Strengthening Singapore’s cybersecurity frontline with zero trust
In the digital era, data is the new gold, driving economies and shaping societies – and just like gold, criminals covet data. Singapore, a beacon of technological innovation and digital governance, is not immune to the global tide of cyber threats that seek to undermine its digital wealth.
With its advanced digital infrastructure attracting attackers like moths to a flame, ensuring the city-state’s cyber resilience is not just a necessity but a critical national priority. Our recent Zero Labs Report underscores this urgency, highlighting that Singapore ranked second, after India, for the highest percentage of organizations experiencing sensitive data loss events globally in 2023.
Recent reports from the Cyber Security Agency of Singapore (CSA) highlight an uptick in cyber incidents, with sectors ranging from healthcare, finance, and critical infrastructure facing sophisticated attacks. These breaches threaten operational continuity for businesses within these sectors and may erode public trust in digital services. The surge in remote work and digital transactions has further expanded the attack surface, rendering traditional security perimeters much less effective.
Coupled with the advent of technologies such as IoT and cloud computing, revolutionizing how data is stored and accessed, cybercriminals are now presented with a fertile ground to carry out their cyber activities. Ultimately, traditional cybersecurity models are no longer sufficient – as evidenced in the staggering 98 percent of Singaporean organizations who reported significant data visibility challenges, and the 86 percent of Singaporean IT and security leaders who believe that data growth is outpacing their ability to secure it.
It is time for a radical rethink of cybersecurity strategies, steering away from the conventional ‘castle and moat’ approach to a more dynamic and adaptive model.
Embracing Zero Trust
Zero Trust is not just a security model but a shift in cybersecurity philosophy.
It operates on the principle that breaches are inevitable. With this ‘assumed breach mindset’, trust is never implicit, regardless of whether an access request originates from within or outside the network. Given that 70 percent of respondents in our survey suspect insider violations of data policies, the Zero Trust model’s emphasis on verifying every access request becomes even more critical.
Singapore’s digital-first governance and agile regulatory framework offer a unique advantage in adopting Zero Trust. Regulators have also recently adopted the Government Zero Trust Architecture (GovZTA), in an effort to enhance the government’s cybersecurity posture, balancing risks and usability. By integrating such principles across public and private sectors, the Lion City’s digital assets can strengthen resilience in the face of ever-increasing attacks. Doing so involves a comprehensive overhaul of cybersecurity policies, from user access controls to data encryption and incident response protocols.
Zero Trust architecture can significantly reduce the impact of data breaches by limiting privileges to the bare minimum and continuously monitoring network activity. For instance, in the event of stolen user credentials, it curtails the attacker’s capacity for lateral movement within the network. This approach is crucial for safeguarding critical data backups from malicious actors, ensuring they remain dependable for operation restoration.
Securing backup data
With the Zero Labs data indicating that 93 percent of organizations have faced attempts to compromise their backups, the need for robust backup protection is clear. Cybercriminals target backups to incapacitate victims’ recovery capabilities, a strategy that has led 72 percent of organizations to report that they paid ransoms – albeit with only a 16 percent success rate in full data recovery.
Protecting critical data with air-gapped, immutable, and rigorously controlled backups bolsters cyber resilience and empowers organizations to turn backups into an active line of defense. Regular threat hunting within backup environments aids in the early detection of compromise indicators, minimizing the attack’s impact. Identifying compromised data enables organizations to eradicate the root cause, avoiding recovery from a tainted copy.
As Singapore strides towards its Smart Nation vision, adopting Zero Trust is necessary.
The data from our Zero Labs report is a clarion call for immediate action, underscoring the exponential growth in data and the myriad challenges it presents. The path to a resilient digital Singapore is paved with challenges, but with a concerted effort from the government, businesses, and individuals, it is a goal well within reach.
We can stay a step ahead of the attackers by embedding Zero Trust into our digital fabric and adopting an assumed breach mindset. Cyber incidents will still occur, but these steps can help ensure Singapore remains a secure, resilient, and vibrant digital hub.
Abhilash Purushothaman is Vice President & General Manager (Asia) at Rubrik.
TNGlobal INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.
