Opening Speech for Cyber SIG (cssig) Launch as President for ISACA Singapore Chapter (and advisor for cssig)

Happy New Year and wishing everyone a great 2023 ahead! In the?2021 ISACA-Frost & Sullivan Survey: The Singapore Cybersecurity Landscape , revealed that 63% of respondent organisations accelerated their digital transformation during the pandemic, than in prior years. The same study noted that despite a general perception of cybersecurity having improved, senior management is more concerned with cyber risk issues.

Twelve months later, in the 2022 survey in the 4th year running, we also found that 1/3 of Singapore organisations experienced an increase in supply chain attacks, highlighting the increasing scope and complexity of this issue.

The trends in terms of the key challenges are also reflected in the ISACA global surveys, the digital trust survey. Cyber is the battleground which is being faced by nations, corporates and citizens currently. Emerging Tech and Emerging Threats are growing daily with unprecedented speed, what I called Rise of the two ETs.

Cybersecurity has become an issue of geopolitical importance which impacts a country’s national security, economic progress and societal values. We have seen how communication satellites have been targeted, drones being used to bring down wireless Access Points. Nation state actors breach crypto-currency exchanges to fund their nations that are under sanction. The impact comes predominantly in the form of disclosure, disruption,?and destruction, such as with killware.

Beyond satellite communication attacks, drone and crypto-currency exchange attacks, current ransomware tactics have increasing evolved over time. We are not just looking at single-extortion attacks, but double-extortion, triple-extortion,?and even?ransom cartels. The impact is increasingly felt as real-world disruptions. Hospitals, emergency services, power utilities and transportation, including air travel, have been?disrupted?due to cyber breaches.

The unintended severe consequences are serious societal concerns including the loss of lives, especially with respect to cyber-physical systems in operational technology. As we embark on Industry 4.0, attack surfaces increase,?and?CISOs and?enterprises are exposed to even more threats. We have to deal with the rise of two ETs, emerging tech and emerging threats.

Keeping abreast with emerging technology, we have to deal with foreseeably a post-quantum age, the metaverse and web3 if that also materializes. And the talk of the town in the last few weeks have been ChatGPT and how it can be misused for nefarious purposes, from generating phishing emails to creating evasive malware code, etc.

Increased scrutiny from regulatory bodies such as the Securities and Exchange commission (SEC) also meant that if regulatory risk and requirements are not managed properly, hefty fines and criminal action may be taken by the regulators against CISOs and c-suite executives as well as the board. To tip the scales of asymmetry, the US has been actively pursuing the concept of Defending Forward, where counter-strike is deem acceptable in certain circumstances. This had also given rise to a lot of debate in the community. Notwithstanding, sanctions can also be disruptive and concentration risk is a growing concern.

It is with this backdrop, the rise of the two ETs and increased chatter from the cybersecurity membership that this Cybersecurity SIG was formed, under the auspice of the ISACA Singapore Chapter , to help the community and public to better able to focus on levelling ourselves and our enterprises, as a collective community, against our adversaries.

I first mentioned the formation of this SIG in GTACS 2022 in Sep last year, and I would like to thank Ajay Kumar again, our chapter volunteer, for rising to the occasion to chair and lead the SIG, with Phoram Mehta and myself as advisors to the SIG and looking forward to members joining the SIG.

I would also like to thank our Guest-of-Honor Deputy Chief Executive Gaurav Keerthi of Cyber Security Agency of Singapore (CSA) , distinguished speakers Prof Kwok Yan Lam for the fireside as well as our distinguished panelists Benjamin Ang , Charmaine Ng , Daryl Pereira and Phoram Mehta for their later sharing at the panel as I pick their brains. Finally, I look forward to your active participation in this SIG as we brace ourselves for an increasingly complex cyber-physical world. Thank you.