SINGAPORE, 28 FEBRUARY 2011 - Singapore ISPs will be required to share infocomm security information under a new mandatory code of practice issued today by the Lion City’s Infocomm Development Authority (IDA).
According to the IDA, the ‘Secure and Resilient Internet Infrastructure Code of Practice (SRII-CoP)’ introduces mandatory standards for ISPs to promote information sharing, security best practices and effective response.
An official announcement said: “The Code allows ISPs and IDA to make more informed decisions so that early warning to emerging cyber threats can be developed and appropriate pre-emptive measures can be taken.
“It puts in place measures to better protect businesses and end users from cyber attacks such as distributed denial-of-service attacks,” the official statement said.
“This code comes under the telecommunications regulatory framework. It defines a set of specific security controls and outcomes to ensure that sound security is in place to deal with current and emerging cyber-threats.”
Full compliance by 2013
ISPs will be required to implement specific controls progressively as the code comes into effect from 30 April 2011, and achieving full compliance by 2013. Periodic audits will be conducted by IDA to ensure that ISPs observe the code.
Among other things, the new code requires ISPs to “put in place measures to better protect businesses and end users from cyber attacks such as distributed denial-of-service attacks”.
The statement said that the code covers the protection of the core Internet infrastructure such as routers, switches and critical network components, and details the objectives and controls essential to prevent, detect and respond to security incidents.
The IDA’s deputy chief executive/director general (telecoms & post) Leong Keng Thai said that cyber attacks were getting more sophisticated and large scale cyber attacks can bring down the Internet infrastructure of nations.
“To enhance the security of the Internet infrastructure, many countries have or are in the process of requiring their Internet infrastructure service providers to put in place security requirements to protect their Internet infrastructure,” Leong said.
Bolstering internet security
“The IDA has worked with the designated ISPs to forge an effective Code of Practice that will bolster the security of our Internet Infrastructure.”
The IDA says the code requirements are consistent with internationally recognised standards and best practices for the industry, will put the Singapore ISPs in good stead and provide assurance to their consumers.