Why SG60 must mark a cybersecurity turning point
By Gerry SillarsIn this era of intensifying cyberthreats, cybersecurity must transcend the technical realm and become a foundational pillar of national resilience.
Singapore’s 60th birthday is not only a celebration of the past but also a testament to the nation’s remarkable journey of transformation. Over six decades, Singapore has evolved from a small port city to a global powerhouse, spearheading innovation, economic growth, and resilience.
In the 2024 IMD Smart City Index, Singapore stood out as the only Asian nation to secure a spot within the top 10. This achievement underscores the country’s visionary approach to digital integration, its seamless connectivity and its ability to harness cutting-edge technologies for the benefit of society.
Yet, alongside these achievements comes a growing reliance on digital systems, and with it, heightened exposure to cyber threats.
Ransomware attacks, espionage campaigns and identity system breaches are no longer distant possibilities but everyday realities, targeting the very systems that keep our public services and economy running. Left unchecked, these threats risk undermining the trust and resilience that Singapore has worked so hard to build over the past six decades.
Recent findings from a study underscores the urgency of this issue, revealing how ransomware continues to be a top threat for governments and organisations globally.
Across Asia-Pacific, ransomware has proven to be one of the most successful tactics, with 85% of affected organisations paying attackers to restore systems or protect sensitive data.
Singapore faces the highest extortion risks globally, with two-thirds of organisations reporting that attackers threatened regulatory filings if incidents went unreported. Most concerning, identity-related breaches dominate the landscape, affecting 93% of APAC organisations – a clear signal that cybercriminals are targeting the very core of digital trust.
When identity becomes the weakest link
These findings align with broader concerns regarding the rise of cyber espionage groups like UNC3886, which have recently targeted critical infrastructure across the globe, including Singapore.
In July 2025, Singapore’s authorities warned that this group, known for its sophisticated tactics, had successfully breached key sectors, including those vital to national security and public service. This attack underscores a troubling reality: identity systems have become prime targets.
Identity infrastructure, such as Active Directory and other user authentication systems, has become one of the most exploited attack vectors in ransomware attacks. Once compromised, attackers gain privileged access, allowing them to move laterally across systems, encrypt critical data and exfiltrate sensitive information.
The compromise of such systems has far-reaching consequences beyond data lock-down or service disruptions; it directly impacts the core functions of governance, public health and most critically, Singapore’s national security.
For Singapore’s public sector, this is not just a mere IT issue – an attack of this scale represents a significant erosion of public trust. The government’s ability to provide essential services, ranging from healthcare to transportation, hinges on the integrity of its digital identity systems.
Any breach of these systems undermines public confidence and puts citizens’ most sensitive data, and the nation’s critical infrastructure, at risk. The growing sophistication of these attacks demands that Singapore continues to invest in robust, proactive cybersecurity measures to protect its digital foundation against future threats.
Building cyber resilience for the next decade
As Singapore continues to lead the way as a Smart Nation, it must also ensure that its digital backbone is as resilient as its physical infrastructure. Government agencies and critical infrastructure providers must adopt a forward-thinking, identity-first approach to cybersecurity.
This approach requires a shift, moving away from reactive measures to proactive strategies that not only anticipate evolving threats but also fortify systems against increasingly sophisticated cyber risks.
The foundation of this resilience lies in a framework that addresses the dynamic nature of today’s cyber threat landscape, placing emphasis on securing the identity infrastructure that underpins every digital interaction.
Key pillars of a resilient cybersecurity strategy include identity threat detection and response (ITDR), which involves continuous monitoring of identity systems to detect abnormal activity before attackers gain footholds. Another important pillar is Zero-Trust Security Architectures, which adopt a “never trust, always verify” model to secure every access request across users, devices and applications.
Crisis response and recovery capabilities are also essential, ensuring agencies can rapidly respond to identity-based attacks and restore operations with minimal disruption. In addition, Ongoing Awareness and Training play a critical role by equipping public servants with the knowledge to identify phishing attempts and identity-based threats, thereby strengthening the human firewall.
Securing Singapore’s future beyond SG60
In this era of intensifying cyberthreats, cybersecurity must transcend the technical realm and become a foundational pillar of national resilience. Strengthening identity systems, implementing Zero Trust architectures and establishing comprehensive recovery strategies will uphold the trust that holds this nation together.
As Prime Minister Lawrence Wong emphasised at the 2025 National Day Rally, building a ‘We-First’ society means each of us contributes to the collective good. Cyber resilience is no exception.
It is a shared responsibility of the government, industries and every citizen. It is an opportunity to look ahead and fortify the nation’s digital future.