Speech by Mrs Josephine Teo, Minister for Communications and Information, at the Cybersecurity Strategic Leadership Programme

SPEECH BY MRS JOSEPHINE TEO, MINISTER FOR COMMUNICATIONS AND INFORMATION, AT THE CYBERSECURITY STRATEGIC LEADERSHIP PROGRAMME AT 3.30PM ON 11 JANUARY 2023

DEVELOPING CYBER TALENT, INNOVATION AND GROWTH

Ladies and Gentlemen

Introduction

1. Good afternoon. Thank you for inviting me to the Closing Session of the inaugural Cybersecurity Strategic Leadership Programme (CSLP).

2. I am very happy to join you as you complete this five-month leadership development programme. This is a significant milestone. My heartiest congratulations to all of you for successfully completing the programme!

3. It is natural for professionals to want to progress to leadership roles. Most of you are in leadership roles.

4. Leaders in any field must not only keep things running well, but also build teams and coach people, to look ahead and prepare. The added challenge in cybersecurity is the fast pace and ever-changing landscape. Any playbook is almost destined to be outdated as soon as it is compiled and we have to be able to deal with this reality.

5. This is why CSA has worked with SMU to develop the CSLP, an executive MBA-type of training programme specially catered for cybersecurity leaders.

6. The CSLP aims to strengthen the knowledge, leadership and networks of current and future cybersecurity leaders and grow a pool of world-class cyber leaders in Singapore.I cannot overemphasize the importance of that. Leaders who are not only competent but continuously adaptable, simply because the landscape keeps changing.

7. To help cyber leaders make strategic decisions and manage innovation and risks in their workplaces, we have included modules such as “Growing a C-Suite Mindset”, “Driving Cyber Strategy and Change”, and “Building our Ecosystem” in the programme. This is the first time this programme has been established in Singapore.

8. The CSLP also included an overseas immersion module to Silicon Valley. I understand it was one of the highlights of the programme for many of you - where you had the opportunity to learn from thought-leaders at U.C. Berkeley and interact with captains of industry there.

Important to develop a vibrant cybersecurity ecosystem and to grow a robust cyber talent pipeline

9. At the start of the new year, it is timely to think about our priorities ahead for cybersecurity.  The work is never ending, but as we start every new year, it is useful to take stock and say what we should we be focusing our attention on this year. It comes within the backdrop of digitalisation that has brought many opportunities, but you know better than I the amount of risks that have also become prominent, risks that have expanded considerably.

10. Cyber threats have grown in scale and sophistication and it sometimes feels challenging trying to catch up and keep pace with what’s going on.

11. And so, CSA has released its refreshed Cybersecurity Strategy in 2021 and it outlines three strategic pillars and two foundational enablers.

12. The three strategic pillars include:

a. Building resilient infrastructure
b. Enabling a safer cyberspace
c. Strengthening international cyber cooperation.

13. There are two foundational enablers – these are the building blocks that we will need in order to try and achieve the strategic pillars.

a. One is developing a vibrant cybersecurity ecosystem, because there is no one component alone that will help to give us the sense of assurance that we hope to see in cybersecurity and
b. Second is to grow a robust cyber talent pipeline. Ultimately, it is people who help to design systems and introduce sufficient robust safeguards and to adapt them to changing circumstances.

14. A vibrant ecosystem is certainly underpinned by research and innovation; and when we do so, it helps to provide a sustainable source of expertise and solutions. Without such capabilities, I think you will agree that whatever plans we have to build resilient infrastructure and a safer cyberspace may never be fully realised.

15. A vibrant ecosystem also helps strengthen Singapore’s competitive positioning as a trusted business hub. And we all know how useful that is for us when you engage with your international counterparts; potentially your clients on the fact that there is this system of trust attached to working with Singapore based companies; that I think helps in getting projects going and that helps to advance discussions. And so what it means overall is that we can look forward to more economic opportunities for Singaporeans and Singapore-based companies that will be able to materialise.

16. Since rolling out the CyberCall programme in 2018, we have supported 22 companies to develop over 30 solutions in areas such as Operational Technology security, artificial intelligence, and privacy-enhancing technologies to help our end users resolve sophisticated cybersecurity concerns. This is part of us helping to shape a vibrant ecosystem.

17. This was only possible because of leaders who looked ahead to identify challenges and understood the importance of innovation.

18. Through such collaboration between government and industry players, these innovations have resulted in tangible benefits to multiple industries.

19. With the growing demand for cybersecurity products and services, cybersecurity is a growth opportunity to seize.

20. At the same time, we also need to develop, grow and sustain a strong cybersecurity workforce, to meet our economic and security needs.

21. Over the past few years, CSA has rolled out a suite of programmes under the SG Cyber Talent programme to attract more youths, women and professionals with adjacent skills to consider cybersecurity as a career.  We also have programmes to develop the skills and careers of our professionals and leaders. And my deep conviction is that when we invest in our people we can never be short-changed. Wherever it is that they serve, whether it is within their existing companies, in their existing industry sectors, or even if they were to move out of their present roles or industries in which they are active; you can never lose when you invest in skills development. So this investment in skills development, I think will always be a key part of the way which we try to strengthen an ecosystem.

22. As a result of the expanded opportunities, Singapore’s cybersecurity workforce has grown.  It has more than doubled from about 4,000 in 2016 to more than 11,000 last yearWould we like to have more than 11,000? The answer is yes. Any good way we can help this pool to grow will be better, but it is not just quantity but it is also quality. There is a certain degree of expectation on cybersecurity professionals, so we must also make sure we have the right programmes to nurture this workforce, to give them the skills that will be needed.

23. Cyber leaders have played a critical role in this growth by coaching new entrants and building more diverse teams.

24. Nonetheless, with the industry’s further expansion, there is still a gap of at least 800 positions to fill. Our talent development efforts must therefore continue.

Cyber Industry Collaborating with Government on Ecosystem and Talent Development

25. At the broader level, the public and private sectors should also work closely together to address our gaps and capture growth opportunities.

26. CSA is developing new plans to grow the cybersecurity ecosystem and talent pipeline for the next bound, together with industry partners. In other words, we want this to be of co-creation to further strengthen our cybersecurity position.

27. At the same time, we will encourage continued innovations in cybersecurity. The reasons for doing so are because on one hand, we must maintain trust amongst stakeholders, that the digital world has enough safeguards On the other, there are new threats to counter.  

28. Beyond innovation, companies will also need access to technology, markets and funding, to grow good ideas into scalable solutions. We are therefore looking at stronger support for promising companies to scale up and to internationalise.

29. What new moves and when? More details will be released in the coming months.

Developing a local pool of cyber leaders is crucial for a cyber-resilient future

30. To conclude, let me emphasise once again the importance of having a strong pool of cyber leaders in Singapore.

31. The CSLP reflects our commitment to strengthen this leadership core for a cyberresilient future.

32. I encourage all of you to continue the learning and sharing. We also hope to have some of you to return as guest speakers for future cohorts, or to recommend others whom you thinkmay benefit from participating in the programme.

33. Congratulations once again!  Thank you.