Singapore to introduce security label for smart home devices
Last Updated on by Segun Ayo
Singapore is planning to introduce a Cybersecurity Labelling Scheme for home routers and smart home hubs as part of efforts to increase awareness about using secured products. It also hopes the initiative will push manufacturers to deploy enhanced cybersecurity measures and will be looking to mandate a set of minimum security requirements for home routers.
Internet of Things (IoT) devices such as home routers and smart home hubs are a growing area of security concern, especially as the adoption of such devices was expected to grow significantly, said Singapore’s Senior Minister of State for the Ministry of Communications and information, Janil Puthucheary.
Speaking Tuesday at the MCI Committee of Supply Debate, he said these IoT devices typically had weak security protection and could be exploited by cyber attackers, who then could launch distributed denial-of-service (DDoS) attacks to overwhelm systems and disrupt operations.
To plug such gaps, the Cyber Security Agency (CSA) would be introducing the Cybersecurity Labelling Scheme (CLS) for home routers and smart home hubs. This initiative aimed to increase consumer awareness about the use of more secure products as well as urge manufacturers to adopt additional cybersecurity measures, Puthucheary said.
In addition, the Infocomm Media Development Authority (IMDA) would mandate a set of minimum security requirements for home routers, which should improve baseline standards for such devices, he said. These also would be the pre-requisite for manufacturers to secure the CLS for their products.
The minister added that IMDA planned to publish an IoT Cyber Security Guide to provide guidance for enterprises and their vendors on the deployment of IoT technologies.
There currently is a version of an IoT Cyber Security Guide released by IMDA in January 2019.
During his speech, Puthucheary also touched on other efforts to better safeguard citizens’ data privacy and cyber wellbeing.
For instance, to protect consumers against scam calls, he said the IMDA had worked with local telcos to block international spammers from using commonly spoofed numbers such as 999 and 995.
Future initiatives included plans to mandate the use of the “+” symbol as a prefix for all overseas calls, disabling international scammers from using spoof numbers that looked local. This, he noted, would help consumers identify and reject international spoof calls.
He added that the Singapore government would continue to unveil new measures to combat scams, with the Ministry of Communications and Information working alongside other agencies within the newly-established Inter-Ministry Committee on Scams, to boost their collective efforts to combat the problem.
In addition, to encourage responsible use of facial recognition technology, the Personal Data Protection Commission (PDPC) and the Government Data Office this year would be releasing guidelines on the responsible use of biometric technology. These guides would encompass best practices and policies on the management of data collected via such technology.
The PDPC oversees Singapore’s Personal Data Protection Act (PDPA).
According to Puthucheary, the government currently was reviewing the legislation to enhance accountability of organisations with regards to online consent agreements. He noted that the PDPC last year updated the Guide to Notification to offer examples of how businesses should utilise just-in-time notifications and obtain dynamic consent. He said this would enable individuals to make informed decisions as and when relevant, instead of one-off lengthy consent agreements.
The current review of the Act included proposed amendments such as enforcing organisations to notify affected individuals and the PDPC of significant data breaches, boosting the PDPC’s enforcement powers, and instilling accountability practices such as risk assessments for organisations.
The amendments to the Act would be implemented later this year, the minister said.
To boost cybersecurity skillsets in Singapore, CSA would introduce the SG Cyber Talent initiative to reach out to more than 20,000 individuals over three years through new and existing programmes. These aimed to bring together the cybersecurity community and educators to cultivate an aptitude for cybersecurity amongst young Singaporeans, with participants receiving mentorship and customised training and provided with a platform for cyber sparring.
The CSA also would establish “communities of practice” to offer training in cybersecurity and equip cybersecurity professionals with knowledge of global best practices and technologies so they could more effectively secure their organisations.
Puthucheary said: “[SG Cyber Talent] will build a pipeline of cybersecurity professionals to support Singapore’s ambitions to be a cybersecurity hub.”
Singapore is expected to launch its Safer Cyberspace Masterplan later this year, which will include the implementation of baseline security standards and drive the adoption of these safeguards in the city-state.
Improving data flow across borders
During his speech at the MCI Committee of Supply Debate, Singapore’s Minister for Communications and Information S. Iswaran reiterated the country’s efforts in improving cross-border data flow, including establishing Digital Economy Agreements with nations such as Australia, New Zealand, and Chile.
These deals would enable secure data flows and seamless cross-border digital payments, benefitting businesses in the countries involved.
Iswaran said: “Our goal and our interest is to work with like-minded partners to ensure an open digital trade architecture, and to guard against a new kind of protectionism.”
Singapore also was looking to modernise its logistics networks, which the minister noted was critical amidst an expanding e-commerce landscape. He said some 200,000 parcels were delivered daily across Singapore, where e-commerce was expected to grow between 12% and 20% a year over the next five years.
“It is neither productive nor sustainable for all this growing volume of packages to all be delivered to the doorstep. We do need alternative solutions,” he said. “We must enhance Singapore’s last-mile delivery infrastructure and that is why we have decided to deploy a nationwide parcel locker network.”
Owned by IMDA, this locker network would be accessible to all logistics players, he added, noting that this aimed to offer greater choice to consumers, while improving productivity within the urban logistics sector.
According to Sim Ann, Senior Minister of State for the Ministry of Communications and Information, the IMDA would be rolling out 1,000 locker stations in HDB estates, MRT stations, and Community Centres by end-2022. This locker network would complement existing commercial locker stations and doorstep deliveries, she said.
Sim explained: “The goal is to place a locker station around five minutes’ walk from every HDB block. Users can collect parcels on their way to work, or on their way home–any time of the day. Merchants and logistics service providers will also enjoy greater delivery efficiency. This may result in more competitive delivery prices for consumers.”