× Welcome to SGCyberSecurity forum!

Feel free to discuss any topics relating to cybersecurity with the rest of the security community in this forum.

Topic-icon Reporting of Cybersecurity Incidents

1 month 4 days ago #3682 by KudoShinichi

Hi all,

Wanna ask. If an organization gets hit by ransomware or any other major incident like hacking, web defacement etc, do we still need to report to the Singapore Police Force? Or to CSA-Singcert, would be sufficient?

Thanks!

Please Log in or Create an account to join the conversation.

1 month 4 days ago #3683 by ronnie101

I think the quick answer is Yes. It should be treated like a crime (i.e. under Cybersecurity crime/Act) so better report to Police and i think they should know what to do. you kena attacked?

Please Log in or Create an account to join the conversation.

1 month 2 days ago #3684 by KudoShinichi

Hi Ronnie,
Thanks for the reply :)

Nope, din get attacked. Writing Incident Response Plan and Procedures. Also preparing for the industry-wide exercise for FSIs on Thursday.

Please Log in or Create an account to join the conversation.

1 month 2 days ago #3685 by KudoShinichi

I did some extra checks yesterday.

1. CSA: If an organisation is considered a CIIO, need to report as mentioned in the new Cybersecurity Bill/law.
2. SPF: If it is a crime, inform SPF. I'm guessing hacking and financial crimes.
3. PDPC: If personal data is lost or assumed lost, PDPC needs to be informed
4. Customers: if their data is lost, they need to be informed

Please Log in or Create an account to join the conversation.

1 month 2 days ago #3686 by ronnie101

Hmm, so many parties to inform ah? Actually the last one (i.e. Customers) is particularly important as business want to play some damage control first otherwise sure kena left right center. But to a business, having a tested incident response procedure is very critical, you will never know when you will become the next victim.

Please Log in or Create an account to join the conversation.