IDA issued code of practice for internet infrastructure

ISPs will be required to implement specific controls progressively as the Code comes into effect from 30 April 2011.

According to Infocomm Development Authority of Singapore, the sharing of infocomm security information is one of the several measures mandated under the Secure and Resilient Internet Infrastructure Code of Practice.

The Code will achieve full compliance by 2013. Periodic audits will be conducted by IDA to ensure that ISPs observe the Code.

This Code comes under the telecommunications regulatory framework. It defines a set of specific security controls and outcomes to ensure that sound security is in place to deal with current and emerging cyber threats. The Code allows ISPs and IDA to make more informed decision so that early warning to emerging cyber threats can be developed and appropriate pre-emptive measures can be taken. Consumers of ISPs’ services also benefit from a more coherent and effective response to cyber threats. ISPs will also put in place measures to better protect businesses and end users from cyber attacks such as distributed denial-of-service attacks.

The Code covers the protection of the core Internet infrastructure such as routers, switches and critical network components, and details the objectives and controls essential to prevent, detect and respond to security incidents. These requirements, which are consistent with internationally recognised standards and best practices for the industry, will put the ISPs in good stead and provide assurance to their consumers.

Mr Leong Keng Thai, Deputy Chief Executive / Director-General (Telecoms & Post) of IDA said, “Cyber attacks are getting more sophisticated and large scale cyber attacks can bring down the Internet infrastructure of nations. To enhance the security of the Internet infrastructure, many countries have or are in the process of requiring their Internet infrastructure service providers to put in place security requirements to protect their Internet infrastructure. IDA has worked with the designated ISPs to forge an effective Code of Practice that will bolster the security of our Internet Infrastructure.”