 COLUMN


































        MEETING COMPLIANCE


        SHOULD NOT

        BE A STRUGGLE





        Last month, the Cyber Security Agency (CSA) announced that it
        established an interagency counter-ransomware task force to tackle
        a growing concern in Singapore. The task force’s mission is to develop
        and make recommendations on policies, operational plans, and
        capabilities to improve the country’s counter-ransomware efforts.

        Establishing the task force aligns with another CSA effort launched
        earlier this year to protect the long-term security of Singaporean
        businesses. The Cybersecurity Code of Practice for Critical Information   Jeremy Ho,  Managing Director for Southeast Asia,
        Infrastructure – Second Edition, built on the Cybersecurity Act 2018,   Hong Kong, and Taiwan at SentinelOne
        published new requirements for Critical Information Infrastructure
        owners (CIIO). CIIOs must proactively search for signs of malicious   maritime, land transport, healthcare, banking
        activity within a Critical Information Infrastructure (CII), which they   and finance, water, security, emergency, and
        call threat hunting.                                           media companies.

        CSA believes that detection requirements like threat hunting will help
        the CIIO understand and implement the required people, processes,  WHAT IS THREAT HUNTING?
        and technology needed to detect malicious activity and vulnera-
        bilities. This includes the monitoring of traffic and logs, as well as a   According to the legislation, threat hunting is “a
        search for any signs of malicious activity.                    proactive effort to search for signs of malicious
                                                                       activities that have evaded security defences
        From July 2022 onwards, all CIIs operating in Singapore are required   within the CII.” Threat hunters are able to
        to conduct threat hunting once every 24 months. This is applica-  uncover hidden threats that may be waiting
        ble to all services rendered, including any outsourced activities to   to execute an attack or find events that have
        a third-party vendor. The CIIO is accountable for the entire CII’s   already compromised the environment.
        cybersecurity posture, and has 12 months to comply with the regula-
        tion. CIIs include government agencies, Infocomm, energy, aviation,   Effective threat hunting helps uncover hidden
        ASIAN DEFENCE TECHNOLOGY                                                    NOVEMBER-DECEMBER 2022 | 33