Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Opening Address

Opening Address by SMS Tan Kiat How at the AiSP Cybersecurity Awards on 21 Nov 2025

24 November 2025

The Government supports firms with resources and is exploring a professional accreditation framework. Agencies, industry, and academia are collaborating to strengthen cyber readiness.

A COLLECTIVE EFFORT: BUILDING THE FUTURE OF CYBERSECURITY IN SINGAPORE

Mr Tony Low, President, Association of Information Security Professionals (AiSP),

Distinguished guests, ladies and gentlemen.

Introduction

  1. Good evening. I am pleased to join you at this year’s AiSP Cybersecurity Awards and Gala Dinner. I am happy to see many friends and industry partners here today.

  2. Firstly, my heartiest congratulations to the award recipients and nominees. The quality of the recipients and nominees gets more impressive every year. I am encouraged by that, as we are dealing with a threat landscape that is constantly evolving and rapidly changing.

  3. Cyber-attacks are becoming more sophisticated. There is also an increase in Advanced Persistent Threat, or APT, activities. In July this year, Coordinating Minister for National Security Shanmugam shared with Singaporeans that the APT group UNC3886 was attacking Singapore’s critical infrastructure. He emphasised that UNC3886 poses a serious threat to us and has the potential to undermine our national security.

Cybersecurity is a shared responsibility, which underlines the role that the industry plays in strengthening Singapore’s cyber defences

  1. These sophisticated campaigns are part of a broader threat landscape. The same vulnerabilities and weak links that APTs exploit, are also used by ransomware groups and cybercriminals.

  2. The World Economic Forum’s Global Cybersecurity Outlook 2025 report noted a rise in cyber risks, with ransomware continuing to be a top concern for organisations worldwide.

  3. Here in Singapore, we see a similar trend. According to CSA’s Singapore Cyber Landscape 2024/2025 report, the number of reported ransomware cases increased by 21% in 2024.

  4. In my interactions with business owners and management in enterprises, I notice that there is a shift in thinking about cybersecurity. They recognise that cybersecurity is not just a cost item but a core enabler of business and digital operations. I see a marked shift in sentiments and thinking, which is encouraging.

  5. Many of you here are the subject-matter experts in your organisations. You play an important role in helping your colleagues and leaders understand the value of good cyber practices.

  6. You would know that good cybersecurity cannot be achieved through compliance alone. Organisations need to focus on outcomes, on building systems that are resilient and able to recover quickly when incidents occur.

  7. The Government is supporting organisations and businesses in Singapore to improve their cybersecurity posture, through initiatives such as the Cyber Essentials and Cyber Trust Marks and CISO-as-a-Service.

  8. When organisations invest in their own capabilities, the benefits are clear. They enhance trust with customers and strengthen partnerships. This contributes to a more resilient digital ecosystem for Singapore.

Raising the quality of our cybersecurity workforce, through the National Accreditation Framework for Cybersecurity Professionals

  1. At the heart of cybersecurity is people and talent. Across government, industry, academia and professionals, all of you contribute your knowledge and experience to help keep Singapore safe online. It is also heartening to see wide participation and representation from industry, academia, government agencies, and, importantly, the next generation of students. This is an important part of the ecosystem – bringing stakeholders together and working together to strengthen capabilities and improve Singapore’s cybersecurity posture.

  2. The Government has been investing in developing a talent pipeline of cybersecurity professionals.

  3. An example is the Cybersecurity Strategic Leadership Programme (CSLP). This is an executive programme developed to enhance Singapore’s cybersecurity leaders’ ability to adopt best-in-class solutions, foster a culture of innovation, and develop the dynamic skills needed to effectively influence management decisions and secure their organisations.

  4. Phase 1 has achieved encouraging results - training a total of 74 senior cyber leaders, including representatives from 20 CIIOs and sector leads. The next phase of the programme will continue to strengthen the capabilities of cybersecurity teams, especially those in CIIOs, and include private, and public sector participants.

  5. We are also engaging younger students to interest them in a career in cybersecurity. The SG Cyber Olympians programme is nurturing our next generation of defenders. The program identified and trained 50 youth talent through sparring sessions, bespoke trainings, and overseas immersion programs. The Olympians went on to represent Singapore at international competitions – achieving podium finishes at competitions like Cyber SEA Games and HACKTM.

  6. Even as we grow our cyber talent pipeline, we are also looking at uplifting the capabilities of our cybersecurity professionals. Organisations need confidence that the service providers they engage are trustworthy and competent. Today, it can be difficult for organisations to determine which providers meet the necessary standards, and for professionals to signal their skills amid the wide range of certifications in the market.

  7. CSA commissioned a study late last year to study these matters, including how we can raise the quality and standards of our cybersecurity professionals. Specifically, CSA is studying the feasibility and effectiveness of establishing a national accreditation framework to assess and recognise cybersecurity professionals based on their skills, competencies and experience.

  8. We are seeking views from key stakeholders and international partners. Some of the key questions that the consultants looked at include which specialisations should be covered; should accreditation be voluntary or mandatory; and if the industry is ready for the change. We also wanted to address concerns raised by the stakeholders. For instance, how can we strike a balance between raising standards and avoiding raising barriers to entry too high.

  9. The initial result of the study is encouraging. About 70% of the respondents indicated that the industry is somewhat ready to take this step. However, the respondents preferred a phased implementation approach, starting with a few specialisations and adjusting the model along the way. There was also a preference for the accreditation framework to be tiered to differentiate professionals based on their levels of competency and skills.

  10. CSA is reviewing the results of the study and assessing the options. We will share more details when ready.

Deepening collaboration within Singapore’s cyber community

  1. Tonight's ceremony showcases our shared dedication to cybersecurity defence. Now in its eighth year under the organisation of the Singapore Cybersecurity Industry Association (SCSIA), the event exemplifies collaborative efforts between associations.

  2. Government agencies, enterprise, academia, and professionals each play a role in strengthening our cyber readiness. Open communication and cooperation will help us address risks more effectively.

  3. We already see good examples of this. In collaboration with SUTD and NTUC, AiSP has launched a Design, AI, and technology course to support individuals entering or progressing in the cybersecurity sector. The first intake included 18 participants, and AiSP plans to grow this to about 80 participants annually.

  4. With several cybersecurity organisations, including CSA moving to the Punggol Digital District, there will be more opportunities to build a stronger and more connected cybersecurity community in the coming years.

  5. CSA will work closely with its new neighbour, the Singapore Institute of Technology (SIT), on initiatives such as mentoring programmes for students and joint cybersecurity exercises. These collaborations can help develop talent, support innovation, and strengthen the overall ecosystem.

Conclusion

  1. The threats that the digital space faces will constantly evolve and get more sophisticated. As we step up the pace of digitalisation, especially with the use of AI, we must also invest more effort to secure our cyberspace. Collaboration across key stakeholders in Government, industry and academia must continue to be the core organising principle for us in Singapore.

  2. Organisations like AiSP have supported this collaborative approach by connecting professionals, developing capabilities, and contributing to keep Singapore a safe place to live and work online.

  3. I would like to thank AiSP for the support and strong partnership, and to congratulate all the award recipients. Your dedication and contributions strengthen our cyber community.

  4. Thank you.

Back to top