ACICE Advisory Board and Expert Panel Members,

Permanent Secretary (Defence),

Executive Deputy Chairman of RSIS, Ambassador Ong,

ASEAN Defence Officials,

Distinguished Guests,

Ladies and Gentlemen,

First, I would like to thank you all for your presence and support here to launch this ADMM Cybersecurity and Information Centre of Excellence, or ACICE. You saw the clip that we agreed as ASEAN Ministers, we tabled it, put it on the agenda for ASEAN Ministers and establishments to consider it, and they undertook this and agreed to it. When they did so, it underscored our recognition that threats from the cyber domain do not respect geographical boundaries and will require transnational coordination and collaboration for effective responses. Furthermore, these threats are likely to spread rapidly. Whether Advanced Persistent Threats or other pernicious malware, they are seldom confined to one country. Therefore sharing of information becomes critical in our individual and collective defences against cyber threats.

The Nature of Threats in the Cyber and Information Domains

Unfortunately, cyber threats have now become commonplace for all countries that we represent here and beyond. We are no longer surprised by the scope and scale of malware, DDOS, cyber scams, misinformation, deepfakes, ransomware, phishing and data leaks. All these were not in popular usage 10 years ago and now they cease to shock us. We accept them as part and parcel of the digital ecosystem that prioritises connectivity first and foremost. I think just like our bodies need to interact with the external environment despite the presence of potentially harmful viruses and bacteria, our digital systems and devices must remain open to function adequately, and remain adaptive in this fast-changing and challenging external milieu. In the extreme of course, all of us, I think our systems within our digital ecosystems are air gapped or closed intranets. But akin to severely immunocompromised patients who live in a self-contained bubble or isolation ward, when we do that, interactions with the outside world are severely curtailed, and even then, protection would never be foolproof.

I wonder if we could ever devise a digital filter that weeds out all cyber threats? I doubt it. It is just not possible. I mean this is iterative. You produce something, somebody produces something against you, and it goes on and on. To complete that medical analogy, the digital ecosystem must have its own inherent immune system that protects against harmful intrusions. In opening ACICE today, I think we have strengthened our digital domains for our defence establishments.

These primary considerations then set the scope and missions for ACICE. ACICE seeks to complement, not replace existing ASEAN and national centres against non-cyber threats. Within individual ASEAN and ADMM countries, discrete centres already exist to deal with specific threats for counter-terrorism, maritime security, HADR etc. Those threats, while important, are not the primary focus of ACICE. There are four main goals for ACICE.

First, like many existing centres in the ADMM, ACICE must aim to provide good situational awareness and early warning on threats in the digital domain. I think these should include alerts on specific zero-day vulnerabilities and ransomware on military as well as civilian systems, but also extend to improving overall cybersecurity for ASEAN to include reporting on online scams, phishing attacks, misinformation, deepfakes and mitigating measures users can employ. These early warnings can prevent serious consequences. Last year, a series of ransomware attacks on multiple government sites – this was in Costa Rica – led to a proclamation of a national emergency.

Since ACICE's establishment in June 2021, good progress has been made for this baseline mission. ACICE has produced more than 60 monthly reports on trends and developments in the information and cyber domains, and I hope that these monthly digests have been helpful to your countries. These reports have been distributed to 23 countries, including ADMM-Plus members and other external partners. I hear from our Executive Director of ACICE that we have already had feedback on how to improve other products, and I think we will take those inputs and try to improve our products.

The second broad goal of ACICE is as an information sharing and capacity building hub – to help the sum of ADMM parts be greater than the whole for the cyber domain. In February this year, ACICE launched the Malware Information Sharing Platform (MISP), an exclusive platform for ASEAN countries to share information in real time on cyber threats and malware. To date, the Information Sharing Platform has published more than ten thousand indicators of compromise and provided actionable threat intelligence against potential threats and malware.

Yesterday, some of you attended, and ACICE hosted its inaugural Digital Defence Symposium and ASEAN roundtable, Permanent Secretary (Defence) opened, and it brought together ASEAN defence officials, academics and industry experts to exchange views and to explore opportunities for collaboration, so this is the second role.

Cooperation to Combat Threats

Third, there will be digital threats that will affect more than one country, either simultaneously or sequentially. In a worst-case scenario, there could be a physical disruption of key undersea cables connecting our countries within ASEAN and with the rest of the world. This impact will be pervasive and a collective response will be required. Threats due to disruptive malware and misinformation would also fall in the spectrum of transnational digital threats.

There is a fourth and final goal for ACICE is no less important than the preceding three but by its nature, evolving and inchoate. Through shared information, collective assessment of and response to threats, ACICE hopes to forge a consensus on the "rules of the road", if you like, that should govern the digital domain. I know one treads very warily when talking about rules of the road in the cyber domain. But ACICE will join other regional and international bodies, like the UN Open Ended Working Group to discuss and develop global consensus on norms, rules and principles for responsible state behaviour in cyberspace, including protection for critical infrastructure. If you think about it, we are so dependent on the cyber domain that it is strange and surprising that the rules come after the usage; it never works that way. There is a reason for it. We are all quite happy to operate in the Wild Wild West. And when rules are imposed, we ask ourselves, well, is this going to affect me, and who is going to police me. So, I think, unfortunately, the impetus is not there yet, because there is no great dramatic event as yet. For financial crimes, it is quite clearly criminalised, and you have global networks to share information and catch the offenders. If key installations fall, such as hospital systems, transport, roads, airports, there may be a moment where they will galvanize international consensus that the adverse consequences are greater than without these rules. And I think that consensus is necessary if we are to enforce standards in emerging domains, such as the rapidly expanding field of autonomous applications and AI driven processes. This will be crucial to protect us all from the negative side effects of otherwise good and useful technology. So I think we are behind on this, but it is what it is, and there is no global consensus and we need to be part of the conversation.

Conclusion – Appreciation of Partners

Now, ACICE is not a very big outfit, and to facilitate and guide these laudable goals, I am very thankful that ACICE has assembled an Experts Panel of illustrious and knowledgeable people, some who are here with us today, including President of the Global Forum on Cyber Expertise Foundation from the US, Mr Christopher Painter; President of Shanghai Institutes for International Studies from China, Prof Chen Dongxiao; as well as our colleague from the United Nations Institute for Disarmament Research.

The Panel comprises renowned academics and industry experts from around the world to advise us on emerging global trends and developments in the cybersecurity and information domains. Looking ahead, ACICE plans to collaborate with other partners to offer AMS a range of courses, workshops, conferences, dialogues and joint studies. For a start, I am pleased to announce that ACICE will sponsor two participants from each ASEAN country to attend a basic cybersecurity course that will be held in Singapore. I have feedback that there have been requests for more courses and more participants, and again we will take that into consideration.

ACICE's establishment and mission success, I think is only possible through the strong support of all our ASEAN and international partners. Let me thank you all for your valuable contributions and wish ACICE every success as it seeks to fulfil these four broad goals.

Thank you.