Singapore’s cybersecurity sector gets accredited under CCRA
WHEN mid-sized and large enterprises look for technology solutions, they prefer investing in one that has been certified by an international body.
In the cybersecurity space, solutions are often certified by the Common Criteria, also known as ISO/IEC 15408. It’s the preferred stamp for companies looking to secure their enterprises from the myriad threats in cyberspace and is the de facto standard recognized by the government agencies across the world.
Thus far, cybersecurity companies in Singapore would have to send their products abroad for certification.
However, Singapore has recently attained certificate authorizing status under the Common Criteria Recognition Arrangement (CCRA), allowing cybersecurity companies in the country to get their solutions certified more quickly.
According to Singapore’s Senior Minister of State for Communications and Information Janil Puthucheary, local companies looking to develop globally recognized IT security products within Singapore are expected to see more than 20 percent savings in time and costs.
If cybersecurity companies in the country are willing to pass on the cost savings to customers, it could greatly benefit businesses in Singapore, especially small and mid-sized entities that struggle to find the resources to protect themselves and their customers.
Currently, there are 30 members to the CCRA, of which, only 18 are certificate authorizing nations including the US, the UK, Australia, New Zealand, India, South Korea, and Malaysia.
A CC Certification Body has been set up by CSA Singapore to ensure that product evaluations undertaken conforms to the strict requirements of the CC standards.
For now, there’s just one approved laboratory in Singapore, but more such labs are expected to be added to the list of labs in the future.
In fact, CSA Singapore recently organized a five-day Common Criteria (Specialization) training course in an effort to build a strong community of practice in product evaluation and certification.
For small and mid-sized businesses, the accreditation not only paves the way for more affordable cybersecurity solutions developed domestically, but also makes sure local businesses have access to a strong portfolio of solutions that meet high standards and protect their business sufficiently.