While Singapore stands in good stead as a neutral party when it comes to cybersecurity testing and assurance, the country will face barriers in terms of international politics as well as difficulties with the lack of a talent pool and its conservative corporate environment.
According to Cathy Huang, industry manager of Frost & Sullivan Asia-Pacific, the economic and political situations in Singapore are very advanced and stable, leading to many multinational corporations (MNCs) and China-based companies willing to invest and set up their regional headquarters here.
The local government, too, is willing to invest in relevant initatives to promote Singapore as the hub and focal point for companies, especially for high-value technology companies to establish a presence in the country, Huang noted. For example, earlier this month, Singapore's Economic Development Board (EDB) announced its intent to work with RSA on a training program. which will see Singaporeans heading to the security vendor's facility in Israel for training in cybersecurity and combating fraud.
Politically difficult to be neutral
From a political standpoint, Singapore also is well-suited considering its geopolitical relationships with China and the United States, Huang observed.
She added that the Singapore population is very multilingual with a high education level, putting the country in a good position to be the "Switzerland of cybersecurity".
However, Anthony Lim, Asia Pacific director of White Hat Security, disagreed, noting "humans have a habit of associating one thing with another". As such, it will be hard for Singapore to be perceived as neutral.
"While Singapore is friendly with both China and the U.S., in the middle of the cyberspying spat between both countries, [Singapore] may end up losing both as cybersecurity and technology-testing clients, rather than have both," Lim said.
A country's contentions and views also "sway with the wind and change with weather", he noted, which makes it hard for Singapore to maintain a neutral position unless it "solidly and stubbornly insists" to be so, like Switzerland does.
Within the country, two issues also stand out, he said. He pointed to questions over whether the role of testing and providing assurance of cybersecurity technology should belong to the government or private sector, and why Singapore should play a neutral role.
Lack of talent, right environment
Another challenge is the lack of cybersecurity talents in Singapore, Huang pointed out. The Frost & Sullivan analyst explained that local universities currently do not have many specialized programs or divisions which can cultivate or provide opportunities for people to learn more about cybersecurity.
To be the testbed for security technologies, the Asian country needs the right people with the right skillsets to do that, she explained.
Being the testbed of security innovation also means having the right environment is necessary, she added. Many local enterprises, along with the MNCs in Singapore, tend to have a somewhat conservative mindset compared to those in other Asia-Pacific economies, she said.
"Even though they are open to new technologies, they have a 'wait-and-see' mentality and prefer to use more established technologies," Huang said.
The good news, though, is Singapore welcomes technology companies or high-value organizations looking to set up operations here with lower corporate taxes, she noted, adding that government initiatives to attract more new technologies are also common.