Cyber Security Agency of Singapore (CSA) · 2018 (amended 2024)

Cybersecurity Act 2018

Provides a legal framework for the oversight and maintenance of national cybersecurity. CCoP 2.0 active. 2024 amendments expanded scope to entities of special cybersecurity interest.

Scope

Who must comply

Critical Information Infrastructure (CII) operators — 11 sectors including Banking & Finance

Key controls & obligations

The control catalogue

01
CII designation and registration
02
Cybersecurity code of practice (CCoP 2.0)
03
Annual cybersecurity audit & risk assessment
04
Mandatory incident reporting to CSA
05
Cybersecurity exercises participation

Educational disclaimer

RiskPedia content is for educational purposes only. Not legal or regulatory advice. Refer to the Cyber Security Agency of Singapore (CSA) for binding text.