Robert Lemos writes:
Lawmakers in Singapore updated the nation’s cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that critical information infrastructure (CII) operators report any cybersecurity incident to the government.
The Cyber Security Act amendment takes into account the impact of running critical infrastructure management systems on cloud infrastructure and the use of third-party providers by critical infrastructure operators, as well as a cyber threat landscape that is growing more dangerous. In effect, since so many critical information infrastructure operators have outsourced some facets of their operations to third parties and cloud providers, new rules were needed to hold those service providers accountable, Janil Puthucheary, senior minister of state for the Singapore Ministry of Communications and Information, said in a speech before the country’s parliament.
Read more at Dark Reading.
Related: Cybersecurity Act 2018