Singapore is the top-ranked country in the Asia Pacific region in terms of its overall Internet resilience (70%). However, its security resilience score of 54% ranks 15th.
Let’s look at Figure 1, which is a screenshot of the soon-to-be-released Pulse Global Internet Resilience Index tool. There are four areas where networks in Singapore can improve this rating by increasing their IPv6 adoption and involvement in the MANRS initiative and increasing their protection against DDoS attacks and against spam.
We at the Cyber Security Agency of Singapore (CSA) share the Internet Society’s mission to improve the Internet’s resilience by making the Internet more secure and trustworthy. One way we are doing so is by helping Internet users in Singapore and abroad to check the security hygiene of websites and email services.
Users Can Check Trust, Enterprises Can Identify Improvements
The Internet Hygiene Portal (IHP) allows consumers to assess the level of security (posture) of website and email services to help them make informed choices to safeguard their digital transactions from cyber threats.
Developed by CSA, the IHP self-assessment tool (Figure 2) has been used more than 60,000 times by 17,000 users since its launch in October 2022 to determine how safe it is to use or interact with a particular website or email domain.
Upon entering the URL of the website or email service, users receive a health check report card noting the overall security risk of the service and whether or not it complies with the recommended technologies, along with actionable suggestions and useful resources on how they can improve (Figure 3).
Users can also use the IHP to learn how to create secured domains using industry best practices, including:
- Using the Domain-based Message Authentication, Reporting, and Conformance (DMARC) protocol, which works alongside other security measures like Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) to prevent fraudsters from impersonating your email address and sending phishing or scam emails.
- Using the Domain Name System Security Extensions (DNSSEC) protocol, which is similar to DMARC but for website addresses. It adds an extra layer of authentication to make sure that people who visit your website are directed to the right place and not tricked into visiting a fake or dangerous site. To be sure that your website’s DNS is secure, it needs to be signed and validated.
Another feature of the IHP is the Internet Hygiene Rating (IHR) table (Figure 4), which provides a simplified view of the Internet hygiene of popular e-commerce platforms in Singapore. This allows users to discover more about the Internet security posture of these services that they might regularly visit.
The IHP has also led to 2,500 documented Internet hygiene improvements by enterprises that have used the service to determine how best they can improve their web and email domain security.
Broadening the Internet Hygiene Portal to Industry and E-Commerce
In its first six months, the IHP has created a positive effect on the health of the Internet in Singapore, as it encourages companies to take steps to improve their cyber hygiene and instill confidence in consumers.
Having partnered with the Internet Society, and hyperscale providers such as Amazon, Google, and Microsoft to provide informational resources to help enterprises improve their Internet hygiene best practices, the CSA intends to develop more partnerships, including with Singaporean business, manufacturing, and tech federations, and extend its focus to produce more informational resources to cater to a wider spectrum of platforms.
Watch the video below or contact us to find out more about the Internet Hygiene Portal.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of the Internet Society.
Photo by Polina Zimmerman on Pexels