Regulatory Approaches in Digital Security (OECD Global Forum on Digital Security).pdf
benjaminang
191 views
12 slides
Aug 08, 2024
Slide 1 of 12
1
2
3
4
5
6
7
8
9
10
11
12
About This Presentation
0:00 Introduction and Definition of Digital Security
2:55 Areas of Digital Security Regulation in Singapore
7:40 Systems of Temporary Concern (Cybersecurity Act 2024, Singapore)
10:05 Entities of Special Cybersecurity Interest (Cybersecurity Act 2024, Singapore)
11:42 Foundational Digital Infrastruc...
Slide Content
Regulatory Approaches in
Digital Security
Presented to
OECD Global Forum on Digital Security
By Benjamin Ang, Senior Fellow
Head/CENS, FIT, and DIR
Centre of Excellence for National Security
Future Issues in Technology
Digital Impact Research
Digital Security
Presented to
OECD Global Forum on Digital Security
By Benjamin Ang, Senior Fellow
Head/CENS, FIT, and DIR
Centre of Excellence for National Security
Future Issues in Technology
Digital Impact Research
Key Questions
1.In which areas is digital security
regulation already the norm? In
which areas should it become the
norm? (e.g., critical infrastructure,
IoT, cloud, certification/labels)
2.In which areas has self-regulation
proven to be effective but
sometimes ineffective, too?
3.What is the right balance
between compulsory regulation,
voluntary regulation, and
autonomy?
4.What are the best practices and
examples from different
countries/ stakeholders/ sectors
that could be put forward to
enhance collaboration?
5.What are the strategies for
strengthening collective efforts in
favourof digital security?
1.In which areas is digital security
regulation already the norm? In
which areas should it become the
norm? (e.g., critical infrastructure,
IoT, cloud, certification/labels)
2.In which areas has self-regulation
proven to be effective but
sometimes ineffective, too?
3.What is the right balance
between compulsory regulation,
voluntary regulation, and
autonomy?
4.What are the best practices and
examples from different
countries/ stakeholders/ sectors
that could be put forward to
enhance collaboration?
5.What are the strategies for
strengthening collective efforts in
favourof digital security?
Definitions of Digital Security
OECD Definition
•Digital security risk encompasses
economic and social risk
rather than solely technical risk
stemming from cyber incidents
Singapore Definition
•Digital security in Singapore
involves creating a safe, secure,
resilient, and trusted digital
environment
OECD Definition
•Digital security risk encompasses
economic and social risk
rather than solely technical risk
stemming from cyber incidents
Singapore Definition
•Digital security in Singapore
involves creating a safe, secure,
resilient, and trusted digital
environment
1. Areas with Digital Security Regulation in
Singapore
Law / Regulation Area Covered
Cybersecurity Act 2018 11 Critical Sectors: Energy, Water, Banking and Finance, Healthcare,
Transport (Land, Maritime, Aviation), Infocomm, Media, Security and
Emergency Services, Government
Cybersecurity Act 2024 -CII outside the country
-STCC: Systems of Temporary Cybersecurity Concern
-ESCI: Entities of Special Cybersecurity Interest
-FDI: Foundational Digital Infrastructure
Internet of Things Cybersecurity Labelling Scheme
Social media Protection from Online Falsehoods and Manipulation Act (POFMA)
Online Criminal Harms Act (OCHA)
Protection from Online Harassment Act (POHA)
Singapore
Law / Regulation Area Covered
Cybersecurity Act 2018 11 Critical Sectors: Energy, Water, Banking and Finance, Healthcare,
Transport (Land, Maritime, Aviation), Infocomm, Media, Security and
Emergency Services, Government
Cybersecurity Act 2024 -CII outside the country
-STCC: Systems of Temporary Cybersecurity Concern
-ESCI: Entities of Special Cybersecurity Interest
-FDI: Foundational Digital Infrastructure
Internet of Things Cybersecurity Labelling Scheme
Social media Protection from Online Falsehoods and Manipulation Act (POFMA)
Online Criminal Harms Act (OCHA)
Protection from Online Harassment Act (POHA)
STCC:
Systems of
Temporary
Cybersecurity
Concern
Systems of
Temporary
Cybersecurity
Concern
ESCI: Entities of
Special
Cybersecurity
Interest
Special
Cybersecurity
Interest
FDI:
Foundational
Digital
Infrastructure
Foundational
Digital
Infrastructure
Singapore’s Cybersecurity Labelling Scheme
What is covered
All categories of consumer IoT devices
(“smart devices”) e.g.
•IP cameras
•smart door locks
•smart lights
•smart printers.
•Wi-Fi routers and smart home hubs
Mutual recognition
•Finland
–With Transport and Communications
Agency of Finland (Traficom)
•Germany
–With Federal Office for Information
Security of Germany (BSI)
•Smart Cameras, TVs, Speakers,
Toys, Garden and Household
Robots, Home Automation, Health
Trackers, Lighting, Power Socket,
and Thermostats.
What is covered
All categories of consumer IoT devices
(“smart devices”) e.g.
•IP cameras
•smart door locks
•smart lights
•smart printers.
•Wi-Fi routers and smart home hubs
Mutual recognition
•Finland
–With Transport and Communications
Agency of Finland (Traficom)
•Germany
–With Federal Office for Information
Security of Germany (BSI)
•Smart Cameras, TVs, Speakers,
Toys, Garden and Household
Robots, Home Automation, Health
Trackers, Lighting, Power Socket,
and Thermostats.
Regulation of Digital Media
Protection from Online
Falsehoods and Manipulation Act
•Covers false statements of fact
(not opinion) with public impact
•Can issue Correction Directions
–Compulsory posting of fact check
–NOT takedown
•Can issue Disabling directions
•Can take action against inauthentic
accounts (trolls and bots)
Online Criminal Harms Act
•Covers
–Online child sexual exploitation,
–Drug transactions on chat apps
–Scams
•Can issue directions to Stop
Communication, or Disable, or
Block Apps
Protection from Online
Falsehoods and Manipulation Act
•Covers false statements of fact
(not opinion) with public impact
•Can issue Correction Directions
–Compulsory posting of fact check
–NOT takedown
•Can issue Disabling directions
•Can take action against inauthentic
accounts (trolls and bots)
Online Criminal Harms Act
•Covers
–Online child sexual exploitation,
–Drug transactions on chat apps
–Scams
•Can issue directions to Stop
Communication, or Disable, or
Block Apps
2. When does self-
regulation work for
digital security?
It works until it doesn’t
Example: Laws requiring car
makers to install seat belts
regulation work for
digital security?
It works until it doesn’t
Example: Laws requiring car
makers to install seat belts
3. The Balance
Depends on the
society, culture,
political situation
Note: It is NOT
PROVEN that
“regulation always
stifles innovation”
Depends on the
society, culture,
political situation
Note: It is NOT
PROVEN that
“regulation always
stifles innovation”
Best Practices and
Strategies
•Build trust among digital
stakeholders
–Transparent
communication
–Honest and fair
exchanges
•Eliminate (or reduce)
special interest lobbies
•Get buy in from society
Strategies
•Build trust among digital
stakeholders
–Transparent
communication
–Honest and fair
exchanges
•Eliminate (or reduce)
special interest lobbies
•Get buy in from society
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 191
- Slides 12
- Age 480 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views