Singapore: Infocomm Media Development Authority advisory guidelines for enhancing resilience of cloud services

On 25 February 2025, the Infocomm Media Development Authority (IMDA) adopted advisory guidelines for cloud services and data centres in Singapore. These guidelines serve as a framework to enhance the resilience and security standards among cloud service providers and data centre operators by recommending best practices such as risk assessments, cybersecurity measures, and business continuity planning. For Cloud Services, the guidelines cover security testing, user access controls, data governance, and disaster recovery planning. For Data Centres, they offer a framework for implementing and continuously improving business continuity management systems and cybersecurity measures. The advisory guidelines complement recent amendments to the Cybersecurity Act and the upcoming Digital Infrastructure Act.