Saturday, June 12, 2021

Singapore will soon roll out new tools to strengthen government IT systems

Must Read

NSA Discovers new critical vulnerabilities in Exchange Servers

The National Security Agency on Tuesday said it had warned Microsoft of several serious problems that criminals could use...

DNSpooq allows attackers to poison DNS cache records

Network administrators have requested that they use the latest Dnsmasq updates to prevent new DNSpooq attacks. Security experts today revealed...

Microsoft Exchange zero-day exploited in attacks against US local governments

Ongoing investigations into the active use of four Microsoft Exchange bugs has revealed attacks against US local government agencies. On...

Singapore will soon roll out tools and measures to connect the many “IT vulnerabilities” highlighted in the report, including weak controls and an inadequate review process for privileged user activities. The report also emphasized the need to reduce the risks and new risks posed by the rapid digital transformation during the global epidemic.

According to a recent Public Accounts Committee report, efforts are underway to address IT issues since last year, with automated tools taking precedence.

The measures were hatched in January the previous year when the committee argued with the public sector that repetitive IT had expired in its 2020 report. It also pointed out the lack of acceptable practice in managing user access rights through the entry and review of user rights manually.

The committee added that the regulation of retailers and partners of foreign companies could be strengthened. “Given the increasing rate of digital integration and outsourcing of IT services in the public sector, IT-related risks such as data security and security risks will remain significant threats to government,” he noted in a report released Monday.

Smart Nation and the Digital Government Group (SNDGG) led efforts to fill the vacancies, which emphasized the importance of human governance, process transformation, adherence to these new procedures, and the introduction of automation and technology tools.

The government agency said it was developing a single tool that would include the automatic use of deleting inactive user accounts, which still needs to be handled despite introducing a new application informing organizations of staff departures and changes in the field. The stadium has been distributed to 38 agencies since October 2019.

The currently integrated tool is intended to be completed by the end of 2021, after which agencies will have to integrate all existing systems with one platform over the next three years. This will be rolled out to high-level programs by December 2023 and all remaining programs by December 2024, according to the SNDGG.

Another tool to assist in the review of eligible users’ rights is the one set to be implemented in state-of-the-art programs in December 2022, followed by the pilot – launched last April – involving 15 government agencies.

The SNDGG reported that it was “refining” adoption rules to monitor various types of logs, including operating systems, information, networks, applications, security, and the concept of improving the acquisition system’s efficiency. Utilities will be continuously increased in all sectors from January 2021.

Steps have also been taken to strengthen organizational processes, aiming to facilitate greater ownership to end IT care. For example, in the area of ​​data and cybersecurity, an agency security officer and a senior data manager will now be required to report cybersecurity and data issues directly to the agency’s head.

All spheres of government will have access to audit and incident data to predict potential governance risks in IT systems. The first batch of agencies is expected to begin testing this in the first quarter of 2021, with shipments across the sector targeted in the second quarter.

According to the Public Accounts Committee, new procedures have been put in place across all government spheres to provide a “more orderly and effective response” to data incidents. This includes establishing the Government Data Security Center Center last April as a public way to report incidents of information affecting a public agency.

From March 2021, all public bodies will be required to conduct annual cyber tests and data security data.

From now on, the Public Accounts Committee has realized that the rapid digital transformation brought about by the COVID-19 epidemic can pose risks and risks. It said SNDGG was being investigated for those risks and how the agency was reducing them.

In response, the national strategy team said it was developing a comprehensive government “ICT and Smart System” program, which would include the central office, disaster risk management, and the integration of the framework and risk management for each business process.

The SNDGG identified ten potential risks but noted that most of them were on track for ongoing efforts, including strengthening data security frameworks and security risks and human risk management.

The Singapore government in February 2020 said it would invest SG $ 1 billion to strengthen its cybersecurity and data security systems, recognizing that this was important as its agencies expanded technologies such as artificial intelligence, cloud, and Internet of Things. To be used over the next three years, the funds are designed to prepare the country to deal with cyber threats as computer efforts intensify.

a2434345d63481a40f0d145881b41013?s=96&d=mm&r=g
Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

An error of coding results attacker will delete a live video of Facebook

Facebook has solved the problem of Programming errors on live video services that allow attackers to successfully remove video...

What is a Cyber Attack or Virtual Attack

Firstly We Wil Discuss About Cyberattack or we will also say virtual attack. A Cyberattack is a type of attack that will be done...

Firefox 88 start disabling FTP with removal set for Firefox 90

Firefox 88 update has disabled File Transfer Protocol (FTP) support completely from the browser. The handling of clicking on FTP links from within Firefox...

Google Project Zero giving The 30-day grace period for user patch adoption

Google Project Zero will be shifting from a fairly hard 90-day deadline to a new model that incorporates a new 30-day grace period to...

Parking app ParkMobile experiences data breach of 21M Users

The popular mobile app that drivers use to pay and find available public parking in Pittsburgh and in other cities experienced a data breach...

More Articles Like This