Cybersecurity Act 2018 (Singapore)

The Act imposes duties and obligations on owners of critical information infrastructure, which refer to computer or computer systems which are necessary for the continuous delivery of essential services, to protect against cybersecurity threats. It provides the rules and procedure on furnishing of information relating to the critical information infrastructure (CIT) to the Commissioner of Cybersecurity, codes of practice or standards of performance on cybersecurity, reporting of any cybersecurity incidents, auditing compliance with the provisions of the Act, and conducting a cybersecurity risk assessment of the CIT. 

The Act bestows the Commissioner of Cybersecurity with the mandate and power to administer and implement the provisions of the Act, and specifically provides the Commission with powers to investigate and prevent cybersecurity incidents. Cybersecurity providers are also required to secure a license from the Commissioner of Cybersecurity before they can engage in such business.