Table of contents exchange of letters with the minister executive summary


Part VII – Recommendations by the



Download 5.91 Mb.
View original pdf
Page178/329
Date27.11.2023
Size5.91 Mb.
#62728
1   ...   174   175   176   177   178   179   180   181   ...   329
Report of the COI into the Cyber Attack on SingHealth 10 Jan 2019

Part VII – Recommendations by the
Committee on TORs #3, #4, and #5
TABLE OF CONTENTS – PART VII
35
PREAMBLE ..................................................................................................... 221
35.1
Terminology ................................................................................................. 221 Recommendations for TORs # 3, #4, and #5 ............................................... 222 Key considerations for recommendations .................................................... 225 Priority Recommendations ........................................................................... 227 Additional Recommendations ...................................................................... 231
36
RECOMMENDATION #1: AN ENHANCED SECURITY STRUCTURE
AND READINESS MUST BE ADOPTED BY IHIS AND PUBLIC HEALTH
INSTITUTIONS ....................................................................................................... 235
36.1
Gaps between policy and practice must be addressed ................................. 235 36.2
IHiS must adopt a “defence-in-depth” approach ......................................... 237
36.2.1
Reviewing legacy systems ............................................................................... 238
36.2.2
Reviewing all assets including lower-priority assets ...................................... 239
36.2.3
Reviewing the network .................................................................................... 241
36.3
Cybersecurity must be viewed as a risk management issue, and not merely a technical issue – decisions should be deliberated at the appropriate management level, to balance the trade-offs between security, operational requirements and cost .................................................................................. 242 Ensuring appropriate lines of reporting ....................................................... 243
36.4.1
Ensuring appropriate management visibility ................................................. 244
36.4.2
Ensuring appropriate cybersecurity resources at the Cluster senior
management level ........................................................................................... 245

Download 5.91 Mb.

Share with your friends:
1   ...   174   175   176   177   178   179   180   181   ...   329



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
same time
west coast
united kingdom
united nations
total amount
full range
highest level
soviet union
european union
national academy