Cyber Security Group (CSG)

The Cyber Security Group (CSG) is the cybersecurity lead for the Government sector with a mandate to protect the Singapore government’s ICT&SS (Information and Communications Technology & Smart Systems) and build a trusted digital government for Singapore. To achieve these goals, CSG adopts a three-pronged approach: 1) develop cybersecurity capabilities, 2) collaborate with Whole-of-Government (WOG) agencies, and 3) forge industry partnerships.

#1: CSG offers a full spectrum of Cybersecurity Capabilities to Secure WOG ICT Systems

To support its various missions, CSG develops a holistic range of cybersecurity capabilities ranging from blue-teaming capabilities that detect and respond against cyber threats, to red-teaming capabilities that uncover cyber vulnerabilities in Government ICT and Smart Systems. Members of red and blue teams will often work together – forming the hybrid “purple team” – to leverage the combined offensive and defensive expertise to secure the Government’s ICT&SS.

#2: CSG collaborates with WOG agencies to build a safer Smart Nation

To maintain a strong security posture across WOG, CSG works closely with various government agencies to implement secure architecture. Working together with the Chief Information Security Officers in Government Agencies, CSG is able to provide cybersecurity governance and technical guidance to ensure that government agencies are aligned with WOG policies and standards and the right kind of security is built into our ICT&SS.

#3: CSG forges partnerships with industry partners to augment government capabilities

CSG actively collaborates with external partners to train cybersecurity specialists, and conducts research and development for cyber projects. We also partner with the community through various programmes such as the Vulnerability Disclosure Programme, Government Bug Bounty Programme and Vulnerability Rewards Programme to encourage responsible reporting of suspected vulnerabilities and weaknesses in the government systems. And as a Common Vulnerabilities and Exposures (CVE) Numbering Authority, CSG ensures a robust and efficient vulnerability disclosure process for GovTech reported vulnerabilities to be assigned with a CVE promptly so that affected Government agencies and product companies can be alerted earlier to release fixes quickly.

Follow CSG’s Medium Blog – CSG@GovTech for a weekly dose of technical articles, tips and tricks shared by the cybersecurity specialists at CSG.

And find out more about their work via these links:

• Behind-the-scenes look at GovTech’s Red Team cyberattack
• How the government chief information security officer keeps cyberspace secure
• GovTech cybersecurity specialists zero in on zero-day vulnerabilities

Related Resources

• Factsheet about the Government Cyber Security Operations Centre