The Cyber Security Agency of Singapore (CSA) intends to adopt a light-touch approach to license penetration testing and managed security operations centre (SOC) monitoring because these services:
- Have access to sensitive information from their clients and could have significant impact if not delivered well or misused, and
- Are also relatively mainstream in our market and hence have a significant impact on the overall security landscape.
CSA will continue to monitor international and industry trends and assess if new types of cybersecurity services are considered high-risk, and evaluate whether the providers of such services should be licensed.