Remarks by Mr S Iswaran, Minister for Communications and Information and Minister-in-charge of Cybersecurity at SICW 2020 Joint Press Conference

09 Oct 2020

MINISTER ISWARAN’S REMARKS AT THE SICW 2020 JOINT PRESS CONFERENCE WITH UN UNDER-SECRETARY-GENERAL IZUMI NAKAMITSU ON 9 OCTOBER 2020, 8.30AM

Good morning, everyone. Thank you for joining us this morning. Let me start by welcoming Ms Izumi Nakamitsu, UN Under-Secretary-General (USG) and High Representative for Disarmament Affairs, who is our co-chair for this morning's press conference.

First, this year’s Singapore International Cyber Week (SICW) and also the ASEAN Ministers Cybersecurity Conference (AMCC) was held in a hybrid physical-virtual format. We had physical participants from Singapore, and we had more than 6,000 participants from over 60 countries from around the world. The event, and even this press conference, reflects the challenges posed by COVID-19 - the kind of digital transformation that it has impelled upon all of us and also equally, the kind of opportunities that it has created. In fact, in this year's SICW, we have very strong representation from Ministers, experts and heads of delegations from around the world. That reflects firstly, the continuing importance and significance attached to the issue of cybersecurity at both the national and international levels. Secondly, the significance of SICW, which has continued to grow from strength to strength. By all accounts, this year's hybrid event has been very well-received by all the participants.

Let me just start by emphasising that clearly, the pace of digitalisation has quickened, and it has sparked innovation and boosted the growth of the digital economy. It has also highlighted the importance of international cooperation in cybersecurity, as the foundation for trust in digital exchanges. All our international partners have recognised the benefits of this digital advancement and the growth in the digital economy. Equally, they have also emphasised the need for international cooperation to ensure a secure and trusted digital environment that will support this progress. ASEAN, for example, is expected to see a six-fold increase in its digital economy from about USD$31 billion in 2015 to nearly USD$200 billion by 2025 - a six-fold increase in 10 years.

From my discussions with my ASEAN counterparts at the AMCC, it is very clear to me that ASEAN is eager to capitalise on this opportunity and is well -positioned to do so. Yet, I think it is quite clear that as our digital economy grows, so too does the risk posed by cyber threats. Cybersecurity therefore becomes ever more important and we need a response at the national level. It is individual countries embarking on the steps that are necessary to secure the digital commons in their own jurisdictions. In Singapore’s case, for example, we have been working on strengthening our Critical Information Infrastructure. We have announced our Safer Cyberspace Masterplan which we are implementing, we have initiated new moves like the Cybersecurity Labelling Scheme, and we have also invested significantly in capacity building for cybersecurity.

But given the borderless nature of cyberspace and cyber threats, it is quite clear that this is not just the task for any single government. We need a global response. Collaboration with our international partners to build a rules-based multilateral order in cyberspace is critical if we are to foster a trusted and reliable digital space and reap the benefits of a digital future.

In short, cybersecurity is a prerequisite and enabler of a smart nation and a digital economy. That is why ASEAN member states have taken significant steps to strengthen our individual and collective cybersecurity. ASEAN, as you would know, became the first regional body to subscribe in principle to the 11 norms of responsible state behaviour in cyberspace from the 2015 consensus report of the UN Group of Governmental Experts (UNGGE).

At this year's AMCC, Singapore and ASEAN member states reiterated our collective commitment to take practical steps to enhance the cybersecurity of our region, in particular, the urgent need to protect national and cross-border Critical Information Infrastructure that serve as the backbone for regional communications trade, transportation and logistics links.

Ministers and heads of delegations have also agreed to develop a long-term regional cybersecurity action plan to implement the norms of responsible state behaviour in cyberspace, taking into account the national priorities and cyber capacities of individual ASEAN member states. In other words, moving from norms and a commitment to broad principles, to developing practical ways forward in adopting those norms.

We have also made steady progress in cyber capacity building. I would like to highlight to you two specific initiatives. The first is the ASEAN-Singapore Cybersecurity Centre of Excellence, which has been able to train more than 250 senior ASEAN officials in areas such as policy, technical and operational issues. We also have the ASEAN-Japan Cybersecurity Capacity Building Centre in Bangkok. I think these and other initiatives are important in terms of levelling up our understanding and ability to deal with cyber threats.

