Singapore Telecommunications : Singtel launches one-stop cyber security resilience programme for small and medium enterprises

First-of-its-kind training and cyber incident management programme is specifically designed to improve SMEs' cyber readiness 

n

Singapore, 20 September 2023 - Singtel today launched the Cyber Elevate Programme, a holistic one-stop training and cyber incident management programme, aimed at improving the cyber security resilience of small and medium enterprises (SMEs), at the Singtel Cyber Security Institute (CSI). The Programme, the first-of-its-kind in Singapore, is specifically designed to equip SMEs with the necessary capabilities and skillsets to prepare, detect, respond, and recover from cyber attacks at affordable rates. It includes an audit of a company's cyber risk profile, mentorship workshops on the best cyber security practices and legal and forensics support by key partners who will render vital assistance to the SMEs in the event of a cyber attack. This ensures that SMEs are able to identify and protect their digital assets before an attack and receive critical counsel and guidance on how to swiftly resolve the operational issues, communicate with authorities and customers after an attack as well as implement recovery measures to resume operations. More details can be found in Annex A.

n

Businesses can take up the Programme at subsidised rates of up to 90% because Singtel CSI is part of the SkillsFuture Queen Bee network. Appointed by SkillsFuture Singapore, the SkillsFuture Queen Bee is an industry leader with strong sectoral expertise, network, industry standing and ability to champion skills development in other companies, especially the SMEs. SSG supports the Singtel CSI in its efforts to develop cyber security skills and talent, and refine processes to build cyber resilience among businesses, in particular SMEs.  

n

n

"Dealing with a cyber incident can be an incredibly overwhelming and expensive exercise involving complex processes, multiple stakeholders and business disruption. That's why we've designed this Programme with the SME in mind, so they can be armed with the fundamentals of how to respond and recover when attacked."

n

n

n

n

Ng Tian Chong,
CEO Singtel Singapore

n

n

n

"If large organisations are grappling with the challenge of cyber risks, think about what the average SME is going through. Due to resource limitations or a lack of know-how, SMEs may not have the right defences, making them far more vulnerable to cyber attacks. Dealing with a cyber incident can be an incredibly overwhelming and expensive exercise involving complex processes, multiple stakeholders and business disruption. That's why we've designed this Programme with the SME in mind, so they can be armed with the fundamentals of how to respond and recover when attacked. As a home-grown leading technology company, we want to do our part to support our SMEs and the eco-system so they can succeed in a digital economy," said Mr Ng Tian Chong, CEO Singtel Singapore.

n

According to the Cyber Security Agency of Singapore, almost 40% of cyber attacks in Singapore target SMEs, with phishing and ransomware being the most common methods of attack. The agency's Singapore Cyber Landscape 2022 report highlighted that SMEs in the manufacturing and retail sectors were particularly vulnerable, as they held valuable data and intellectual property that cyber criminals seek to extort for financial gain. Despite this, SMEs hold the misconception that they will not be victims of cyber attacks, with one in four not having any processes or policies to protect themselves^[1].

n

Mr Gene Yu, Founder & CEO, Blackpanda said, "Our partnership with Singtel accelerates our mission to democratise cyber resilience for SMEs in Asia with its unmatched distribution and reach in the country. At Blackpanda, we're committed to empowering businesses with risk management scans alongside swift emergency response services during cyber attacks. In times of crisis, we stand as the trusted local first responders that SMEs can rely on, much like calling the SCDF during a fire, so they know what to do when they have been hacked and never left to fend off cyber criminals alone."

n

Mr Rakesh Kirpalani, Director of Dispute Resolution & IT and Chief Technology Officer of Drew & Napier, said, "SMEs are the backbone of the Singapore economy. Cyber resilience for SMEs in the form of appropriate legal and technological frameworks are thus critical given the significant increase in cyber attacks and data breaches. The DrewTech team from Drew & Napier stands at the forefront of legal risk management in all areas where legal and technological issues collide, including cyber attacks. We help SMEs adopt necessary legal frameworks to avoid cyber attacks, while preparing them to mitigate risks from these attacks."

n

To further support SMEs in their cyber preparedness journey, Singtel will be offering a complimentary one-year cloud backup service, concurrently with this Programme, so their critical data remains protected in the event of a cyber attack.

n

For more information on the Cyber Elevate Programme, visit Singtel Cyber Security Education.

n

###

n

^[1] Singapore SMEs behind on transition to Digital Economy: QBE Research

n

Annex A: About the Singtel Cyber Elevate Programme

n

The Cyber Elevate Programme, a holistic one-stop training and cyber incident management programme, is aimed at equipping SMEs with the relevant knowledge of best practices as well as legal frameworks and their obligations in the event of a cyber attack.

n

The programme will include the following components:

n

• n
• Audit: Cyber risk assessment of the company
• n
• Mentorship: Training and workshops
• n
• Support: Legal and incident response services
• n

nn n n n n n n n n n n n n n n n n n

CYBER ELEVATE PROGRAMME
Format/ objectives	Two-day workshop that teaches participants how to establish policies and protect themselves from cyber attacks.
Details	Contentn n How to spot suspicious emails, calls, and scams. n How to triage when machines are infected with malware. n How to create a workflow for identifying cyber incidents. n How to create asset lists, data protection policies, incident response policies, processes, and workflow for cyber security specific legal and incident response. n Policies, standards and legal frameworks covered include:n n PDPA n Computer Misuse Act n
Post-workshop support	n n One-time support each by legal and incident response partners, within 12 months of completing the workshop. n Eligible for government subsidy. n One-year cloud backup service. n

n

Prepare, detect, respond, and recover from cyber attacks

n

The Programme ensures that SMEs have the tools to be able to identify and protect their digital assets before an attack and have the assurance that critical support to address an attack is available, without the worry of hefty costs that such incidents typically yield.

n

In the event of an attack, the legal and forensics partners will help the affected SMEs address the incident from an operational, communications and business continuity perspective, in order to aid prompt recovery of their business.

n

Eligibility criteria for the Programme:

n

1. n
2. Both SMEs and large corporations are eligible for the Programme but SMEs enjoy higher subsidies of up to 90%.
3. n
4. To qualify as an SME, the company must meet the following requirements:n
   • n
   • Company is registered and incorporated in Singapore.
   • n
   • Minimum 30% local shareholding by Singapore Citizens or PR
   • n
   • Have an annual sales turnover of not more than S$100 million OR employment size not exceeding 200 employees.
   • n
5. n

n

Annex B: Speech by MR Ng Tian Chong

n

Welcome to CSI

n

Good afternoon, Guest-of-honour, Dr Janil Puthucheary, CEO SkillsFuture, Mr Tan Kok Yam, Partners, SMEs, members of the media, and guests. We are pleased to welcome you to Singtel's Cyber Security Institute.

n

Cyber landscape - context & challenges facing SMEs

n

In today's interconnected world, the importance of cyber security cannot be overstated. Every day, companies of all sizes face cyber attacks from perpetrators intent on stealing vital and personal information for extortion, sale, to control the operations of companies or sometimes, simply to make a statement!  Increasingly, such attacks are becoming harder to prevent or detect as threat actors come up with ever creative ways to infiltrate systems and cause significant damage. And they don't discriminate - corporations big and small, even individuals are all targeted.

n

We're all acutely aware of the growing cyber security threats faced by businesses, but there is one group that is particularly vulnerable and that is Small and Medium-sized Enterprises (SMEs) which form 99% of our economy. Budget constraints, resource limitations and a lack of expertise make them attractive targets for cyber criminals. In fact, according to the Cyber Security Agency of Singapore, SMEs bear the brunt of 40% of all cyber attacks in Singapore.  Yet 1 in 4 SMEs here still have the perception that they will not be victims of cyber attacks - this is risky thinking!

n

The more digitally inclined SMEs may understand some basic tenets of cyber security, like how to spot a phishing email, proper safekeeping of documents: password protecting, labelling of files, etc. But not everyone is aware of what to do when an attack happens.

n

• n
• For example, who should be part of the "task force" when an attack happens? What are their roles and responsibilities? If they don't have protocol or policies in place or a cyber playbook - they'll just have to brave situations on the fly.
• n
•  When malware is planted, how should companies prevent its spread or triage this infection? Importantly, when do you inform your customers about it and how much detail should you go into?
• n
• What about the authorities - when do you inform the PDPC? Should the Police be informed?
• n

n

Helping SMEs build cyber resiliency with Singtel Elevate Programme

n

As you can see, being on the receiving end of an attack is not fun or easy. That's why we've come up with a solution to arm businesses with the fundamentals they need to build their cyber security readiness.

n

Singtel Cyber Security Institute, or CSI, was founded in 2016 for this very purpose. All the programmes developed by our Institute are designed to cultivate a cyber-aware culture across all levels of organisations, from the leadership team to their front-line staff. We adopt an "assumed breach" mindset, where it's not a question of if, but when, a cyber attack happens. By distilling the challenges facing businesses from the years of experience engaging them, we've developed a programme - called the Cyber Elevate Programme that aims to empower SMEs with the right knowledge, tools, and necessary processes to be able to prevent, detect,respond and recover fromcyber attacks. Thus, elevating their existing cyber security posture to one of resilience.

n

Broadly, it comprises a cyber audit and mentorship workshop followed by year-long support from cyber forensics and legal experts who are on standby to jump in and assist the impacted SME to respond and recover from an attack.

n

1. n
2. Ourteam of experts will work with SMEs to build new capabilities and skillsets in spotting cyber attacks, identifying key assets to protect, and creating workflows to limit the impact of an attack.
3. n
4. Beyond responding to the technical aspects of cyber attacks, SMEs will be counselled on how and who to report a breach to, how to respond to stakeholders and manage the attack depending on the requirements of the industry they are in.
5. n

n

What makes the programme unique and first-of-its-kind is the extended support provided. In the event that a participating company suffers a cyber attack, our legal and incident response partners in the Programme - leaders in their fields - will be there to step in and do whatever it takes, for however long it takes, till the incident is contained and affected SMEs resume stable operations. Do note, this is only applicable when an incident occurs within the first year of the Programme. Concurrently with this Programme, Singtel is providing a year of cloud backup at no cost to participating SMEs in case ransomware locks down and destroys their data. The team will share more about the programme later during the clinics.

n

And I am pleased to share that SMEs who sign up for this programme are eligible for up to 90% subsidies, thanks to SkillsFuture's support. This is also due to Singtel CSI's addition to the SkillsFuture Queen Bee network - which is a group of market leaders selected by SkillsFuture Singapore for their expertise and industry-leading practices. Singtel is proud to be the only cyber security training provider in this network comprising 18 companies, to champion skills and capability development in cyber security to all enterprises.   

n

So far, we've seen encouraging interest for this Programme from our SME partners, and the team is already working on a part 2 - so please stay tuned.

n

Building cyber resiliency is a team effort

n

None of this would have been possible without our partners and the invaluable collaboration that has shaped this programme. I'd like to thank SkillsFuture for acknowledging CSI as a cyber security expert and training provider, and our programme partners, Drew & Napier and Blackpanda for sharing our vision of helping SMEs deal with this real and imminent threat.

n

We're optimistic that through this programme, Singapore companies, especially our SMEs will develop the resilience to fend off threat actors so they can focus on improving and growing their businesses. So that together, we can build a safer and more secure digital world for all. Thank you.

n

Annex C: About the Singtel Cyber Security Institute

n n

Launched in 2016, the Singtel Cyber Security Institute (CSI) is an educational institute with an advanced cyber range to provide an experiential and multi-disciplinary approach to develop cyber security skills in organisations. It focuses on providing training to all levels in an organisations, from boards of directors and C-suite members to frontline staff. The institute adopts an "assumed breach" mindset and structures the curriculum of its courses to meet the varying cyber security needs of organisations.

n

Available trainings include: Cyber Awareness, Cyber War Gaming, Cyber Readiness, and Cyber Oversight.

n

Singtel CSI is part of the SkillsFuture Queen Bee network as a champion of cyber security. It is responsible for developing cyber security skills in organisations and guiding them in identifying and acquiring the requisite skills for business transformation. It is the only cyber security training provider among the 18 members in the Queen Bee network.

n

More information about the Singtel Cyber Security Institute website can be found here.

","topSpacing":"none","bottomSpacing":"none","leftSpacing":"none","rightSpacing":"none","headerDescSpacing":"none"}">