Singapore Cybersecurity Act 2018
The Singapore Cybersecurity Act 2018 establishes a legal framework for the oversight and maintenance of national cybersecurity. It designates Critical Information Infrastructure (CII) sectors, establishes the Cyber Security Agency of Singapore (CSA) as the regulatory authority, and provides for incident reporting, cybersecurity audits, and penetration testing. The 2024 amendments expand coverage to encompass entities of special cybersecurity interest and foundational digital infrastructure.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (5)
CII
| Code | Title |
|---|---|
| SGCYBER-1 | Critical Information Infrastructure (CII) Designation and Registration |
Enforcement
| Code | Title |
|---|---|
| SGCYBER-5 | Investigation, Enforcement, Cooperation |
Incident Reporting
| Code | Title |
|---|---|
| SGCYBER-3 | Cyber Incident Reporting |
Licensing
| Code | Title |
|---|---|
| SGCYBER-4 | Licensing of Cybersecurity Services |
Standards
| Code | Title |
|---|---|
| SGCYBER-2 | Codes of Practice, Standards, Audits |
Your Compliance Coverage
If you comply with Singapore Cybersecurity Act 2018, you already cover:
BSI IT-Grundschutz
20%
1 controls mapped
Compare →Vietnam Law on Cybersecurity (No. 24/2018/QH14)
20%
1 controls mapped
Compare →US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule
20%
1 controls mapped
Compare →+ 92 more: TEFCA - Trusted Exchange Framework and Common Agreement (20%), APPI (20%)
See all 95 mapped frameworks ↓Maps to 95 other frameworks
Frequently Asked Questions
What is Singapore Cybersecurity Act 2018?
Singapore Cybersecurity Act 2018 is a compliance framework from Singapore with 5 domains and 5 controls. The Singapore Cybersecurity Act 2018 establishes a legal framework for the oversight and maintenance of national cybersecurity. It designates Critical Information Infrastructure (CII) sectors, establishes the Cyber Security Agency of Singapore (CSA) as the regulatory authority, and provides for incident reporting, cybersecurity audits, and penetration testing. The 2024 amendments expand coverage to encompass entities of special cybersecurity interest and foundational digital infrastructure. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Singapore Cybersecurity Act 2018 have?
Singapore Cybersecurity Act 2018 has 5 controls organised across 5 domains. The largest domains are CII (1 controls), Enforcement (1 controls), Incident Reporting (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Singapore Cybersecurity Act 2018 map to?
Singapore Cybersecurity Act 2018 maps to 95 other compliance frameworks. The top mapping partners are BSI IT-Grundschutz (20% coverage), Vietnam Law on Cybersecurity (No. 24/2018/QH14) (20% coverage), US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule (20% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Singapore Cybersecurity Act 2018 compliance?
Start your Singapore Cybersecurity Act 2018 compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Singapore Cybersecurity Act 2018 requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 5 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.
Get Started Free →Free forever — no credit card required