Live1h agoSuperX and TFC Launch Singapore JV for AI Optical Interconnect
← Back to stories

CSA Unveils Initiatives to Strengthen Singapore's Cyber Defences Against AI Threats

Source: CSA

Singapore's Cyber Security Agency has released its Singapore Cyber Landscape 2025/2026 report outlining sweeping measures to strengthen national cyber resilience against an increasingly AI-driven threat landscape, where agentic AI is compressing cyber attacks from days into hours and ransomware continues to hit SMEs disproportionately.

CSA Unveils Initiatives to Strengthen Singapore's Cyber Defences Against AI Threats
SGAI Daily

The Cyber Security Agency of Singapore (CSA) released its annual Singapore Cyber Landscape 2025/2026 report on 30 June, detailing a series of initiatives aimed at hardening the city-state's digital defences against an era of AI-powered threats. Among the headline moves: mandatory Cybersecurity Labelling Scheme Level 2 for all residential routers by end-2027, mandatory Cyber Trust mark certification for all Critical Information Infrastructure owners by end-2027, and a new CISO-as-a-Service scheme offering up to 70% co-funding for eligible SMEs.

The report paints a stark picture of an accelerating threat environment. Agentic AI systems are now automating key stages of the cyber kill chain, compressing attacks from days into hours. Singapore saw 284,300 infected devices detected in 2025 — a 142% year-on-year surge driven by Malware-as-a-Service and insecure IoT devices. Ransomware cases edged up to 165, with SMEs bearing the brunt. On the advanced persistent threat front, CSA disclosed that Chinese-linked group UNC3886 attempted a cyber intrusion targeting Singapore's four major telecom operators, prompting the largest coordinated response — Operation CYBER GUARDIAN — which contained the incident with no service disruption or customer data compromise.

CSA is responding on multiple fronts. It published Guidelines on Securing AI Systems and a companion guide, and released a discussion paper on securing agentic AI systems. The agency conducted the National Simulated Scams Exercise in March 2026, using AI-generated government official impersonation calls to build public resilience. Exercise Cyber Star, the largest to date, saw around 500 participants across 11 critical sectors test coordinated response to large-scale incidents. The Cyber Trust and Cyber Essentials certification schemes have been expanded to include mandatory cloud and AI security requirements, with over 800 organisations already certified.

The implications for Singapore businesses are significant. SMEs — which make up 99% of Singapore's enterprises — now have access to subsidised cybersecurity leadership through CISOaaS, addressing a persistent resource gap. The mandatory router labelling scheme will raise the baseline security of residential networks that increasingly serve as gateways to corporate VPN access. Equally notable is CSA's push on quantum-safe technologies through a National Quantum-Safe initiative, signalling forward planning for threats that are years away but require preparation today.

Why it matters for Singapore: As a digital hub that processes vast amounts of regional data and hosts critical undersea cable landings, Singapore's cyber resilience is not just a domestic concern — it underpins confidence in the broader Southeast Asian digital economy. CSA Commissioner David Koh put it plainly: 'We need to lock down, find first, and fix fast.' With AI reshaping both the threat and defence landscapes simultaneously, the CSA's 2025/2026 playbook represents one of the most comprehensive national cyber resilience overhauls in the region.

Your daily AI edge in Singapore: in <5 minutes.

We do the reading so you don't have to. Get the essential TL;DR on local AI moves delivered to your inbox every morning.