cyber security legislation
• Need for an Omnibus Bill on Cyber Security (under study)– Governance Powers– Standards Setting– Operational Powers– Information Sharing
RESTRICTED 11 of 8