Mr David Koh, Chief Executive, Cyber Security Agency of Singapore (CSA) on stage, left. Ms Chong Shu Min (Assistant Manager, Strategy & Planning Division, CSA) on stage, right Top left clockwise The Honourable Dato Abdul Mutalib Yusof, Minister of Transport and Infocommunications, Brunei Mr Roberto Viola, Director-General, Directorate-General for Communication, Networks, Content and Technology (DG CONNECT), European Union Mr James Hatch, Director Cyber Security BAE Systems Applied Intelligence Lieutenant General Hinsa Siburian, Head, National Cyber and Encryption Agency (BSSN), Indonesia Mr Julian Cracknell, MD of BAE Systems AI Mr Michal Pukaluk, Director of the Digital Policy Department, Prime Minister’s Office, Poland Photo Credit: Cyber Security Agency of Singapore
Clockwise from Top: Anne Marie Engtoft Larsen (Tech Ambassador, Ministry of Foreign Affairs Denmark); Brandon Wales (first Executive Director, Cybersecurity and Infrastructure Security Agency, United States); Lu Chuanying (Research Fellow, Centre for American Studies, Institute for Global Governance Studies). Peter Moore (Regional Managing Director, Asia Pacific Public Sector, Amazon Web Services) Jane Lo (Singapore Correspondent, Mysecurity media) Photo credit: Cyber Security Agency of Singapore
18 | Cyber Risk Leaders Magazine
Governments & Tech MNCs: Regulate or Collaborate for Cybersecurity? Besides the building of international bilateral and multilateral ties and domestic initiatives, the recent supply chain attacks like the SolarWinds incident also put a renewed urgency to do more. Malicious actors by targeting a supplier integral to our digital infrastructure – whether it is a piece of software in a networking tool or in a cloud service or in a third-party application – can trigger a chain reaction that compromise multiple organisations and thus cause wide-spread disruption.
This multiplier effect means that larger global technology suppliers are highly tempting targets for attackers. With “big tech” – which some refer Tech MNCs as - in the spotlight as the number of supply chain attacks is expected to grow, combined with recent anti-trust actions making headlines, the SICW Conversation on “Governments & Tech MNCs: Regulate or Collaborate for Cybersecurity?” is timely. While trust in the supplier ecosystem is being further tested as the fully taxonomy of such attacks remains unknown, dialogues between government and suppliers are tangible steps towards finding common goals to combat such threats. Engagement models such as the recent US White House meeting with large technology companies were examples explored with Anne Marie Engtoft Larsen (Tech Ambassador, Ministry of Foreign Affairs Denmark); Brandon Wales (first Executive Director, Cybersecurity and Infrastructure Security Agency, United States); Peter Moore (Regional Managing Director, Asia Pacific Public Sector, Amazon Web Services) and Lu Chuanying (Research Fellow, Centre for American Studies, Institute for Global Governance Studies). Moderated by Jane Lo (Correspondent, MySecurity Media), the panel also discussed the trade-offs and gaps in governance in the areas of secure software development and information sharing. While there are regulations, namely, to protect personal data and critical infrastructure, the panel consensus (and a live audience poll) pointed to strong support for collaboration as key to meeting the real threat of cyber incidents. For examples, Ambassador Larsen noted the need for