Security News > 2022 > April > Singapore to license pentesters and managed infosec operators

Cybersecurity service providers must for licenses to operate in Singapore, under new regulations launched by the country's Cyber Security Agency on Monday.

Specifically, concerns were raised over whether service providers may aggregate or use anonymised client data for threat intelligence purposes, leading CSA to limit the scope of its license condition.

"The use of anonymised information that is within the scope of this condition should be a matter to be agreed upon between the licensee and its client," said CSA. Within its responses to the open feedback, CSA clarified that resellers, or overseas cybersecurity service providers who provide licensable cybersecurity services to the Singapore market would also require a license.

"Kaspersky commented:"Amongst a host of solutions and services Kaspersky provides, it offers Penetration Testing and Managed and Detection Services for enterprises and entities in Singapore.

"As the licensing framework applies to cybersecurity service providers... providing licensable cybersecurity services to the Singapore market, including penetration testing service and managed security operations centre monitoring service, Kaspersky is currently in the process of doing the necessary to obtain the license."

"We are confident about the integrity and security of our products and services thus our line of communications with the Cyber Security Agency of Singapore remains proactive and open to ensure that we comply with the requirements related to this regulatory measure." .

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/12/singapore_infosec_licensing/