How Singapore can bolster cybersecurity in the public sector

All of this leads to one conclusion: Cybercriminals are piggybacking on the digital transformation wave.

Security as an everyday experience

Many organisations have transformed their operations. The public sector is no exception, with digitalising services, and processes to provide greater accessibility and convenience to citizens every day.

In this landscape of increased digital connectivity, businesses and governments must recognise the significance of domain name system (DNS) security. Unfortunately, DNS is often neglected, leaving it as an open door to malware and cyber threats. As businesses remain preoccupied with the surfacing of new malware and breaches, they inadvertently overlook DNS as one of the most critical security aspects as 92% of malicious activity can be blocked using DNS. Today, Singpass serves as Singapore’s first and primary means of accessing public services and receiving notifications for important matters, such as this year's presidential election.

See also: Alibaba anoints new chief in revamp of stalling commerce arm

Thousands of devices connect to networks to access daily public services. As citizens normalise this connectivity, it creates new avenues for IT vulnerabilities. Bad actors are on the sidelines, waiting to take advantage of any IT loophole or cybersecurity vulnerability. Imagine the chaos that would ensue should Singpass ever get compromised.

With many here having increasingly digital-first lifestyles, the impacts from cyberattacks grow more consequential than summing the losses in financial terms. There is very little room for errors and mistakes. Recognising DNS as a critical security tool can help with real-time visibility and control across networks and multi-cloud environments, creating safer and more resilient networks.

Fortifying digital transformation

See also: Break up Google? What’s at stake in antitrust action

Think of DNS security as the network’s gatekeeper — it serves as the first line of defence in safeguarding networks and applications. It acts to prevent malicious domain resolutions and filters out dangerous or unwanted traffic before it reaches the network or application layer. Research from the Global Cyber Alliance stated that DNS firewalls have the potential to mitigate up to one-third of cybersecurity incidents, thus potentially averting losses amounting to US$10 billion.

With that said, conventional firewalls alone may not be enough to protect systems against threats that are operating through a larger network of complicit hackers.  In such cases, there is a high likelihood that the company may never know that it has been hacked. Outdated DNS records or 'orphaned' DNS entries kept away are the overlooked access points: readily available and easily exploited for misuse. This is one potentially oft-overlooked point in executing organisation-wide digital transformation projects.

A DNS detection and response system can be used as a security layer to help see and stop critical threats earlier, allowing organisations to maintain control of a constantly changing environment. These modern solutions can monitor and analyse DNS traffic flows to spot patterns that could be suspicious covet activities. Suspicious traffic can be immediately blocked, preventing data leaks. Security response teams can initiate further investigations and quarantine devices, if necessary. This makes a DNS protection system a critical detection tool, pinpointing threats at the earliest stages and identifying compromised machines, all at first instances.

A new era in cybersecurity protection

Public sector institutions are at a critical juncture of massive technological change. The future of public services will be one that not only enables, but also protects the data of institutions, civil servants, and everyday citizens.

In fortifying Singapore's cybersecurity landscape, government agencies, and enterprises must place paramount emphasis on enhancing the resilience of their DNS security.

Robust DNS security solutions, encompassing firewalls and threat intelligence integration, should be deployed to shield against a spectrum of cyber threats. Regular audits and assessments of DNS infrastructure ensure proactive identification and mitigation of vulnerabilities, while the implementation of DNS encryption safeguards the integrity and confidentiality of critical transactions.

To stay ahead of the latest tech trends, click here for DigitalEdge Section

There is also the issue of battling alert fatigue — IBM found that SecOps teams only manage to review 50% of the alerts within a single workday, often spending time investigating incidents that turn out to be false alarms. By equipping these teams with modern threat intel tools, we can help SecOps team streamline their efforts, and focus on threats that pose a real danger to the networks. 

More importantly, investing in DNS intelligence solutions tightens the integration of security operations and system administrators – uniting networking and security to work closer together for better performance and protection of the organisation’s networks. 

As the battle against cyber threats wages on, the public sector plays a leading role in acknowledging the role and reformation of technology. The reality is cybercriminals never stop working because of renewed cybersecurity vigilance. They continue to profit off the lure of a good bargain targeting new victims. With a strategic amalgamation of these measures, Singapore can fortify its digital landscape, ensuring not only the protection of sensitive data but also the steadfast resilience of its cybersecurity infrastructure in the face of evolving threats.

Jeff Castillo is the senior regional director for Southeast Asia at Infoblox