Can Singapore become the latest and greatest regional cybersecurity hub?

Mass data breaches have been impacting our region, reiterating the fact that no business or nation is truly immune from cyber threats. This has been a driving force for the development of cybersecurity capabilities from within by regional governments, including Singapore’s, and businesses, by fostering the development of startups in the cybersecurity space.

In Singapore, programs like Block71 (ICE71) and Early Stage Venture Fund, are important examples of initiatives to strengthen talent and innovation among cybersecurity startups.

To successfully implement and build an entrepreneurial ecosystem, many countries, including Singapore, are turning towards Israel and analysing their playbook.

Israel’s state of development in the cybersecurity space has been truly remarkable - now a cybersecurity superpower with the highest density of tech start-ups in the world that attracts more venture capital dollars per person than any country.

Uncovering Israel’s influence on cybersecurity strategy
Right from national heritage and geography, both Singapore and Israel contend with scarcity and limitations in size, prompting strong initiatives to develop technology and cybersecurity competence for survival and competitive advantage.

This has been spearheaded through public sector support and the creation of cybersecurity startup networks. In Singapore, the introduction of the first cybersecurity start-up incubation hub, Innovation Cybersecurity Ecosystem@Block71 (ICE71), and Early Stage Venture Fund program, and in Israel, its industry 4.0 (I4) startup ecosystem that nurtures over 200 startups. Additionally, Singapore’s Early Stage Venture Fund program drew inspiration from Israel’s earlier Binational Industrial Research and Development Foundation.

Prominent cybersecurity startups emerged as a result, like Singapore’s SafeChats, that deals with information privacy, and Israel’s Twistlock, a pioneer developer of cloud-native security solutions.

For Singapore to get to a state of cybersecurity development as Israel, there are few key lessons to take note of. Specifically, cultivating supportive Infrastructure and a mindset for innovation through education.

Ensuring a supportive infrastructure
Israel’s cybersecurity prowess has largely been the result of significant investments to ensure that businesses, especially startups, have ready access to the resources they need. In 2018, Israel announced that it was investing over $32.5m (US$24m) to boost cybersecurity startups, in addition to over 30 tailor-made initiatives to help them secure funding. Through these efforts, Israel has attracted over $1.08b (US$800m) in investments, accounting for 16 percent of the world’s cybersecurity investment in 2017.

The success of Israel’s cybersecurity network lies in its interconnectivity across the private and public sector. Embedded deep within its national priorities, cybersecurity is incorporated in national service, where elite Israeli youth are mandated to join the Israeli Defense Forces (IDF) to protect Israel from cyberthreats. Some of the hottest cybersecurity companies today, including Team8 and Check Point, came straight out of the IDF, with founders leveraging skills from training in the IDF’s various technological units.

Singapore has started building its cybersecurity infrastructure, through several public policies, including the Government Bug Bounty Programme to support the tech community to achieve higher collective cybersecurity. Additionally, with the introduction of Digital Defense in Singapore’s Total Defense framework, Singapore is starting to take similar steps to elevate cybersecurity to the level of national security.

Singapore’s next step will require developing a self-sustaining ecosystem, where the government, education system, business, startup community, and public sector work in unison to continually improve cybersecurity capabilities.

At the upcoming RSA Conference 2019 APJ, we hope to drive more of such cross-industry discussions and to provide cybersecurity startups with a robust network that they can leverage and get feedback for their innovations. Through platforms like RSAC Launch Pad and the RSAC Early Startup Expo startups will be able to meet with peers and experts even as they look to further their development and bring their ideas to life.

Cultivating a mindset for innovation – it starts from education
Inherent within Israel’s national DNA has always been the necessity to create for survival. For example, water systems and agricultural products needed to be developed for sustenance in an isolated geography. This also made way for a growth mindset, constantly looking for new solutions and innovations from within, while constantly trying again despite setbacks.

This is not a phenomenon of chance, but one that is built up through nationwide initiatives, beginning from a student’s formative years where cybersecurity skills are developed. From kindergarten, students attend robotics classes, and by college, they attend mandated coding and encryption classes to stop hacking attacks. At university, students can even pursue a PhD in Cybersecurity, with Israel being the first in the world to offer cybersecurity as an independent discipline.

Singapore is similarly starting on this process, with institutes of higher learning, like Singapore Institute of Technology, beginning to roll out cybersecurity degree programs.

Gleaning from Israel’s example, it is evident that infrastructure and initiatives need to be underpinned by a culture that nurtures and embodies innovation in order for a thriving startup ecosystem to be sustained.

Looking ahead – Singapore as a launchpad for cybersecurity innovation
Whilst Singapore’s cybersecurity startup scene has grown through the years, with the emergence of locally-based startups like CloudSEK, there is still tremendous potential for more to be done.

This includes setting its sights on being a conducive environment for nationally valuable and internationally viable cybersecurity solutions. Israel has proven successful in this aspect, exporting cybersecurity products valued at over $8.8b (US$6.5b) yearly, and even the acquisition of its startups overseas. Temasek’s recent acquisition of Israeli cybersecurity consulting startup Sygnia for over $339m (US$250m) has been one such example.

By taking a leaf from Israel’s handbook, Singapore should look into a closer integration of the private-public agenda, in the spheres of education, even national service, for the incubation and acceleration of new cybersecurity ideas. This will enable startups to increase their appetite for new opportunities and to develop networks to bolster the viability of their innovations. Singapore would then see accelerated progress in nurturing viable local businesses in this important sector.