Global Resilience Federation Asia Pacific (GRF APAC), in partnership with the Cyber Security Agency of Singapore (CSA), today announced the launch of the Operational Technology Information Sharing and Analysis Center (OT-ISAC) to reduce cybersecurity risks to Operational Technology Critical Information Infrastructure (CII) in the city-state.
OT-ISAC will serve as a threat information sharing hub for companies in energy, water and other CII sectors in Singapore. Using proven tools and technologies, member companies can securely exchange details of OT and IT threats and attacks on their organisations, to prevent and quickly mitigate and contain damage caused by malicious actors.
OT-ISAC is managed by GRF APAC, a regional business unit of Global Resilience Federation, leveraging existing cross-sector exchange, integrated intelligence sources, and extensive analysis experience. GRF APAC has hired and continues to train local staff to educate and assist member companies with how to share, monitor, analyze, and use relevant threat intelligence including that from members, government, partner sharing communities, and vendors.
“Singapore offers a strong economy, a highly educated workforce, a central location, and an environment friendly to trade and investment. Because of its status as a commercial hub and geopolitical factors, it is a target for cyberthreats,” said Mark Orsi, President of GRF. “The creation of OT-ISAC demonstrates the commitment by CSA to address these risks and strengthen the resilience of Singapore’s utilities and sectors reliant upon OT systems.”
CSA has provided guidance and the initial financial backing for the member-based community to enhance threat information sharing, allow timely responses to cyber threats and help achieve greater resilience among OT-using organisations.
Mr. David Koh, Chief Executive, CSA said, “CSA is proud to partner with GRF to bring the OT-ISAC to Singapore. It is the first cyber intelligence and analysis sharing platform focusing on the OT space in the region. Information sharing is critical when we are dealing with sophisticated, fast-evolving cyber threats. This initiative will help to fill an important gap – cyber threats targeting OT systems. It will enhance our sectors’ cyber defences, allowing them to monitor, analyse and take prompt action to respond to cyber incidents when they occur.”
OT-ISAC benefits from the institutional experience of Global Resilience Federation, an operator and connector of information sharing and analysis centers and member companies around the world. Building on this experience, OT-ISAC is able to facilitate sharing of tactical and strategic security details, providing early insight into emerging threats, detection techniques, and containment measures. Exchanged information includes vulnerabilities and attacks to OT systems and relevant IT applications affiliated with OT systems.
Privacy and trust are vital elements of any sharing community and the Traffic Light Protocol (TLP) helps ensure that circles of trust are established to facilitate selected sharing with other member companies, government partners, sharing communities and vendor partners. Adoption of the TLP information dissemination/classification system allows OT-ISAC members to determine whether their information is shared anonymously or with attribution and with whom their information is shared. The protocol binds readers and disseminators, effectively acting as a private sector security classification system to further community engagement and information exchange, to the advantage of CII resilience.
“Malicious actors actively share company, industry and technological weaknesses on forums. They build and sell attack tools and discuss their own criminal best practices,” added Orsi. “To defeat these dynamic threats, we must be vigilant and proactive in our approach. We must build trusted communities and facilitate intelligence sharing to multiply our collective security awareness and reduce risk. We’re proud to help bring OT-ISAC to Singapore to meet this need.”