The Cyber Security Agency of Singapore (CSA) joined hands with ISACA last month to narrow the cybersecurity skills gap in the republic. Theresa Grafenstine (pictured above), ISACA Board Chair, and inspector general of the U.S. House of Representatives (retired), USA, shared more details about the partnership -- which will first last for three years -- in an interview with Computerworld Singapore.
Computerworld Singapore: What is ISACA's role in Singapore's cybersecurity preparedness?
Theresa Grafenstine: For nearly 50 years, ISACA has equipped professionals and organisations, around the globe, with knowledge, credentials, learning opportunities and professional community. ISACA focuses on technology governance, audit and assurance, risk management, and information and cyber security, helping individual career advancement and enterprise digital transformation and innovation.
ISACA's Singapore Chapter has been around for 33 years with over 2,000 members. The Chapter works closely with the government, educational institutes and industry bodies to provide ISACA courses that further develop the Governance, Risk Management, Compliance (GRC); increase the cyber security workforce and plug the skills gap.
What are some areas that will be covered in the ISACA-CSA partnership?
The memorandum of understanding (MOU) between ISACA and Cyber Security Agency of Singapore (CSA), signed on 19 September 2017, will see us jointly enhance Singapore's cyber security capabilities and workforce, using ISACA-developed training, assessment tools and certification. The move is also part of a larger drive to develop a vibrant cyber security ecosystem, one of the four pillars in Singapore's Cybersecurity Strategy.
Around workforce development, we will cooperate to bolster professional knowledge and performance in governance, risk and compliance roles and strengthen cyber security content and practice-sharing platforms in Singapore and beyond.
The MOU will also address technology developments, such as Internet of Things (IOT), Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA). ICS and SCADA are especially critical to a technologically advanced, small city-state such as Singapore. ICS, for example, control the production and distribution of energy and water. Any disruption to those sectors, however minor, has the potential to compromise national security at a much greater level.
IoT is at the core of Singapore's charge to be a leader in Smart Nations. Despite its potential and advantages, IoT can cause the overall network to become even more susceptible to cyber security attacks as it drastically increases the number of connected devices in the system.
Nevertheless, we see significant opportunity in this partnership to develop credentials, content, and resources that address risk management and assessment for ICS and SCADA, as well as IoT and other emerging technologies such as artificial intelligence and machine learning. Meeting these challenges is key to the success of the initial three-year ISACA-CSA collaboration and we are working closely with CSA to develop a more granular roadmap.
Sign up for Computerworld eNewsletters.