GCSOC (Factsheet)

24 FEB 2023

Factsheet – Government Cyber Security Operations Centre (GCSOC)

24 Feb 2023

The Government Technology Agency (GovTech) commissioned the Government Cyber Security Operations Centre (GCSOC) in 2022 to strengthen our monitoring and defence against cyber threats to Singapore government systems. GCSOC replaces the Cyber- Watch Centre1 (CWC), which was established in 2007, and currently comprises 60 staff.

Government Cyber Security Operations Centre

GCSOC aims to better secure the Government’s evolving Information and Communications Technology (ICT) infrastructure, and guard against threats more effectively. It centralises cybersecurity operations across government agencies, and better leverages technologies in artificial intelligence and machine learning to enhance security analytics.

These enhancements have led to the benefits below:

Improved Detection Coverage

GCSOC aims to improve its detection coverage and accuracy of threat attacks across the Government and has expanded its monitoring of ICT infrastructure such as systems and networks to include components within the cloud.

The enhanced detection capabilities are enabled by automated technologies, as well as the use of cyber threat intelligence, to correlate threat data from multiple sources. GCSOC also works with other agencies to develop innovative tools to continuously enhance its detection capabilities. One example is PhishMonSG, a phishing detection tool developed in collaboration with the Ministry of Home Affairs that enables GCSOC to proactively scan across the Internet daily for malicious sites that mimic Government agencies’ websites.

Proactive Threat Hunting

As GCSOC deploys and utilises enhanced security analytics, its pool of cyber specialists is upskilled to perform proactive threat hunting centrally for Government agencies. This supports the overall cyber threat defence and enables GCSOC to uncover and respond more effectively to increasingly sophisticated cyber-attacks which might have evaded existing defences.

Faster Response Time

GCSOC has shortened the incident response time of Government agencies’ by providing central support for triage and incident investigation. As part of the GCSOC set-up, the Government IT Security Incident Response2 (GITSIR) team is also integrated to allow for a more tightly knitted investigation and response workflow.

Government Cyber Security Operations Centre

GCSOC will continue to augment our detection and response capability by strengthening our coordination with agencies, upskilling our cyber specialists pool and investing in data analytics.

For media clarifications, please contact:

Leonard Lui (Mr)
Communications & Marketing Group
Government Technology Agency
Tel: 9673 8285
Email: Leonard_LUI@tech.gov.sg

Zoe Xu (Ms)
Communications & Marketing Group
Government Technology Agency
Tel: 8189 1682
Email: Zoe_XU@tech.gov.sg

  1. The Cyber-Watch Centre was established by the then-Infocomm Development Authority of Singapore in 2007 to provide round-the clock monitoring of cyber threats to critical installations in the public sector. More information at: https://www.tech.gov.sg/files/media/media-releases/2013/05/AnnexDpdf.pdf 

  2. The Government IT Security Incident Response (GITSIR) was established in 1997 to perform and coordinate incident investigations, digital forensics and malware analysis. More information at: www.tech.gov.sg/products-and-services/gitsir/