29 November 2023

On 17 October 2023, the Cyber Security Agency of Singapore and the Cloud Security Alliance published two cloud security companion guides to support Cyber Essentials and Cyber Trust, which are national cybersecurity standards developed by the Cyber Security Agency. The companion guides provide advisories aimed at helping cloud customers better understand their cloud-specific risks and responsibilities, as well as the necessary steps to take. These include employee training on their roles in cloud security and how they can operate securely in the cloud and implement mechanisms to track and monitor the inventory of their cloud services. 

The launch of the companion guides follows the significant rise in enterprise cloud adoption and considerable growth in cloud-based attacks by cybercriminals over the last few years. 

The companion guide for Cyber Essentials, targeted at small and medium-sized enterprises, uses a shared responsibility model to help organisations understand what they and their providers each need to take care of to secure the cloud environment. 

The companion guide for Cyber Trust, targeted at larger or more digitalised organisations, maps each of the cybersecurity preparedness domains in the Cyber Trust mark (such as cyber governance and oversight and cyber education) to the framework published by the Cloud Security Alliance. This mapping aims to provide a useful and convenient reference for organisations implementing the measures necessary to attain the Cyber Trust mark. 

As part of the close partnership in developing the companion guides, three of the major cloud service providers in Singapore have also developed provider-specific guides that are organised based on the measures listed in the Cyber Essentials and Cyber Trust marks. 

Reference materials 

The following materials are available on the website of the Cyber Security Agency www.csa.gov.sg: