Reporting of Cybersecurity Incidents

Hi all,

Wanna ask. If an organization gets hit by ransomware or any other major incident like hacking, web defacement etc, do we still need to report to the Singapore Police Force? Or to CSA-Singcert, would be sufficient?

Thanks!

I think the quick answer is Yes. It should be treated like a crime (i.e. under Cybersecurity crime/Act) so better report to Police and i think they should know what to do. you kena attacked?

Hi Ronnie,
Thanks for the reply

Nope, din get attacked. Writing Incident Response Plan and Procedures. Also preparing for the industry-wide exercise for FSIs on Thursday.

I did some extra checks yesterday.

1. CSA: If an organisation is considered a CIIO, need to report as mentioned in the new Cybersecurity Bill/law.
2. SPF: If it is a crime, inform SPF. I'm guessing hacking and financial crimes.
3. PDPC: If personal data is lost or assumed lost, PDPC needs to be informed
4. Customers: if their data is lost, they need to be informed

Hmm, so many parties to inform ah? Actually the last one (i.e. Customers) is particularly important as business want to play some damage control first otherwise sure kena left right center. But to a business, having a tested incident response procedure is very critical, you will never know when you will become the next victim.

Any association or corporate utilizing PC frameworks and systems might be defied with security breaks or PC security episodes. I am using it because I am doing work with the help of online sites like aussiewritings.com review So I am using this software as per security purpose.