Introduction
With the ASEAN digital economy projected to reach US$1 trillion by 2030 and the region’s fast-growing online population becoming a prime target for cybercriminals, cybersecurity is increasingly a priority for governments.
On 10 June 2024, Singapore and the other nine ASEAN member states signed two new agreements to enhance collective cybersecurity in the region: the ASEAN Cybersecurity Emergency Response Team (CERT) Framework and the ASEAN Cybersecurity Capacity Building Programme (ACCP).
ASEAN CERT Framework
The ASEAN CERT Framework is a legally binding agreement that establishes a regional mechanism for information sharing and coordinated response to cybersecurity incidents. The framework aims to facilitate timely and effective cooperation among the national CERTs of ASEAN countries, as well as with relevant international partners and organisations. The framework also sets out the roles and responsibilities of the ASEAN CERT Coordination Centre, which will serve as the central point of contact and coordination for the ASEAN CERT network.
The ASEAN CERT commenced operations on 16 October 2024 at Singapore's ASEAN-Singapore Cybersecurity Centre of Excellence. The ASEAN CERT is the first of its kind in the region and reflects the growing need for cross-border collaboration to address the increasing frequency and sophistication of cyber threats.
ACCP
The ACCP is a non-binding agreement that aims to enhance the cybersecurity capabilities and resilience of ASEAN countries. The ACCP will provide a platform for ASEAN countries to share best practices, exchange expertise and access training and technical assistance from regional and international partners. The ACCP will also support the implementation of the ASEAN Cybersecurity Strategy 2025, which was adopted in 2020 and outlines the strategic objectives and action plans for ASEAN cybersecurity cooperation.
The ACCP is expected to benefit ASEAN countries with varying levels of cybersecurity maturity and development, as well as to foster a common understanding of and approach to cybersecurity issues in the region.
Conclusion
The ASEAN CERT Framework and the ACCP will help to promote the advancement of the region’s cybersecurity with enhanced cross-border cooperation. Businesses and organisations operating in or across ASEAN countries should seize the opportunity to bolster cybersecurity infrastructure to improve resilience against cross-border threats, and actively engage with the resources provided in these initiatives.
Our technology lawyers are experienced and highly familiar with the sector’s latest developments.
Reed Smith LLP is licensed to operate as a foreign law practice in Singapore under the name and style Reed Smith Pte Ltd (hereafter collectively, "Reed Smith"). Where advice on Singapore law is required, we will refer the matter to and work with Reed Smith's Formal Law Alliance partner in Singapore, Resource Law LLC, where necessary.
Client Alert 2024-219