Singapore’s proposed Digital Infrastructure Bill prompts debate on tougher APAC regulation

0

Singapore’s proposed Digital Infrastructure Bill, which would allow punitive measures for cybersecurity and resilience failures, is being watched by some in the security industry as a potential indicator of where regulation across Asia-Pacific could head next.

In comments circulated to media, Takanori Nishiyama, senior vice president for APAC and country manager for Japan at Keeper Security, said the bill could introduce fines of up to $1 million and would seek to designate data centres and cloud providers as critical national infrastructure, alongside sectors such as power, water and healthcare.

Nishiyama argued the timing reflects concerns about emerging technologies affecting the threat landscape, pointing to “frontier AI” accelerating attacks and to “harvest-now, decrypt-later” risks associated with quantum computing and long-lived data.

He cited Keeper Security’s 2026 research, which he said found 46% of APAC security leaders identified cloud security gaps, including misconfigurations and excessive permissions, as their biggest security weakness—12 points above the global average—while 38% reported privileged access management as fully deployed.

Nishiyama said compliance expectations were shifting beyond documentation, and urged organisations to map systems and vendors that interact with sensitive or long-lived data, enforce least-privilege access, and maintain continuous session visibility rather than relying on periodic audits. He said data centres, like other critical infrastructure, should be designed to contain compromise as well as prevent it.

Share.

Comments are closed.

Visit Us On TwitterVisit Us On FacebookVisit Us On LinkedinVisit Us On Youtube