Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

New rules for Singapore ISPs

By staff writer | March 30, 2011
Infocomm Development Authority (IDA) Code takes effect the end of April 2011.

The IDA's Deputy Chief Executive & Director-General (Telecoms & Post), Leong Keng Thai

From the end of April 2011, Singapore's Internet Service Providers (ISPs) will be required to share infocomm security information, under the new Secure and Resilient Internet Infrastructure Code of Practice.

The Code, issued by the Infocomm Development Authority of Singapore (IDA), under the telecommunications regulatory framework, takes effect on 20 April 2011 and is one of several new mandated measures.

In an official announcement, the IDA said the Code of Practice defines a set of specific security controls and outcomes to ensure that sound security is in place to deal with current and emerging cyber threats.

"It covers the protection of the core Internet infrastructure such as routers, switches and critical network components, and details the objectives and controls essential to prevent, detect and respond to security incidents," the IDA said. "These requirements are consistent with internationally recognised standards and best practices for the industry."

Attacks on internet infrastructure

The IDA's Deputy Chief Executive and Director-General (Telecoms & Post), Leong Keng Thai,), said that cyber attacks are getting more sophisticated and large-scale cyber attacks can bring down the Internet infrastructure of nations.

"To enhance the security of the Internet infrastructure, many countries have, or are in the process of requiring, their Internet infrastructure service providers to put in place security requirements to protect their Internet infrastructure," Leong said.

He said the Code allows ISPs and IDA to make more informed decisions on developing early warnings of emerging cyber threats or taking appropriate pre-emptive measures. Consumers of ISPs' services will benefit from a more coherent and effective response to cyber threats as the ISPs will also put in place measures to better protect them from cyber attacks such as distributed denial-of-service attacks.

ISPs will be required to implement specific controls progressively and to achieve full compliance by 2013.

The Authority said that periodic audits will be conducted by IDA to ensure that ISPs observe the Code.



Sign up for Computerworld eNewsletters.