Singapore boardrooms get guidance to resist cyber attacks

    By KRIST BOO

    The Straits Times, 12 February 2025 

     

    SINGAPORE– About 500 board directors in Singapore are set to receive training that equips them with the knowledge to combat and recover from cyber threats and ransomware attacks.

    Training sessions, aimed at raising boardrooms’ readiness to meet crises and disruptions, will take place over five sessions throughout 2025.

    It is part of an initiative led by the Singapore Institute of Directors (SID), which is offering the training at no cost to its over 5,300 members. There are 426,234 registered companies locally, with listed companies accounting for more than 3,200 board directors.

    The national association for company directors on Feb 12 launched a Cyber Resilience Guide for Boards (Guide) containing a framework and eight principles that will underlie the training modules.

    The 10-chapter guide, which will be available on Feb 28, lists four tenets and an eight-step process to cyber resilience, as well as an overview of the regulatory landscape and a checklist for board readiness.

    Put together with Temasek-founded technology company ISTARI and Singtel technology subsidiary NCS, the Guide has the endorsement of Cyber Security Agency of Singapore (CSA).

    Senior Minister of State (SMS) for Ministry of Digital Development and Information Tan Kiat How, who did a fireside chat at the launch of the Guide, said he hopes local companies - especially smaller ones - have a mindset change towards cybersecurity this year.

    “They say ‘No please, I am too small. I can’t be the target. They always go for the big, high-value targets’,” he said to the audience gathered at Marina One. “Most of the time, although your company is probably not the target, you are very much collateral damage.”

    Mr Tan also said he hopes businesses play their part. “Keeping your house safe is also a contribution to keeping that estate safe.”

    The government will continue to work with companies to strengthen Singapore’s digital ecosystem, Mr Tan added.

    At the event, SID signed a memorandum of understanding (MOU) with the national education office Nexus, and Mindef to support board directors in meeting business disruptions.

    The agreement marks the upcoming Singapore’s Total Defence season from Feb 15, now in its second year.

    Over two weeks, more than 800 organisations, schools and teams in the community, businesses and government will simulate disruptions or preparedness activities to strengthen continuity plans for power disruptions or phishing attacks.

    In his speech, SID chief executive Terence Quek pointed to the World Economic Forum’s Global Cybersecurity Outlook 2025 released in January, where 72 per cent of respondents it surveyed reported an escalation in cyber risks in 2024.

    “Cyber resilience is not just a technology issue – it is a critical governance and leadership responsibility,” he said, urging board directors to raise their knowledge and competencies.

    The Guide, the Cyber Security Tabletop Exercise Self-Facilitation Guide, and CSA’s playbook for the conduct of phishing exercises for board directors can be found at www.go.gov.sg/SGReadyGoWhere.

    Registration for the SID training sessions will begin in March. SID Membership, including subscription fees, starts from $763 for two years.

    •    Krist Boo is senior business correspondent at The Straits Times.