For Singapore, cybersecurity in operational technology systems is becoming a national concern. Gradually, the country's operational technology systems will be networked and interconnected to allow for the gathering and analysis of big data, with the goal of increasing overall production and efficiency.

To develop and differentiate themselves in the changing economy, businesses must increasingly rely on innovative and disruptive technology. Customers, stakeholders, and the marketplace will lose faith in organisations that lack adequate security measures to assist manage these changes, exposing them to ever-increasing danger. So far, cybersecurity has mostly been focused on providing solutions for enterprise IT systems, with a special focus on securing infrastructure across new digital business scenarios. Today, more than ever before, cybersecurity opportunities are moving across operational technology systems. As operational technology systems becomes more widely adopted, the understanding and realisation that an operational technology breach can have serious implications – extending to the physical domain and affecting property and life – grows. Organizations may be completely prepared for both problems and possibilities on the horizon if they have a comprehensive grasp of risks and laws.


Increased online activity and interconnectedness in a post-COVID 19 and digitally disrupted world implies that the need to minimise digital risks and create digital business resilient is even more critical.

Cybersecurity Act

The Singapore Cybersecurity Act is a timely endeavour aimed at improving digital security and resiliency across industries that offer critical services in Singapore. The Act establishes a framework for Critical Information Infrastructure (CII) owners to follow when it comes to their responsibilities to secure their data and networks against cyber assaults. Energy, water, banking and finance, healthcare, transportation (land, marine, and aviation), info-communications, media, security and emergency services, and government are the CII sectors specified.


The Commissioner of Cybersecurity is empowered under the Act to examine cybersecurity threats and events in order to assess their impact and avoid additional harm or cybersecurity mishaps. The powers that can be exercised are based on the seriousness of the cybersecurity threat or event, as well as the response actions that are necessary. This gives Singaporeans confidence that the government can successfully respond to cybersecurity threats and keep Singapore and its citizens secure.

Create a framework for exchanging cybersecurity data.

The Act also makes it easier to share information, which is important since timely information helps the government and owners of computer systems better identify vulnerabilities and avoid cyber incidents. The Act establishes a structure for the CSA to seek information, as well as a framework for the protection and exchange of that information.
Scroll to Top