Internship project: Internet-of-Things (IoT) Security Roadmap 2025

This project aims to create a development roadmap to elevate the security posture of IoT deployments across various sectors of our economy and society, addressing both existing and emerging threats. This initiative will involve the development of a IoT cybersecurity roadmap with a comprehensive strategy to proactively address current and emerging threats. The roadmap will also leverage insights from relevant national and international IoT security projects and initiatives to inform the development of actionable strategies and capacity building programs. The intern would be required to: 1) Work with the team to conduct landscape studies on IoT adoption in Singapore: • Investigate and document the prevailing state of IoT adoption in Singapore in domains such as consumers/smart homes, small and medium businesses and sectors within the Smart Nation initiative (e.g., healthcare, urban environment). • Identify and map stakeholders engaged within Singapore’s IoT ecosystem, encompassing government agencies, industry players (both providers and consumers of IoT technologies), tertiary and research institutions, and standards development organisations. • Analyse the key drivers and challenges associated with the adoption of IoT technologies within the identified sectors in Singapore. • Gather data through publicly accessible reports, and potentially through engagement with stakeholders (under supervision). 2) Contribute to the assessment of current and emerging IoT threats relevant to Singapore: • Research and document the current and emergent cybersecurity threats specifically targeting IoT devices and ecosystems, with a focus on their potential impact within Singapore’s context. • Analyse the potential impacts of these threats on Singapore's economic stability, and the well-being of Singaporeans. • To monitor recent incidents and vulnerabilities relating to IoT security within the Asia-pacific region and Singapore. 3) Identify gaps and opportunities: • Analyse existing national cybersecurity strategies, policies, and initiatives to ascertain any gaps and opportunities in addressing the specific challenges presented by the massive adoption and proliferation of IoT in Singapore. • Review best practices, standards, and frameworks for IoT cybersecurity (e.g., NIST, ENISA, ISO, Singapore SS standards) with a view to their applicability in the Singapore’s context. 4) Contribute to the development of a comprehensive report: • To assist in the compilation and drafting of a comprehensive report articulating the findings of the landscape studies, threat assessments, and gap analyses. • To contribute to the formulation of pragmatic and actionable recommendations for the national IoT cybersecurity roadmap for Singapore. 5) Prepare and deliver a presentation of findings: • To develop and deliver a presentation summarising the key findings and research in order to highlight his/her contribution to the initiative.

- Strong research and analytical acumen. - Basic understanding of IoT technologies and architectural frameworks. - Familiarity with fundamental cybersecurity concepts and principles. - Ability to synthesise information from diverse sources. - Proficiency in the use of Microsoft PowerPoint to create concise and engaging presentation. - Capacity to work both autonomously and as a collaborative member of a team. - Demonstrable interest in cybersecurity and emerging technologies, with a particular focus on the Internet of Things. - Knowledge in conducting reviews and analysing data sets. - Knowledge of national or international cybersecurity policies and frameworks relevant to Singapore. - Interns who can join from May 2025 onwards (6 months minimum commitment).

About the Cyber Security Agency of Singapore Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg