Singapore is set to see in influx of fresh talent in the area of operational technology (OT) cyber security under a new government initiative aimed at mapping out the job roles, technical skills and core competencies required in the sector.
On 8 October, the Cyber Security Agency of Singapore (CSA) launched its Operational Technology Cybersecurity Competency Framework (OTCCF), which is designed to provide a foundation upon which Singapore can attract and develop talent for the emerging OT cyber security sector in the country.
Not only does the OTCCF map the job roles, technical skills and core competencies that are in need, it also captures the possible career pathways, showing the options for vertical and lateral progression.
Under the plan, OT and IT system owners can refer to the OT cyber security capabilities required to attract the right people, train them adequately and map out their career pathways.
Training providers, meanwhile, can refer to the technical competencies required by different job roles and be guided to develop best-in-class courses and certifications that cater to local training needs.
At the same time, OT professionals or potential jobseekers can identify skill sets for cross- and up-skilling in order to obtain a meaningful career in the OT cyber security domain. The career pathways could apply to job roles inclusive of vertical and lateral advancement opportunities, according to the CSA.
The program, slated to commence towards the end of 2021, is intended to build a pool of OT trainers that will be able to conduct fundamental OT cyber security courses aligned to the OTCCF.
“With the increased connectivity between IT and OT systems, the demand for job roles requiring competencies in both IT and OT domains has correspondingly increased,” the CSA said in a statement. “While the existing Skills Framework for ICT provides an overview of job roles, possible career tracks and technical competencies for cyber security professionals, it caters primarily for the ICT workforce.
“More granular breakdown of the OT cyber security capabilities and technical competencies is required to cater to the training needs of the OT engineers in terms of coverage and applicability, as training providers in the market find it difficult to roll out best-in-class certifications and courses that encompass different OT industry sectors without a reference to the common skillsets.
“CSA aims to address this growing need through the development of the OTCCF and provide guidance on the competencies required for the OT industry sectors,” it added.
OT cyber security talent development is one of the key thrusts under Singapore’s OT Cybersecurity Masterplan, first announced in 2019.
In late September, Singapore’s Permanent Secretary for Communications and Information, Yong Ying-I, suggested she wanted to see updated policies and processes and the adoption of security technologies by design to help the country fend off emerging OT cyber threats.
“I believe that we stand a better chance of thwarting cyber attacks on OT systems if we work together,” Yong said in a speech during the Cyber Security Agency of Singapore’s (CSA) inaugural Operational Technology Cybersecurity Expert Panel (OTCEP) Forum on 29 September. “I suggest that we update our policies and processes, adopt security technologies by design and grow talent.
“We should share information and learn from each other so that we can benefit from the collective expertise and efforts in all these areas,” she added.
On 5 October, the Singapore government released its new Cybersecurity Strategy 2021, coming five years after the launch of the first Singapore Cybersecurity Strategy in 2016.
The new strategy works to simplify cyber security for end-users while developing deeper partnerships with industry to adapt to the changes in the cyber operating environment.
In the words of the CSA, the new strategy outlines Singapore’s plans to take "a more proactive stance" against threats, raise the overall level of cyber security across the nation and advance international norms and standards on cyber security.
“As Singapore harnesses digital technology to improve lives and livelihoods for all, cyber security has become a necessity and key enabler for Singapore’s digital economy and Singaporeans’ digital way of life,” the agency said in a statement.
“Developed in consultation with ministries, government agencies, industry and local and overseas academia, the updated strategy...seeks to address new and emerging cyber threats in the wake of strategic and technological shifts.
“These shifts include the opportunities and cyber risks brought about by emerging technologies, such as edge computing and quantum computing, that are potentially disruptive; growing cyber-physical risks as cyber disruptions can spill over to the physical domain; ubiquitous digital connectivity that expanded the attack surface; and increasing geopolitical tensions in cyberspace,” it added.