Market Intelligence
Cybersecurity Singapore

Singapore Cybersecurity Legislation

Singapore’s recently passed Cybersecurity (Amendment) Bill, enhances the country’s Cybersecurity Act 2018, which sets forth the nation’s legal framework for safeguarding national cybersecurity under the supervision of the Cyber Security Agency of Singapore (CSA).


Key Changes:
•    Expanded Scope: The Bill extends the Act’s reach to address emerging technologies and business models, recognizing that critical computer systems and information infrastructure (CII) may be located overseas or managed by third-party vendors. The responsibility for these systems remains with Singapore-based essential service providers.
•    New Regulated Categories: The Bill introduces three new categories:
o    Foundational Digital Infrastructure (FDI) service providers must ensure underlying digital services meet stringent requirements for availability, performance, and security.
o    Entities of Special Cybersecurity Interest (ESCI) are entities that, while not CII owners, operate systems with sensitive data or functions attractive to malicious actors.
o    Systems of Temporary Cybersecurity Concern (STCC) set rules for targeted regulation during specific events or periods of heightened risk.

Additional Provisions:
•    Cyber Outage Reporting: CII operators must report cyber outages, attacks, or supply chain threats affecting their services.
•    Expanded Definition of “Computer”: Includes virtual systems.
•    Sector Coverage: The Bill applies to energy, water, finance, healthcare, transportation, ICT, media, security, government, universities, and major national events.

Upcoming Digital Infrastructure Act (DIA): A complementary Digital Infrastructure Act will address digital risks for entities that don’t provide essential services but are still heavily relied upon, such as data centers and cloud providers.

Recommendations for Businesses: Owners, operators, and essential service providers should familiarize themselves with the new regulations and work with their vendors to ensure compliance.

For More Information: Contact Amelia Yeo at the U.S. Commercial Service in Singapore.