ASEAN’s shared commitment to foster this rules-based cyberspace has also enabled us to work closely with international partners and the international community, as a region, to enhance international cybersecurity. ASEAN member states are actively involved in cybersecurity discussions in the United Nations, such as the UN Group of Governmental Experts discussions, and the Open-Ended Working Group. Together with the UN, we have made significant progress.

It was at the third AMCC in 2018, that we launched the UN-Singapore Cyber Programme (UNSCP) with a special focus on cyber norms, awareness building, and cyber policy scenario planning. Building on that momentum, last year, we announced that the UNSCP will develop and run a Senior Executive Cyber Fellowship and a workshop on implementation of norms and confidence building measures, to support regional capacity building efforts.

This year, we have further strengthened our collaboration with the UN to build cyber capacity. Together with Your Excellency Under-Secretary General Nakamitsu, I am pleased to announce our cooperation to develop a norms implementation checklist. This will build on the AMCC norms chart that the ASEAN countries have developed in 2019, refining it, and making it applicable for a wider range of UN member states, which is critical. ASEAN ministers are committed to stability in cyberspace, and we are doing so through this checklist, to implement the 11 voluntary norms of responsible state behaviour in the 2015 UNGGE consensus report.

ASEAN is also going further, to share our experience and knowledge with the UN, so that other states, especially developing nations, can similarly identify the national capacities and structures they can introduce to build their own cyber capacities.

I would like to once again thank the UN for the close cooperation and partnership that we have had over these last several years, in particular in the area of cyberspace. I think it is something that we want to build upon, and this latest initiative on the norms checklist is a further step in that direction.

Let me just reiterate a few key points. The first is that we have always emphasised the importance of the digital economy and the need for all our economies to undertake digital transformation because the potential is significant, and the opportunities are those that are available to a very wide range of enterprises and individuals. This impetus has been given a further boost in the course of the COVID pandemic. Out of sheer necessity, many enterprises have made that digital migration and so do many individuals. But in the process, we have also unlocked new possibilities and opportunities, in the way we are going about our everyday business - organising events like this. This manifests that transformation that we are seeing. But clearly, once the digital economy opportunities are significant and we can see them, they equally expose us to wider cybersecurity risk. It is inevitable as we increase our digital footprint. But that should not stymie our efforts in the digital economy space, but it means that it is a risk that we need to understand, manage and work to address.

In terms of the response to that risk, obviously, at one level, it is what we do at the national level. That is what we have outlined in terms of what Singapore has been doing, in terms of our efforts to strengthen and protect our Critical Information Infrastructure, in terms of our national initiatives like the Safer Cyberspace Masterplan, and also initiatives to work with the broader community, such as Cyber Labelling Schemes, and also helping enterprises so that consumers can make informed choices when it comes to products, and also helping our SMEs and other enterprises better equip themselves for cybersecurity.

But clearly, we all know that the digital economy as well as cyber threats are borderless. Because they are borderless, it means that we must undertake a global effort, a multilateral effort, in dealing with this challenge. That is why we have embarked on a significant effort at the level of ASEAN, adopting the UNGGE norms, subscribing to them in principle and now working on a practical execution. But at the same time, also our work with the UN.

I think this is all part of the larger effort to ensure that we have a digital commons that is safe and secure, so that we can all benefit from the opportunities that it has to offer. A final point I would make is the fact that we have been able to go ahead with this year's SICW, and we have been able to do so with the participation of more countries and more participants is a clear signal, on the one hand, of the resilience of all of us in wanting to make sure that we continue to do the work that needs to be done for the long-term interests of our nations, and at the same time, it also symbolises the commitment that we have towards this very important topic of cybersecurity - something that needs national and international effort, in order to ensure the digital commons are safe and secure.

Just a final comment. Basically, the backdrop we are in is one where, on the one hand, the digital economy is continuing to grow and generate interesting and exciting opportunities, and on the other hand, we also are in an environment where the risk of a splinternet is growing. And when you put these together, it further accentuates the importance of not just national-level responses, but regional and global responses to build a norms-based multilateral order for cyberspace. If we can do that, then we would have achieved the goal of creating a safe and secure digital commons for the whole world, and that will enable our people, our businesses and our governments to fully benefit from the advantages of a digital economy and a digital society to raise the standards of living for all.