Digital Policy Alert logo

Singapore: Cybersecurity (Amendment) Act provisions expanding regulatory oversight to third-party-owned infrastructure, temporary cybersecurity concern systems and entities of special cybersecurity interest entered into force

Policy overview

Description

Cybersecurity (Amendment) Act provisions expanding regulatory oversight to third-party-owned infrastructure, temporary cybersecurity concern systems and entities of special cybersecurity interest entered into force

On 31 October 2025, sections 2 to 15, 18, 19, 22, 23(b), 24, 25, 28(a) to (g), 29, 31 and 32(1) to (4), (6) and (7) of the Cybersecurity (Amendment) Act 2024 entered into operation pursuant to the Cybersecurity (Amendment) Act 2024 (Commencement) No…

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other
Implementation Level
national
Government Branch
legislature
Government Body
parliament

Complete timeline of this policy change

Hide details
2022-03-04
under deliberation

On 4 March 2022, the Cyber Security Agency of Singapore (CSA) announced that it will amend and expa…

2023-12-15
in consultation

On 15 December 2023, the Cyber Security Agency of Singapore (CSA) opened a consultation until 15 Ja…

2024-01-15
processing consultation

On 15 January 2024, the Cyber Security Agency of Singapore (CSA) closed its consultation on the Cyb…

2024-04-03
under deliberation

On 3 April 2024, the Cybersecurity (Amendment) Bill No. 15/2024 was introduced to the Singapore Par…

2024-05-07
adopted

On 7 May 2024, the Cybersecurity (Amendment) Bill No. 15/2024 was adopted by the Singapore Parliame…

2025-10-31
adopted

On 31 October 2025, sections 2 to 15, 18, 19, 22, 23(b), 24, 25, 28(a) to (g), 29, 31 and 32(1) to …