In arriving at the list of essential services in the Cybersecurity Act, the Cyber Security Agency of Singapore (CSA) took reference from the list of critical sectors in the Computer Misuse and Cybersecurity Act (CMCA). CSA also surveyed the definition of “essential services” in other jurisdictions.

CSA then identified a total of 11 sectors with Critical Information Infrastructure. For each of these 11 sectors, CSA worked with the relevant Sector Lead to identify their essential services based on criteria such as impact to Singapore’s economy.

We do not preclude gazetting new essential services in the future.