Table of contents exchange of letters with the minister executive summary



Download 5.91 Mb.
View original pdf
Page36/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   32   33   34   35   36   37   38   39   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019

Authority (“SITSA”), the predecessor to CSA, in 2011. The SCM, which is an integral part of SingHealth’s EMR, is a CII under the charge of SingHealth.
93. As the Sector Lead for the healthcare sector, IHiS is responsible for reporting security incidents to CSA.
10.2 National Cyber Incident Response (“NCIRF”)
10.2.1
Overview
94. The NCIRF is the framework for the reporting and management of cyber incidents affecting CII in Singapore. The NCIRF was approved by the Homefront Crisis Executive Group (“HCEG”) in December 2015. The HCEG is part of the
Homefront Crisis Management System, and is the executive body tasked with managing peacetime crises. Under the NCIRF, Sector Leads have to report all security incidents within their respective CII sectors to CSA.
95. At the time of the Cyber Attack, the NCIRF was the only relevant national-level security incident reporting framework. Accordingly, in considering the policies in place at the time of the Cyber Attack and the incident response, the Committee will make references to the NCIRF where appropriate. The Committee notes that the Cybersecurity Act 2018 (Act No. 9 of 2018) (the
Cybersecurity Act”) came into force on 31 August 2018, and this act will apply to the SCM system, which has been designated a CII under the act. In making its recommendations, the Committee will refer to the Cybersecurity Act where appropriate.
96. The NCIRF has a three-tiered framework, as follows a)
CII Owner. CII owners are the entities that own CII assets. They are the first-tier cyber incident responders, and are responsible for immediate response to any cyber incidents that affect the CII assets.


COI Report – Part II
Page 33 of 425

(b) Sector Lead. Sector Leads oversee and regulate CII owners within their respective sectors. They are the Sectoral Cyber Incident Managers, providing second-tier response, as they are in the best position to assess the related business risks, and impact of such threats, to the sector. c)
CSA. The national agency in charge of cybersecurity, CSA oversees 11 CII sectors
9
and is the National Cyber Incident Manager, which coordinates incident response efforts across the sectors. CSA provides third-tier response, supporting Sector Leads and CII owners when required.
10.2.2
Categories of security incidents
97.
CII perform critical functions in order to provide essential services which, if disrupted, would have a debilitating impact on Singapore’s national security, economy, or public health and safety. Incidents associated with the critical functions of CII or provision of essential services must be reported to CSA in a timely manner to facilitate investigations. The three categories of incidents that Sector Leads must report to CSA are i) Category 1: Incident directly affecting CII. ii) Category 2: Incident occurring on systems or network that could put the CII at risk. iii) Category 3: Incident occurring on systems or network within CII sector that is not covered under Category 1 and Category 2. The 11 sectors are Energy, Water, Banking and Finance, Healthcare, Land Transport, Maritime Transport, Aviation, Infocomm, Media, Security and Emergency Services, and Government.


Download 5.91 Mb.

Share with your friends:
1   ...   32   33   34   35   36   37   38   39   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy