The Singapore Cybersecurity Act is a timely initiative to level up the digital security and digital resiliency measures across industry sectors that provide essential services in Singapore. The Act provides a framework to Critical Information Infrastructure (CII) owners on their obligations to proactively protect their data and networks from cyber attacks. The defined CII sectors are energy, water, banking and finance, healthcare, transport (land, maritime, and aviation), info-communications, media, security and emergency services, and government.

Organizations in the CII sectors are required to take the following measures:

• Prevent, manage and respond to cyber security threats and incidents;
• Protect Critical Information Infrastructures (CII); and
• Share CII information with the Cyber Security Agency of Singapore (CSA) in the event of a cyber attack.