Singapore Government Bucking Up Security of the Public Sector Following String of Data Breaches

Following a number of high-profile breaches in the past year, such as the SingHealth data breach which saw up to 1.5 million patient records compromised, the Singapore government has been taking more stringent measures to ensure the security of its citizens’ personal data.

Back in April, a committee was formed by Singapore Prime Minister Lee Hsien Loong to conduct a comprehensive review of data security practices across the island nation’s entire public service. On Monday, the Public Sector Data Security Review Committee has announced 13 technical measures that aim to render stolen databases unusable through encryption, detect unusual data transmissions and limit users' access rights.

The Straits Times reported that in addition to the encryption of files, highly sensitive attributes of individuals, as well as the personal information of VIPs and ministers would have to be kept in separate systems with higher levels of control in place.

The 13 measures, outlined in the new Information Security Framework, will have to be complied by all the public agencies with more measures to be revealed and included in the committee’s final report by November. Additional measures will include guidelines to help the agencies train public servants on best data security practices and manage third parties that handle government data.

These will supplement current practices, including the Internet Surfing Separation (ISS), the cutting of Internet access from employee computers for all government agencies, and the disabling of USB ports from being accessed by unauthorised devices, to prevent advanced cyber attacks from infiltrating government networks.

To recap, besides the SingHealth breach in June/July 2018, the Singapore public service sector came under fire for a number of security incidents, including:

  • The leak of confidential records of 14,200 HIV patients from Singapore's HIV registry by American citizen, Mikhy K. Farrera-Brochez (January 2019)
  • A system fault, due to 'human error', led to around 7,700 people receiving the wrong healthcare subsidies under the Community Health Assistance Scheme (Chas) (February 2019)
  • Personal data of over 800,000 blood donors was mishandled and exposed online by a tech vendor of the Health Sciences Authority (HSA) (March 2019)
You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments