Banks, Critical Sectors Must Share Info on Cyber Attacks

Tuesday, Jul 11 2017 06:15 PM

Firms in 11 critical sectors will be required to report security breaches and incidents, and cyber security vendors providing highly sensitive services must be licensed if the proposed Cybersecurity Bill is passed by Parliament.

In the event of a cyber attack, banking and privacy rules that forbid the sharing of confidential information will also be superseded under the new law.

Banks must report to the proposed Commissioner of Cybersecurity "within hours" of an attack and share information with Singapore's Cyber Security Agency (CSA) in an investigation. Those who fail to do so can be fined or jailed.

A draft of the Bill was released yesterday for public consultation until Aug 3.

If passed, the Bill will empower the CSA to manage and respond to cyber security threats and incidents.

The Commissioner of Cybersecurity can investigate threats and incidents to ensure essential services in 11 critical sectors - including telecommunications, transport, healthcare, banking and energy - are not disrupted in a cyber attack.