Public Consultation on the Proposed Cybersecurity (Amendment) Bill

Published on 15 Dec 2023

[Singapore, 15 December 2023] The Cyber Security Agency of Singapore (CSA) has launched a public consultation to seek feedback on the Cybersecurity (Amendment) Bill. The public consultation will commence today and end on 15 January 2024.

2.     The Cybersecurity Act 2018 sets out the legal framework for the oversight and maintenance of national cybersecurity in Singapore. Since then, the technological landscape has shifted. Businesses are adopting new technological tools and business models, such as cloud computing, and are increasingly engaging vendors or other third-party service providers in the supply chain. For individuals, a growing proportion of work and our daily lives now take place online. Cybersecurity is thus more critical than ever. The Cybersecurity (Amendment) Bill seeks to ensure that Singapore’s cybersecurity laws remain fit-for-purpose, and can address the emerging challenges in cyberspace.

Scope of Consultation

3.     In reviewing the Cybersecurity Act, CSA has sought to:

a. Keep pace with developments in technology and industry practices. This entails updating existing laws pertaining to the protection of critical information infrastructure (CII), and to maintain a high standard of protection for these systems so that our essential services are not disrupted by cyber threats.

b. Look beyond CII to ensure the cybersecurity of other important systems and infrastructure by extending the coverage of the Cybersecurity Act. To this end, it is proposed that the regulatory oversight of the Commissioner of Cybersecurity be extended to nationally important computer systems that face heightened risks during crucial periods, as well as entities of special cybersecurity interest, as breaches of such organisations could have detrimental implications for the defence, foreign relations, economy, public health, public safety, or public order of Singapore.

c. Respond to evolving cybersecurity challenges by updating regulations to provide the Commissioner of Cybersecurity with greater situational awareness such that there is early and timely information on the cybersecurity vulnerabilities, threats, and incidents that affect CIIs, and other identified systems and infrastructure.

4.     Entities regulated under the Cybersecurity Act will be required to adhere to cybersecurity standards of practice, report cybersecurity incidents to CSA, and comply with directions issued by the Commissioner to ensure the cybersecurity of specific computer systems under their charge. 

5.     As Singapore digitalises, there is an increased risk of organisations falling victim to cyber attacks. This update of the Cybersecurity Act is important to ensure that the necessary safeguards are put in place for the digital infrastructure and services that we use. This way, Singaporeans and businesses can embrace digitalisation with confidence, knowing that they are safe and secure in the digital domain. We welcome feedback from all interested parties to help shape the Act and better protect Singaporeans and our businesses,” said Mr David Koh, Commissioner of Cybersecurity and Chief Executive of CSA.

Submission of feedback

6.     We invite the public to share their views and suggestions via the online form on the REACH website.

- END -

About the Cyber Security Agency of Singapore 

Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cybersecurity awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Communications and Information. For more news and information, please visit

For media enquiries, please contact:
Goh Jing Xian (Ms)
Assistant Director, Communications and Engagement Office
Tel: +65 6461 7402



Report a Cybersecurity Incident

SingCERT encourages the reporting of cybersecurity incidents as it enables us to better understand the scope and nature of cyber incidents in Singapore. This will enable us to issue alerts or advisories on relevant threats, and assist a broader range of individuals and organisations.
Report Incident