The Act allows the Commissioner to request specific information from Critical Information Infrastructure (CII) owners (Section 10) and during investigations of cybersecurity threats and incidents (Sections 19 and 20). The sharing of such information is an important part of protecting our systems from cybersecurity threats.

The Cyber Security Agency of Singapore (CSA) also shares information on cybersecurity threats and vulnerabilities with the CII sectors so that appropriate actions can be promptly taken. This is actionable information and is often technical and operational in nature. Examples include technical indicators or signatures of the cyber threat and contextual cyber threat assessments.

Beyond CII, the Singapore Computer Emergency Response Team, or SingCERT, which is part of CSA, routinely issues timely advisories and alerts to the general public and advises on measures that the public can take to protect themselves. Information and educational materials that promote cyber hygiene for the general public are also available on the Gosafeonline website. CSA also publishes an annual Singapore Cyber Landscape report for public awareness.

The CERTs overseeing specific sectors also issue advisories to the operators in their respective sectors. For example, the Info-communications Singapore CERT, or ISG-CERT, issues alerts to operators in the telecommunications and media sector to enhance their cyber readiness, and advisories on cybersecurity vulnerabilities pertaining to this sector.

SingCERT also works with the sectoral CERTs, where necessary, to inform local companies and affected customers on cybersecurity threats and incidents. For example, when D-Link routers were found to have security vulnerabilities in September 2017, SingCERT and ISG-CERT issued a joint advisory which contained information on the affected products and the steps that affected consumers should take - for example, disable remote management of their router and use strong passwords for their Wi-Fi to minimise the risk of their device being compromised.

Facilitating information sharing will help to improve cybersecurity as timely cyber threat information will help the Government identify vulnerabilities and prevent cyber incidents more effectively.

Beyond the Act, the Ministry of Communications and Information and the Cyber Security Agency of Singapore (CSA) will explore implementing administrative arrangements and partnerships to facilitate and encourage information sharing. For example, the Monetary Authority of Singapore collaborated with the Financial Services Information Sharing and Analysis Center (FS-ISAC) to set up the latter's regional centre in Singapore for the purpose of sharing information on threats including cybersecurity threats among financial institutions.