Singapore Armed Forces and Other Matters Bill

Mdm Deputy Speaker: Minister for Defence.

3.16 pm

Order for Second Reading read.

The Minister for Defence (Dr Ng Eng Hen): Mdm Deputy Speaker, I beg to move, "That the Bill be now read a Second time".

Madam, with your permission, MINDEF has two related Bills today on the Order Paper. I would like to propose that the debate on both Bills take place together, as the two Bills deal with the same substantive matter of the new SAF service to be stood up. If the first Bill is passed, the Second and Third Readings of the Constitution of the Republic of Singapore (Amendment No 2) Bill will follow.

Mdm Deputy Speaker: Please proceed.

Dr Ng Eng Hen: Madam and Members of this House, the legislation that governs militaries around the world is not often amended. So, I do not stand on this podium very often, and for good reasons.

The mandate and powers provided to the military are clear and focused, and necessarily scoped by Parliament to keep within this remit. In peace, that legislation is usually adequate for the Armed Forces' crucial task of national defence, to organise themselves to build capabilities and protect the sovereignty and security of her country. For militaries that are often at war, or operating in periods of tension, legislative changes are more frequent, as varied conditions require timely adaptations. But during peace, one does not expect frequent changes to legal provisions. So, too, the SAF. The last time the SAF Act was amended was in 2009 to introduce the Military Domain Experts Scheme for SAF. We are thankful that Singapore has enjoyed a period of prolonged peace since our Independence.

Nonetheless, the amendments put to this House today represent a significant change militarily to establish a new fourth service, the Digital and Intelligence Service, or DIS in short, alongside the Army, Navy and Air Force services which the SAF Act of 1972 brought into existence.

There will be other amendments which I will go through with Members, and they are related to discipline and administrative processes to update and to ensure the smooth functioning of SAF.

The SAF, incepted 57 years ago in 1965, has been a military constantly on the move. And that transformation is visible. All of you would have witnessed it through the years growing up; NSmen lived through it and some here are actually responsible for pieces of that transformation. From 13-tonne AMX-13 light tanks to 70-tonne Leopard main battle tanks; wooden hull ships to stealth frigates; Hawker Hunters to F16s, F15s and, in a few years, F35s, the SAF today is a modernised military, capable of prosecuting missions across the spectrum of security threats.

Singaporeans, too, have seen this SAF journey every year, through the National Day Parades (NDPs) when we allow SAF to play on the Floating Platform, Padang or National Stadium and into the heartlands. That display will take place in a few days' time on 9 August. I hope that Members will enjoy the dynamic display.

We, in this House, and Singaporeans out there are not the only ones who have noticed this impressive and progressive march. The Asian Military Review described the SAF as "one of the most well-trained and equipped forces in Asia Pacific". That others notice the SAF's competency and growing ability is good, and the core of deterrence.

Today's amendment, if approved by this House, will set up under the SAF Act a formal fourth service – DIS – and should be seen in the continuum of improvements for the SAF over the past 57 years.

For SAF commanders and troops, DIS affects primarily the intelligence community, and we call it the C4I community – Command, Control, Communications, Computers and Intelligence. So, let me shift focus there to explain what needs to be done and why, by the DIS.

To protect Singapore, the Army, Navy and Air Force have built up capabilities in their respective domains on land, at sea and air. But it is not enough for each service to do so. Command and control are essential to maximise effects by orchestrating joint efforts, so that the whole is greater than the sum of the parts. Pari passu, intelligence capabilities had to grow in tandem, to keep pace.

The C4I community has been growing alongside the three kinetic services, less visible but no less progressive. C4I operations have grown over the years, too, for example, in counter-terrorism, from our operations, from our NDPs to key high-security multilateral events, like the Trump-Kim Summit and ASEAN Summit in 2018. C4I soldiers were deployed for counter-terrorism and counter-insurgency operations in Kuwait and Afghanistan. Our imagery analyst teams were part of the Combined Joint Task Force Headquarters in Kuwait from 2014 to 2016. Then-US Secretary of Defense Ashton Carter expressed his appreciation for their contributions which helped stop ISIS' terror campaign.

Even despite these impressive developments and achievements hitherto, the C4I community's role has been largely that of a supporting agency, akin to combat support, logistics and maintenance. They enable the Army, Navy and Air Force to achieve their missions by providing actionable timely intelligence and ensuring that communications are secure to execute plans. And these responsibilities will still be part of DIS.

So, what then has changed to require DIS to be a fully-fledged military service arm? Simply put, the battleground. The digital domain, just like air, land and sea, has become a battle terrain which, if left unguarded, can impact the security and sovereignty of any country. And over the years, I have updated Members in this House about these security threats.

In 2015, I spoke about "hybrid warfare", "an orchestrated campaign" which "integrates the use of conventional and unconventional tools of warfare" to "fracture the solidarity of the target nation". I quoted former Chief of General Staff of the Russian Federation, General Valery Gerasimov, who said, "The very rules of war have changed. The role of non-military means of achieving political and strategic goals has grown and, in many cases, they have exceeded the power of force of weapons in their effectiveness." Reflect on this statement. We are all familiar with the dictum "political power grows out of the barrel of the gun". But the "Gerasimov Doctrine" upends it. And he says, "In many cases, the non-military means of achieving political and strategic goals have exceeded the power of the force of weapons". I described this concept as the exact antagonist of our Total Defence concept. To respond to the growing prevalence of hybrid warfare back then, I pointed out that SAF will have to contend with cyber threats and the growing use of disinformation in warfare.

In 2016, I shared about the unidentified hackers attacking Ukraine's power grid and disrupting electricity. In 2017, the Financial Times wrote on cyber warfare. In 2019, we introduced Digital Defence as the sixth pillar of Total Defence. Looking back over those years, this generation is witnessing real-time, and personally, the changing face of warfare.

Even as the public experiences it first-hand, this realisation by militaries of vulnerabilities and opportunities within the digital domain has not been uniform. Some militaries adapted earlier than others to the "Gerasimov Doctrine" and have steadily been building capabilities on many fronts, including the digital domain, for example, the German military that incorporated a new service, as we are proposing today, in 2017, to defend the digital domain. The Baltic States I visited recently have also beefed up their capabilities in their military and civilian organisations against digital threats.

Apart from states, non-state actors have also recognised that they can use the digital domain to achieve their ends, particularly terror cells. Whether to recruit vulnerable inductees, spread false propaganda, supply funds, procure weapons, sabotage or bypass state security systems, these areas have become standard fare for terrorist networks.

From a security perspective, we should ask, "what will be the scale of these digital threats going forward and can they threaten the well-being of citizens and even the entire country?" The questions are, of course, rhetorical and I think every Member here knows and agrees that these threats can only grow and have a very real physical impact on any country that is unprepared.

We are all convinced because we have seen for ourselves the many forms of cyber intrusions that develop quickly, even within the past few years. Cyber intrusions can affect many critical systems. Last year, we saw the Colonial Pipeline cyber attack that cut off gas supplies to many South and East Coast states in the United States and disrupted the lives of countless people. Earlier this year in February, a cyber attack on the European telco, Vodafone, restricted cellular communications for millions of people in Portugal. It will be horrendous, but not unthinkable, about the potential fallout from attacks on water systems, hospitals, air traffic, trains, financial systems, pension systems – the list goes on.

In fact, cyber threats, disparate in form and source, occur in the thousands, even millions, each day. However, they should be differentiated from the ones that have the most pernicious intent and seek to undermine our nation's sovereignty or security.

For the SAF, it has asked itself this simple question, just as it does if the threat came from air, land or sea: how does it detect, mitigate or repel any potential aggressor, an orchestrated cyber attack by state and non-state actors that mean to do Singapore and Singaporeans harm? The first response, just like the Army, Navy and Air Force, is that it will need a dedicated service to raise, train and sustain cyber troops and capabilities to defend our digital borders. In the digital domain, the fourth service is the force on the frontline, as it should be.

We are thankful that hitherto, our intelligence agencies have not detected any campaign against Singapore of that nature in the digital domain. But we should not wait for one and it would be prudent to start and build up the fourth service now. That alone would serve as a deterrent.

As with the mission of the three existing services, DIS will ensure Singapore is defended against the full spectrum of threats against potential aggressors. The digital environment is more porous than the physical one, but DIS will be responsible to guard against these aggressors in that domain.

For the SAF, DIS will protect its networks and systems and strengthen our soldiers' commitment and resilience in operations. It will also continue to provide accurate, relevant and timely intelligence to support SAF operations and capitalise on cutting-edge digital technologies to advance SAF's digitalisation as a networked force.

For threats to Singapore's internal environment – and this, I am referring to the digital environment, similar to the SAF's support to the whole-of-Government for counter-terrorism – DIS will work closely with the Home Team, CSA and other national agencies to leverage one another's strengths in protecting Singapore's digital networks and providing a strong digital defence.

Let me now touch on the key provisions of the Bill which relate to DIS and its leadership.

Sections 7(1) and 2(2)(c) are amended to include DIS as a Service under the SAF. This also requires related changes to other Acts to ensure that the legal statutes can be properly applied to DIS soldiers as well. Therefore, section 2(1) of the Interpretation Act 1965 and section 27(5) of the Wills Act 1838 are amended to respectively include DIS in the definition of "military" when used in relation to Singapore's military, and to include in the definition of "soldier", a reference to a DIS serviceman. Section 21(2) of the Miscellaneous Offences (Public Order and Nuisance) Act 1906 is amended to include DIS within the scope of that provision.

The DIS will be led by a Service Chief – the Chief of Digital and Intelligence Service, or CDI in short. Like the Service Chiefs of the Army, Navy and Air Force, the CDI will be a member of the Armed Forces Council and have legal powers to discharge his or her duties and authority to lead DIS in times of conflict. Sections 2(1), 8(1), and 8B(2) are amended to effect these changes.

Based on the SAF Act and Constitution, the Chief of Defence Force and Service Chiefs are appointed by the President acting in her discretion. Section 10A of the SAF Act and Article 22(k) of the Constitution are amended to include the CDI as an appointment made by the President acting in her discretion.

Madam, I have spoken on the key change for this Bill, but there are quite a number of amendments related to disciplinary and administrative processes and training arrangements, which I will address now.

Let me deal with disciplinary provisions. Section 111 is amended to allow the three-year limitation period for the trial of offences in military courts to commence later in certain situations. Let me explain.

The SAF Act 1972 currently requires a serviceman to be tried within three years from the date of commission of the offence, or the date of reporting of the offence to a disciplinary officer or a military policeman, whichever is later, after which he can no longer be dealt with under the SAF Act. This is referred to as the default limitation period.

However, in some cases where both military and civilian offences have been committed by the same offender, time is required for Police investigations or related civil court proceedings to conclude, so as to allow MINDEF to assess all available and relevant information, before deciding whether to charge a serviceman for a related military offence.

To provide this flexibility, the amendments provide for four additional dates from which the three-year limitation period starts to run.

First, where Police investigations have commenced for a related civil offence before the end of the default limitation period, therefore, the three-year limitation period will commence from the date those investigations end.

Second, if court proceedings for a related civil offence are instituted in a civil court before the end of the default limitation period, the three-year limitation period will commence from the date that those proceedings end. If the person is sentenced to imprisonment, detention or reformative training, the limitation period will commence from the date on which the person completes the sentence.

If the person is sentenced to imprisonment, detention or reformative training before the end of the default limitation period for any unrelated civil offence, the three-year limitation period will commence from the date on which the person completes the sentence.

Fourth, if an arrest warrant was issued before the end of the default limitation period and could not be executed within that period despite all reasonable efforts as the whereabouts of the accused were unknown, the three-year limitation period will commence only on the date the person is arrested.

Let me clarify that a serviceman will not be charged in the civil court and military court for the same offence. Any charges in the military court would be for discrete and separate military offences to be dealt with in the military courts after the conclusion of the civil court proceedings.

These new time limits for military court trials will also apply to summary trials, in accordance with section 78(3), as the considerations are similar.

Let me now move on to composition fines.

Currently, all military offences under the SAF Act have to be dealt with either by summary trial or the military courts. There is no option for MINDEF to offer composition for minor military offences. The proposed amendments allow for composition fines up to a limit of $5,000, or half of the maximum fine prescribed for the offence, or half the maximum fine that may be imposed for the offence at summary trial, whichever is lowest, to resolve minor offences efficaciously while maintaining deterrence. Designated officers will be authorised by the Armed Forces Council to offer composition to such offenders.

To effect these changes, a new section 79A will be created to provide for the composition of military offences. Sections 60 and 62(1) will also be amended to define an "authorised composition officer", and to provide for the disciplinary option to refer an accused serviceman to an authorised composition officer to compound the offence.

The new section 79A will provide that the authorised composition officer is not to be in the same chain of command as the accused serviceman. This will ensure that an independent officer assesses the circumstances of the case before making an offer of composition.

Presently, service offences committed under the Civil Defence Act 1986 are dealt by a disciplinary officer or the civilian courts, while disciplinary offences committed under the Police Force Act 2004 are dealt by disciplinary proceedings or the civilian courts. Similar to the SAF, there is no option for SCDF or SPF, respectively, to offer composition for minor service or disciplinary offences.

Similar to the SAF, the SCDF and SPF propose to allow composition of minor service or disciplinary offences, by paying a composition fine up to a cap of $5,000, or half the maximum fine that is authorised to be imposed by a disciplinary officer, whichever is lower. Designated officers will be authorised by Commissioner SCDF or Commissioner of Police, respectively, to offer composition to offenders who meet the criteria.

To effect these changes in the Civil Defence Act 1986, a new section 85A will be inserted to provide for the composition of service offences committed by full-time National Servicemen, NSmen, volunteer ex-NSmen and auxiliary members. Section 70(1) will be amended to provide for the above-mentioned officers to be referred to an authorised composition officer for composition of the offence.

Similarly, in the Police Force Act 2004, a new section 84A will be inserted to provide for the composition of disciplinary offences committed by special police officers, which refer to full-time National Servicemen, NSmen, volunteer ex-NSmen and volunteers serving under the Special Constabulary. It also provides for special police officers to be referred to an authorised composition officer for composition of the offence.

Just like in the SAF Act, the amendments to the Civil Defence Act 1986 and Police Force Act 2004 will provide that the authorised composition officer is not to be in the same chain of command as the accused serviceman and will ensure that an independent officer assesses the circumstances of the case before making an offer of composition.

Next, increase in maximum fines.

It is an accepted principle for financial penalties to keep pace with inflation and increases in wages and allowances for adequate deterrence. The fine limits imposable by the Subordinate Military Court under section 118(7) will be increased. The last increase was in 2006. For officers, the maximum fine will increase from $10,000 to $30,000. For soldiers, it will increase from $5,000 to $15,000. The fine limit for a Senior Disciplinary Committee under section 72(6)(b)(ii) will similarly be increased from $10,000 to $30,000. These increases also take reference from civilian courts and are similar to the District Courts' fine limit, which is currently set at $30,000 in the Criminal Procedure Code.

The maximum fines imposable by Disciplinary Officers in the SAF who deal with minor offences by Summary Trial will also be increased correspondingly. At the lowest tier, a Junior Disciplinary Officer will be able to impose on a soldier of third sergeant rank and below a maximum fine of $600, up from $300. The most senior Disciplinary Officer is the Chief of Defence Force, who will be able to impose a maximum fine of $10,000, up from $6,000. These proposed fine limits do not exceed the Magistrates' Courts' fine limit, which is currently set at $10,000.

Sections 68, 69, 70, 70A, 70B, 72(6) and 118(7) are amended to effect the above changes.

Next, maximum imprisonment.

Section 19 is amended to increase the maximum imprisonment term for the offence of insubordinate behaviour by assaulting a superior officer from five to seven years. The SAF Act currently provides for a maximum five-year imprisonment sentence for any insubordinate behaviour, including the act of assaulting a superior officer. In contrast, the Penal Code provides for a maximum imprisonment sentence of seven years for someone who abets an SAF serviceman in assaulting his superior. Therefore, an inconsistency exists, as the abettor can be punished more harshly than the actual offender.

The proposal, therefore, increases the maximum imprisonment sentence for the act of assaulting a superior officer from five to seven years if the act was committed during active service. The maximum imprisonment sentence for the same offence committed during peacetime will be increased from two to four years. These changes remove the disparity with the punishment for abetment in the Penal Code. There will be no changes to the penalties for other acts of insubordination.

The amendment in section 112(1) is to maintain consistency of punishment powers of the military and civil courts for the same civil offence. Maximum punishments that may be imposed by a military court for a civil offence tried under section 112 are aligned with those which may be awarded by a civil court subsequent to changes in the relevant legislation.

For civil offences for which caning can be imposed by a civil court, the military court would be able to impose caning for those same offences.

The proposed amendments to section 72(1) on power of a Senior Disciplinary Committee will provide that a senior military expert of or above the rank of ME8, when created, will be subject to the same disciplinary processes as an officer of or above the rank of Brigadier-General.

Next, proposed amendments are made to the administrative processes within the SAF Act.

Section 129 is amended to allow the Military Court of Appeal to serve court appeal documents via other means, including sending to an electronic mail address designated by the appellant in the notice of appeal. This is already the practice in civil courts; we are just catching up.

Section 167 is amended to clarify that suspected deserters arrested by SPF may be released instead of being brought before a civil court. Currently, an SAF serviceman arrested by the Police for Absence Without Official Leave or Desertion shall be taken as soon as possible before a civil court. There is no option for the Police to take any other course of action. The present amendment now gives the Police the option to release such arrested persons instead of bringing them before the civil court. This, thus, aligns the SAF Act with Article 9(4) of the Constitution which requires that an arrested person be either released or brought before a Magistrate within 48 hours.

Amendments are proposed to section 205A to provide that the regulations made under section 205A(1) may provide for the Armed Forces Council to determine rates and contributions of various superannuation benefits by issuing General Orders. These superannuation benefits refer to the SAVER Plan or Premium Plan for our uniformed Officers, Warrant Officers and Specialists.

Section 205C is amended to remove the requirement for a periodic examination of the SAVER-Premium Fund. The SAF Act currently requires an actuarial examination of the SAVER-Premium Fund to be conducted at least once in five years because the fund had a "Defined Benefit" portion. However, with the removal of this portion in 2006, there is no longer such a need.

Finally, amendments to enhance training arrangements for the SAF. Since the 1970s, there has been an arrangement between SAF and the Public Utilities Board, for the conduct of military training in certain water catchment areas. We are regularising this and the Military Manoeuvres Act is amended to reflect this.

Mdm Deputy Speaker, let me conclude. Singapore and Singaporeans have enjoyed peace and progress these past six decades since our Independence. From an improbable nation, we have defied the odds time and again, to maintain our sovereignty and way of life to become one of the leading cities in Asia. These impressive strides were achieved because of a strong national defence and united people. These amendments to the SAF Act to establish a fourth service – the Digital and Intelligence Service – will further strengthen our national defence, to build, for the next generation, an even better and stronger Singapore. Mdm Deputy Speaker, I beg to move.

Question proposed.

Mdm Deputy Speaker: Mr Vikram Nair.

2.45 pm

Mr Vikram Nair (Sembawang): Mdm Deputy Speaker, I support this Bill. The creation of the armed forces for Independent Singapore started with the Singapore Army Act in December 1965. The creation of the Singapore Navy and Air Force followed in 1967 and 1968 respectively. These three services have formed the core of Singapore's armed forces ever since. The creation of a fourth service some 54 years later is, therefore, a significant milestone.

The reality of digital threats has been recognised for some time and have been raised in the course of MINDEF's Committee of Supply (COS) debates for several years. Earlier this year, Minister Ng Eng Hen addressed this issue during this year's COS and foreshadowed the creation of the Digital and Intelligence Services (DIS) Unit in the course of this year. This Bill facilitates that process.

The digital domain is undoubtedly critical in our daily life. Our civilian life depends heavily on it. Our bank records, health records, transactions with Government and even daily expenditure are all increasingly electronic. This is why each institution that deals with electronic data needs to ensure the security of that data and the integrity of those systems.

Important infrastructure and daily operations are also dependent on technology. Earlier in his speech, Minister Ng highlighted how fuel shortages across the US East Coast in May last year were due to ransomware attacks on the Colonial Pipeline. Another example raised during the COS debates was how Iranians could not top up their gas and petrol stations in October last year because the payment systems were hacked.

As a matter of international law, it is unlawful for a state to target civilian infrastructure. And I would argue that this should cover digital attacks on civilian infrastructure to disable their operations as well. There is much debate on this however, and not all experts are agreed that such attacks would constitute violations of international law and the prohibitions against armed conflict.

Additionally, there is also difficulty of pinpointing whether an attack originated from a specific state, especially if it takes place in the digital domain and many of these attacks may continue to persist even in times of peace.

It does not take much imagination to expect that military technology and infrastructure, which is increasingly dependent on technology, can also be subject to digital attacks. As we move to more automated warfare, including the use of unmanned aerial vehicles, we must also equally protect the technology that drives those new systems. To me, there is no doubt that the digital domain is as important as the kinetic one and countries are just as vulnerable to serious disruption and paralysis from digital attacks as they would be from kinetic ones.

Based on the Minister's speech introducing this Bill, I understand that the creation of this new DIS is an evolution. The DIS will be evolving from the existing C4I unit: Command, Control, Communications, Computers and Intelligence.

I have a few clarifications for the Minister for Defence on this topic.

First, to what extent would the DIS be built on the existing people and infrastructure in the C4I unit, as opposed to new appointees?

Second, when does the Minister expect the DIS to be operationally ready?

Third, currently the C4I team supports the operations of the Army, Navy and Air Force and is an integral part to their operations planning. Would the DIS continue to deploy people into the other services to support their operations?

Fourth, given the significantly different skills involved in the DIS as compared to the rest of the armed forces, would DIS recruits and employees be required to go through the same type of training as other parts of the armed forces are, such as, for example, BMT and IPPT? If so, is there a chance we may lose people who have special talents in the cyber domain, but who may not have other military skills? Would the DIS also be staffed with civilians, for example, rather than uniformed military personnel? And would the chief of the DIS be a civilian?

Fifth, would the DIS also take over responsibility for intelligence gathering for the whole armed forces, or would each of the services, such as the Army, Navy and Air Force, still have their own intelligence capabilities?

The final point on the first Bill is this – and this is actually a question that is interesting from an internal law perspective as well. Would Singapore consider an attack on our key civilian or military digital infrastructure by a foreign state actor a hostile act in contravention of international law? This has important implications, for example, on whether and how we believe we would be entitled to respond in the event we are subject to such attacks, including, for example, whether hackers are legitimate targets in the event of such an attack.

I do have a short comment for the Constitution (Amendment) Bill and since it is a short Bill, the comment is short. I note that the commander of the DIS is going to be put on the same level as the other service chiefs, such as those in the Army, Navy and Air Force, and it will be one of the appointees in which the President has a discretion to approve. This is similar to the power the President has in relation to other key public appointments including Permanent Secretaries and the Judiciary.

This, of course, makes the Chief of the DIS more difficult to appoint and replace in the event there is a disagreement between the Government and the President. But given the importance of this appointment, I think it is necessary to have this safeguard. The one clarification I have, though, is if the DIS chief is in the same line as the Chiefs of the Navy, Army and Air Force, this actually means that that person could potentially be a target in times of war. But if this person happens to be a civilian, then, is that really the intention of this Bill? That is a simple clarification. Of course, if the chief is going to be a military person, then, this is not an issue.

Mdm Deputy Speaker: Mr Gerald Giam.

3.51 pm

Mr Gerald Giam Yean Song (Aljunied): Mdm Deputy Speaker, in my speech today, I will be focusing on the amendments to the Singapore Armed Forces Act to establish a new Digital and Intelligence Service, or DIS. MINDEF plans to establish a DIS, which will be a fourth armed service, alongside the Army, Navy and Air Force. This is timely, given the growing importance of cyber warfare and cyber defence.

Cyber warfare involves attacks on critical infrastructure systems of an adversary. These could include "soft kills" that damage key operating software or hardware without kinetic action, such as through hacking. The objective is to weaken the target country by compromising its core systems. Cyber warfare takes many forms. Cyber attackers may conduct espionage using spear-phishing attacks to gain remote access to an adversary's computer to extract sensitive information. They may hack critical infrastructure like the electrical power grid, which will disrupt communications and even cause deaths if, say, life-supporting medical equipment is shut down. Or they may crash modern economic facilities like banks and payment systems. Propaganda attacks may be employed to control the hearts and minds of the people living in the targeted country or make them lose faith in their own country and sympathise with the enemy.

These are not hypothetical scenarios. They have been employed by nation-states for many years. With the digitalisation of almost everything, the cyber threat is increasing by the day. Up until recently, a war was usually fought by sending the air force to bomb the target nation's critical infrastructure and defence installations before any ground troops were sent in. In modern warfare, cyber attacks are likely to be one of the first modes of attack, because they can be employed so easily without any detection – the Gerasimov doctrine, which the Minister alluded to earlier in his speech.

The DIS aims to bolster SAF's capability to defend Singapore in the digital battlefield. With the establishment of the DIS, the other armed services must be careful not to develop a mindset that the DIS alone is responsible for all things digital in SAF.

In the commercial world, there is now much less distinction between tech companies and non-tech companies. The Fourth Industrial Revolution has forced all companies to become technology companies in some form or shape. Those that do not digitalise will find themselves losing customers to more digital-savvy competitors and may even go out of business.

Similarly, in the military realm, every armed service – the Army, Navy, Air Force and DIS – will need to use digital capabilities to keep ahead of our nation's potential adversaries. Digitalisation, cyber defence and cybersecurity cannot be left to the DIS alone to handle. Could the Minister share the broad parameters regarding which digital responsibilities fall under the purview of DIS and which do not?

The DIS will not be the first technology-focused agency to be set up within the Government. How will the role of DIS be different from that of the Cyber Security Agency (CSA) and the Home Team Science and Technology Agency (HTX) in countering cyber threats to Singapore? How will these agencies, together with the Government Technology Agency (GovTech), work together, so that knowledge and information is shared, where appropriate and duplication of work is avoided?

I hope DIS, CSA, HTX and GovTech plan to establish a common communication platform, so as to not only share information occasionally but actively work together on a regular basis to counter the cyber threats that Singapore faces. I note that a Digital Ops-Tech Centre will be established as a centre of excellence for SAF's digital expertise, partnering with the Defence Tech Community, whole-of-Government digital agencies, academia and the industry, to remain innovative in its approaches and culture. Could the Minister elaborate more on how this partnership will work in practice?

The DIS will likely have significant capabilities and powers to intrude in the private space of the functionaries of would-be adversaries. What protections are in place to make sure that such capabilities are not turned on citizens or abused? It is necessary in any developed democracy to put in place legal safeguards and channels for recourse to prevent the abuse of power by current and future governments. One form of oversight would be for MINDEF to provide confidential reports to a cross-party Parliamentary Select Committee for Defence, which can then scrutinise those reports and ask questions in a confidential setting.

I note that DIS will focus efforts to attract and develop both military and non-uniformed digital experts to grow SAF's digital workforce. Will the need for a high level of security clearance mean that DIS will hire only Singapore Citizens? Will DIS be engaging technology contractors to supplement their own manpower? If so, how will it ensure that the contractors and their employees, who may be reporting to foreign managers based in other countries, how will they ensure that they would not leak sensitive information?

Members will recall how Edward Snowden, who leaked highly classified information from the US National Security Agency (NSA), was not an NSA employee but a contractor with a consulting firm hired by the agency. The need for security clearance will naturally limit the pool of manpower available to DIS, in what is already a very competitive labour market for tech talent. This will make it a challenge to find sufficient local tech talent to join DIS. In fact, the introduction of the DIS could further draw talent away from the private sector, as many Singaporean tech workers are likely to be attracted to the pay, benefits and job stability that DIS has to offer.

In order to expand the pool of tech manpower, our Polytechnics and local Universities must urgently increase enrolment in IT and technology-related majors. This is a point I raised before in this House. More funding should be provided to our local institutions to achieve this. This will benefit the recruitment pipeline of both DIS and the private sector.

I am glad to know that NSFs and NSmen with tech talents will be leveraged to support the SAF's digital core. The Central Manpower Base should identify such talents early, even before enlistment, so that they can be drafted into the DIS during their full-time National Service and later during their Operationally-ready NS cycles.

Next, zero-day vulnerabilities are software or hardware bugs in systems that have yet to be discovered or patched by the developer or manufacturer. When governments or individuals discover these "zero-days", they can create software code to exploit the vulnerabilities, known as "zero-day exploits". Zero-day exploits can potentially enable their owner to access sensitive information in other computer systems or take control of those systems remotely, often undetected. One of the most well-known zero-day exploits is Stuxnet, a cyber operation that sabotaged Iranian nuclear centrifuges.

I would assume, but will not ask the Minister to confirm, that the role of DIS will include building capabilities to conduct offensive cyber operations. In the course of this, DIS may discover and stockpile zero-day vulnerabilities in operating systems that run critical infrastructure and the military networks of potential adversaries. It would be natural for DIS to want to keep the knowledge of these exploits secret, so that our potential adversaries do not patch their systems and DIS maintains its offensive capability.

However, there is an offence-defence trade-off between stockpiling zero-day exploits and helping other local Government agencies and private organisations patch these vulnerabilities so our own critical infrastructure does not get hacked by others.

In 2016, a group of hackers calling themselves the Shadow Brokers released a cache of top-secret cyber spying capabilities that likely belonged to NSA. Some of these included zero-day exploits, which could be used to exploit vulnerabilities in products produced by companies like CISCO, Juniper and Fortinet, that protect US companies and critical infrastructure. The existence of these zero-days raised questions about whether NSA should have told the vendors about these vulnerabilities, so that the vendors could patch them.

The US Government has a policy, whereby, any agency that wishes to keep a zero-day exploit has to argue their case through what is known as a Vulnerability Equities Process (VEP). The VEP comprises an Equities Review Board chaired by the National Security Council and attended by senior officials from agencies concerned with the security of critical infrastructure, like the Department of Homeland Security and Department of Commerce. This Board reportedly meets quite regularly.

The Singapore Government should consider developing a VEP process of its own for determining whether to retain or disclose vulnerabilities to vendors, so that our own critical infrastructure is protected from hacking attempts.

The last point I wish to raise concerns the potential for commercialising defence technologies to benefit Singapore. Many technologies that we use every day originated from military technology. The US Defense Advanced Research Projects Agency, or DARPA, invented TCP/IP, which is the plumbing that makes the Internet possible. The Global Positioning System, or GPS, was originally developed by the US Department of Defense and is now used in almost all our mobile phones. Israel is widely recognised as a "startup nation". Many of Israel's high-tech companies were founded by soldiers who completed their National Service in Unit 8200, the Intelligence Corps of the Israel Defense Forces.

In Singapore, we hardly hear of commercial technology or tech start-ups originating from the Defence Tech Community. I can understand why MINDEF would rather not share any defence technology discoveries publicly, because that may cause us to lose our edge over our adversaries.

With the establishment of the DIS, there is likely going to be billions of dollars from the public purse spent on developing digital capabilities within the SAF. There should be some scope for allowing some limited commercialisation of defence technologies that would benefit our nation, economy and society.

MINDEF should develop a framework for allowing some of these technologies to be commercialised without compromising national security. This framework should also have safeguards in place to ensure that commercialised products are not abused by private organisations or foreign governments for nefarious purposes, as this could have a negative effect on Singapore's international reputation.

The interaction between defence and commercial technologists could also spark ideas, innovations and discoveries within the DIS and the wider Defence Tech Community, and help the SAF improve its technological edge.

In summary, I support the creation of the DIS within the SAF but hope the Minister will consider the points I have raised.

First, the DIS must not operate in a silo. All armed services need to continually digitalise in order to maintain their edge on the battlefield. The DIS should work closely with other digital Government agencies to jointly counter the cyber threats that Singapore faces.

Second, the significant technological capabilities of the DIS must be balanced with adequate checks and balances, legal safeguards and oversight to prevent the abuse of power and violations of citizens' right to privacy, especially during peacetime.

Third, the establishment of the DIS will create a greater demand for local tech talent. Local higher education institutions must increase the intake of Singaporeans in IT-related majors to meet this demand.

Fourth, to safeguard Singapore's critical infrastructure from being hacked, the Government should consider implementing a Vulnerability Equities Process to decide whether to retain or disclose to vendors any vulnerabilities that its agencies, including the DIS, discover.

And fifth, MINDEF should develop a framework for allowing some defence technologies to be commercialised to benefit our nation, but without compromising national security or allowing the technologies to be abused.

Mdm Deputy Speaker: Order. I propose to take a break now. I suspend the Sitting and will take the Chair at 4.25 pm.

Sitting accordingly suspended

at 4.05 pm until 4.25 pm.

Sitting resumed at 4.25 pm.

[Deputy Speaker (Ms Jessica Tan Soon Neo) in the Chair]

Singapore Armed Forces and Other Matters Bill

Debate resumed.

4.25 pm

Mr Alex Yam (Marsiling-Yew Tee): Mdm Deputy Speaker, the move to establish the Digital and Intelligence Service (DIS) is timely. Warfare has moved away from conventional means as technology now pervades all aspects of our lives. As the Minister for Defence indicated in his opening, sovereignty is now being challenged, even in the digital sphere.

Over the last decade, threats to society have made their presence felt in the digital sphere – scams, organised crime, misinformation campaigns, cyber disruptions of critical services and transnational hacking.

The overall concept of cyber attacks is not new. These attacks seek to infiltrate and disrupt vital data services and systems, conduct sabotage, espionage or manipulation, resulting in damage to the state and even widespread casualty and loss of life if critical infrastructure is affected. The consequences of hybrid warfare are no less than those of physical conventional warfare.

Sophisticated and large-scale cyber warfare used to be something that we associated with the distant future. But as technology advances rapidly, societies and governments around the world have developed greater reliance on digital infrastructure and data storage capabilities. Naturally, this leads to higher stakes in the cyber domain when it comes to national security.

Today, we do not have to search our imagination to envisage the impact of extensive cyber warfare.

The war waged by Russia on Ukraine rages on, involving a hybrid of physical and cyber attacks. According to a report by Reuters, the day that the Russian forces invaded Ukraine, hackers crippled tens of thousands of satellite Internet modems in Ukraine and across Europe, resulting in a massive loss in communications. Following that, several important Ukrainian nuclear power companies, media firms and government entities were also compromised.

For many Singaporeans, the Ukraine crisis is a stark reminder that "we must never lose the ability to defend or look after ourselves" – to quote Minister Vivian Balakrishnan.

It is imperative that we maintain our security and stability through a strong, capable and credible SAF that includes building up our digital intelligence and defence capabilities.

This, of course, is not a new journey as we had introduced digital defence as a new sixth pillar of Total Defence in 2019.

But an organisation is only as good as the people it has. Therefore, I will focus my speech on the people in DIS, in particular, and in SAF in general.

I am heartened that recruitment and talent development efforts are underway for DIS. As I mentioned, people are at the heart of all organisations and we must spare no effort to nurture them. Certainly, it takes time to train up personnel to a certain level of competency.

I note that SAF intends to leverage both on NSFs, as well as our NSmen through the expansion of the Command, Control, Communications and Computers Expert (C4X) and Defence Cyber Expert (DCX) schemes. Selected NSFs will also undergo a work-and-learn scheme with NTU, where they can take up modules to earn academic credits, eventually, leading to a degree in data science and AI, computer science or computer engineering. In turn, they would serve four years of National Service.

I seek a few clarifications in this regard and related matters.

Can SAF define how these NSFs and NSmen will be selected for DIS? How does differentiated National Service models impact other arms of SAF? What is the current size of the initial core of our DIS and what is the plan and rate of ramping up?

Are there also plans to expand the scheme to other tertiary institutions that will offer relevant foundational courses beyond NTU? What efforts will be taken to retain suitable talent after National Service (NS) is up for our NSFs? Can SAF offer remuneration, benefits and a career that can rival some of our most sought-after tech companies?

How do we also ensure that our personnel involved would be highly security-conscious, who practise excellent cyber hygiene and do not flout secrecy laws?

We have had instances of information leaks even by experienced civil servants at the height of the COVID-19 pandemic. The damage to our national security would be very serious if this happens in the cybersecurity set up. So, candidates must be specially picked and trained so that they do not commit these errors.

In addition, because certain NSmen or NSFs will have particular access to sensitive data, will the Ministry consider a moratorium on them becoming employees of foreign governments or organisations when they leave DIS without prior permission from MINDEF?

There is also some misplaced concern that new vocations within DIS may be seen or regarded as a more comfortable vocation to serve NS obligations compared to the other services. This is a potentially damaging mindset to have as it would adversely affect the morale of our soldiers within the wider SAF. All NS vocations come with high amounts of responsibilities and stress, and should be respected and regarded seriously as such.

In addition, my view is that DIS offers an opportunity for women in Singapore to contribute towards our efforts for a strong digital core. The cybersecurity industry faces a talent crunch, and the Government has been investing in efforts to better involve women in the field. I consider DIS as an invaluable opportunity for women who are keen to join the field to develop their talents and passion, as well as to reduce the gender gap in the industry. Therefore, will women have the option to voluntarily serve NS under the scheme?

Mdm Deputy Speaker, cyber attacks and warfare that target social media and personal devices indicate that cybersecurity defence is not and cannot be the sole responsibility of the Government or SAF alone.

It has to be a whole-of-nation effort encompassing the relevant organisations, such as social media platforms, cybersecurity groups and also our citizens.

Every one of us has the personal responsibility to take necessary precautions against malware, and to educate ourselves against disinformation, online fraud and online security threats.

These impact not just us as individuals, but also other persons and organisations that we communicate with, given the high interconnectivity of devices.

Special attention must also be given to the less technology-literate among us, so that they will not be left behind in our national defence against cyber attacks.

Mdm Deputy Speaker, as we mark our national birthday this coming weekend, let us reaffirm our sacred commitment to the defence of our national and our affirmation of our shared responsibility to uphold unity, democracy, justice and equality. I therefore support this Bill to establish DIS and the related constitutional amendments.

Mdm Deputy Speaker: Mr Dennis Tan.

4.34 pm

Mr Dennis Tan Lip Fong (Hougang): Mdm Deputy Speaker, this Bill proposes amongst other things, to amend the SAF Act 1972 to establish a Digital and Intelligence Service (DIS) to be led by a new Chief of Digital and Intelligence Service, alongside other existing service Chiefs, make changes and enhance punishment in the SAF and to permit military manoeuvres being carried out in catchment areas under PUB.

Mdm Deputy Speaker, I support the establishment of DIS. I do seek some clarifications from the Minister regarding some details of the Bill.

Firstly, MINDEF has said that for the proposed DIS, SAF will grow the initial core of digital experts through recruitment in service conversions and professional partnerships with the wider digital ecosystem and that it will also be leveraging on NSF and NSmen personnel with tech talents.

May I ask the Minister, for a start, what is the proportion of servicemen which MINDEF expects to recruit from outside from MINDEF or SAF? What is the expected proportion of uniformed and non-uniformed staff? Will non-Singaporeans or PRs be allowed to serve in DIS? And, if so, what are the security safeguards in place to ensure national security?

Mdm Deputy Speaker, I would also like to ask Minister, what measures are in place to ensure that in carrying out its work to safeguard the security of our country, DIS will be bound by clear regulations governing the conduct of their investigations and other areas of their work, which will prevent any misuses of its investigation powers or resources, especially during peacetime?

I have full confidence in our Armed Forces and its personnel. Nevertheless, clearly spelt out regulations will ensure that all personnel will know the legal limits of their operational work and ensure surveillance investigation and other actions will be taken in full compliance with the law, including if the service is expected to work with other Government agencies,

Next, this Bill also introduces the concept of the composition of offences to the disciplinary regimes of SAF, the Civil Defence and the Police Force. May I ask the Minister, what is the thinking behind the introduction of the composition of offences? Why is this considered to be a positive enhancement of the disciplinary regime?

I recall from my experience in SAF some years ago as an NSman, as well as a unit disciplinary officer, that the conviction, pursuant to a summary trial, will be captured in the records of an errant serviceman and may possibly affect the performance assessment of such servicemen.

May I clarify with the Minister, under the proposed composition offences regime, will an offence, or the fact on an offence being compounded, be recorded in the disciplinary or the personnel records of an errant serviceman? And, if so, will this be a relevant factor, for the purposes of the assessment of the serviceman's performance and his promotion prospects?

On the other hand, if compounded offences are scrubbed from the personnel records, will the records not show an inaccurate picture of a serviceman's disciplinary records, with misdemeanours and commission of less, so-called "serious offences" not being reflected?

Next, may I also ask the Minister to elaborate a little on the guidelines for the independent disciplinary officers deciding on whether to allow the serviceman to compound the offence. For example, will a repeat of a similar offence by a serviceman disallow the independent disciplinary officer to compound the offence again?

I note that this Bill is enhancing the existing maximum punishments under the SAF Act, which can be awarded for certain offences, as well as by the relevant officers assigned to officiate summary trials.

Clauses 12 to 7 increase the current fine amounts that may be awarded in a summary trial by a disciplinary officer or a senior disciplinary committee. Besides the reasons given by the hon Minister in his speech for the enhancement of the punishment under the SAF Act, may I also ask the Minister whether there has been a significant or proportionate increase in summary trials and our convictions at summary trials in the last five or 10 years. And, if so, whether this plays a part in the Government deciding to enhance the punishments? Can the Minister share with the House, the number of summary trials carried out each year in the past five years?

The last point I would like to raise relates to clause 37 of the Bill which proposes to amend section 7 of the Military Manoeuvres Act to permit the SAF to carry out military manoeuvres in catchment areas with the approval of PUB.

While military action can occur across any geographic feature and training has to be as realistic as possible, the impact of military equipment could well be damaging and polluting to the waterways and its surroundings.

I would like to know, besides approval, what oversight of the military exercises will PUB have? Does PUB have complete say in its pre-exercise or pre-training assessment of the environmental impact of the proposed SAF training? Does PUB have a continuing duty to supervise the training being carried out on the ground, so that PUB is able to ensure that the actual environmental impact of any SAF training in any of its public reservoirs or waterways is minimised? If not, can PUB be given such a power to supervise the actual use of its lands and waterways by the SAF?

Mdm Deputy Speaker: Mr Desmond Choo.

4.40 pm

Mr Desmond Choo (Tampines): Mdm Deputy Speaker, I rise in support of the Bill. The establishment of the Digital and Intelligence Service (DIS) as SAF's fourth standalone arm is timely. But this is also not new to SAF. Over the past decade, MINDEF and SAF have built up what is known as the SAF C4I Community – Command, Control, Communications, Computers and Intelligence – along with the establishment of the Defence Cyber Organisation (DCO) in 2017. The Bill will allow SAF to develop and scale up its operational capabilities to respond to modern welfare.

I will speak on three key areas: the importance of DIS, ways to expand the manpower catchment pool for DIS and the projected scale and size of the outfit.

Mdm Deputy Speaker, the security threats we now face are no longer limited to the traditional battlefield. For example, Artificial Intelligence (AI) has been weaponised; the use of cyber warfare has increased over the years. We can either scale up and incorporate advanced technologies in our Armed Forces, or increasingly falter behind other countries. In addition, DIS can, and must, leverage new technological capabilities to make up for our manpower constraints. The number of NSmen is projected to fall in the next decade. DIS can make up for manpower constraints by integrating and expanding our capabilities in the virtual terrain.

Talent pool is critical for any tech outfit to succeed. I would like to offer three suggestions for the Ministry to consider.

First, on grappling with the war on tech talent in Singapore and, in fact, globally. Competition for tech talent in Singapore will continue to be heated with firms aggressively raising wages and other benefits. For example, surveys have surfaced that Big Tech firms, such as Amazon Web Services, Meta, Apple and Google, are dangling some of the highest salaries in the market. These salaries are pegged up to 56.5% more than the market median, according to a latest survey. Other top talents command even higher salaries and that is straight from school.

A key difference between working for DIS and private companies is undoubtedly the mission in serving the nation. Yet, wages are a hygiene factor that we must address. Can the Ministry share its plans to effectively attract top talent, considering the intense competition from Big Tech firms and startups? How do we also attract Singaporean talent currently working overseas?

Second, on improving youth inflow to DIS. Digital natives are clearly the future backbone of DIS. In some countries, many 18 to 21-year-olds are selected to join military and intelligence services even while in school. Preparatory programmes are offered to them to develop their skills and also pique their interest in serving the nation in the longer run.

We could explore the possibility of developing such feeder programmes for our youths. I believe this would suitably complement the top-tier scholarships for digital and intelligence talents for which the Ministry has already planned.

Next, on career conversions within SAF. As service in the DIS may not be as physically demanding as compared to the existing tri-services of SAF, joining DIS may be a tenable pathway for mid-career SAF servicemen or Singaporeans. Would the Ministry to consider structuring a pathway for mid-career conversions? What are the plans to help mid-career servicemen and women to similarly be trained and transit to DIS?

Many countries are already ahead of us in formalising a cyber warfare force in addition to their tri-services. Examples of these include Norway's Cyber Defence Force, founded in 2012, and the United States Cyber Command, founded in 2010.

While the SAF's C4I Community has been the backbone of the SAF's digital intelligence services over the past decade, the formal establishment of DIS will enable us to scale up our digital capabilities efficiently and effectively. Could the Ministry share the intended scale of DIS in terms of manpower? Is it also envisioned for DIS to partner with GovTech and other related Government tech agencies as part of the whole-of-Government digital security infrastructure roadmap?

Could the Ministry also share how DIS will strive to keep its knowledge current and cutting-edge, tapping on partnership with the private sector?

Mdm Deputy Speaker, notwithstanding my clarifications and suggestions, I reiterate my support of the Bill. The DIS will ensure that our nation is well-equipped to adapt and conquer the evolving face of modern warfare. It is also, perhaps, the most significant stride thus far towards building a truly future-proof Next Gen SAF.

Next week, as other Members in this House have also recognised, Singapore will be celebrating our 57th birthday. The sovereignty we enjoy today did not come easy and we must never take the peace we enjoy today for granted. Ultimately, the success of SAF's mission to safeguard our nation's sovereignty is dependent on the commitment of our servicemen and servicewomen. Mdm Deputy Speaker, I support the Bill.

Mdm Deputy Speaker: Mr Louis Ng.

4.45 pm

Mr Louis Ng Kok Kwang (Nee Soon): Madam, Singapore must guard against cyber attacks and the creation of DIS is an important move in the right direction.

I have four areas of clarification for this Bill.

My first clarification is on the possible intrusion of DIS' activities on civilian life. DIS has been given a broad remit to tackle cyber threats. Its work will reportedly include cyber incidents response, network monitoring, vulnerability assessment and penetration testing. Because its powers are so extensive, there will be concerns that, in its mission to defend Singapore's national security, DIS may track the lives and activities of average Singaporeans, even when there is no clear and significant security purpose.

Can the Minister share what checks are in place to ensure that DIS' extensive powers are not misused? How will the Ministry and DIS draw the line between reasonable counterintelligence and excessive surveillance?

My second area of clarification is on the composition of offences. Compounding an offence is significant because it means that no further criminal proceedings will be brought against an accused upon payment of a composition sum. In this Bill, the new section 79A allows certain offences to be compounded, similar to the Criminal Procedure Code (CPC).

I have several questions arising from a comparison of this Bill and the CPC.

First, this Bill does not provide for the compounding of the abetment of, conspiracy to commit and attempt to commit a compoundable offence, even though the CPC does. Can the Minister clarify if the schedule to the SAF Act will clarify if such offences may be compounded?

Second, this Bill does not state that a composition has the effect of an acquittal, even though the CPC does. Can the Minister clarify if a composition under the SAF Act will either be a "discharge amounting to an acquittal" or a "discharge not amounting to an acquittal"?

If a composition will have the effect of a "discharge not amounting to an acquittal", can the Minister clarify whether a composition for a military offence will be considered an antecedent for: first, future military offences and second, civil offences?

Third, section 243(1) of the CPC provides that a person authorised under any Act aside from the Penal Code to compound offences must exercise the power of composition subject to the general or special directions of the Public Prosecutor.

Can the Minister clarify if the Public Prosecutor will provide directions for how authorised composition officers should exercise their composition powers? Will every composition decision be subject to the review and authorisation of the Public Prosecutor?

My third clarification is on the increased penalties for offences.

The amended section 118 will triple the maximum amount of its fine. Can the Minister share how it arrived at this significant increase? Were the fines benchmarked against punishments provided under other pieces of legislation? Can the Minister also share whether clear sentencing guidelines will be set by the military court to address the transition from the previous ranges for fines to the updated ranges? This is essential, given that the previous sentencing precedents will no longer provide a useful guide on the likely quantum of fines.

My final clarification is on the limitation period. The Bill amends section 111 to provide that the limitation period of three years, where there are Police investigations or civil proceedings involved, only commences at the end of those processes or of the sentence of imprisonment, detention or reformative training.

Military courts do, of course, benefit from waiting for the conclusion of civil proceedings and sentences. But we have to balance this against the experience of the accused, who face the prospect of a military trial hanging over their heads for many years.

Police investigations and civil proceedings can take years to complete. Sentences of imprisonment, detention or training can take years to complete.

Taken together, the accused may have to wait for years, even decades, before their limitation period starts counting down. Can the Minister share if there are specific cases that have prompted such a significant amendment? For instance, were there cases where the three-year limitation period expired while civil proceedings were still ongoing and it negatively affected the conduct of military proceedings?

Relatedly, can the Minister share if the military court will also consider the impact of the preceding civil proceedings and any sentences served by the accused for related civil offences when imposing a sentence for the military offences?

Notwithstanding these clarifications, I stand in support of the Bill.

Mdm Deputy Speaker: Mr Zhulkarnain.

4.50 pm

Mr Zhulkarnain Abdul Rahim (Chua Chu Kang): Mdm Deputy Speaker, I rise in support of this Bill and the establishment of Digital and Intelligence Service (DIS) of the SAF.

Today's battleground is shaped not only by kinetic weapons of war, but by a potent blend of data, technology and innovation that forms our digital world.

In this age of increased information warfare and information-enabled warfare, the way these advances are deployed will be pivotal in achieving a competitive advantage over adversaries. In an interview, Major-General Robin Anderton-Brown, a director at UK Strategic Command in the UK Ministry of Defence stated: "The term 'domain' in a military sense reflects the fact we traditionally considered Defence in terms of the environmental domains of maritime, land and air, but now there is the growing importance of space – a domain in its own right – as well as the virtual domain of cyber, which affects not just Defence but the whole of society."

Other jurisdictions have had similar services. In the US, its Army Cyber Command integrates and conducts cyberspace operations, electromagnetic warfare, and information operations, to ensure dominance in the cyber domain and information warfare. The UK established its National Cyber Force (NCF), which is a partnership between defence and intelligence in 2020. There is, hence, a need for MINDEF to take the lead here. In Malay, please.

(In Malay): [Please refer to Vernacular Speech.] Fake news or misinformation and disinformation have been used as weapons during peacetime to de-stabilise a country. We have seen examples, through online campaigns, where terrorist organisations, such as ISIS, recruits and mobilises their members to carry out attacks.

We have also seen the presence of foreign influence in the 2016 United States presidential elections.

In times of war, the battlefield is not just about conventional warfare, but we also need to strengthen defence in cyberspace. This is due to cyber attacks and hackings of key institutions with sensitive information. Besides cyber attacks, information operations should also be addressed collectively. An example is the current Russia-Ukraine conflict, where there has been the deployment of information warfare comprising disinformation campaigns and false-flag videos that aim to deceive the public. These were harnessed to influence public opinion and manipulate information to undermine Ukrainian sovereignty and break their defensive spirit.

Therefore, when faced with such scenarios, we need MINDEF and the SAF to spearhead our information defence in both wartime and peacetime. This important role should not just be within the purview of MHA or MCI. Therefore, this Bill will establish a Digital and Intelligence Service in the SAF, which will play a crucial and critical role in strengthening our information defence especially in the ever-changing battlefield.

(In English): I would like to raise three areas of concern.

Firstly, we need to attract the best of talents, but at the same time be selective and protective in the process. In a tight labour market, SAF needs to attract the best talents for our DIS and groom the expertise. To cite an example, in 2015, the Pentagon launched the Defense Digital Service office (DDS). Brett Goldstein, the Director of DDS, described his team of technologists, which come from various public/private-sector backgrounds and which includes engineers, designers and developers, as a "SWAT team of nerds" to show the diverse and deep levels of expertise at hand.

MINDEF has announced that it will establish a Digital Ops-Tech Centre (DOTC) and a Centre of Excellence for Cyber Range (CCR) to stimulate capability development of SAF in the digital and cyber frontier. I humbly propose that SAF can consider specific scholarships in key areas and expertise to attract, groom and train in specialised fields local talents for DIS.

Would SAF consider recruiting from private-sector expertise and if so, will this be on contractual basis? For example, in the US DDS, although scope is not similar, the team is recruited on a two-year limited appointment to focus on a specific mission; after which they return to the private sector or the academia.

However, we have to balance this with how SAF protects the sensitivity of information and screening of recruits. To illustrate this, Dickson Yeo was a Singaporean academic who was arrested by US authorities for being an illegal agent of Chinese intelligence. Yeo's former PhD supervisor in LKY School of Public Policy was Chinese US citizen Huang Jing, who was expelled and identified by MHA as an "agent of influence of a foreign country". This underscores the importance of screening and protection, especially in the fields of cybersecurity, information and intelligence.

Secondly, we need to build capability and cooperation across and within jurisdictions on a whole-of-Government approach. Within Singapore, DIS has to work on this collectively with other Governmental agencies. For instance, in the UK, the National Cyber Force (NCF) is part of the UK Ministry of Defence, the Defence Science and Technology Laboratory, the Secret Intelligence Service and the Government Communications Headquarters. Similarly, SAF's new DIS cannot operate in silo and has to integrate into the whole-of-nation approach to combating the growing digital and information threats now and in the future.

Hence, I propose that our DIS officers should have exposure and experience of operations across all SAF services and perhaps, key DIS officers should also have experience and exposure within the various relevant agencies within MHA or MCI.

Across jurisdictions, it is important to have an updated exchange of ideas and innovation in the industry so that the latest of ideas and best-of-class technology can be deployed within DIS.

In this regard, I welcome the announcement that SAF's CCR will host bilateral and multilateral exercises, bringing together "militaries, industries, and academia" to facilitate information exchange.

Digital defence cannot be done on our own. Would there be efforts to formulate a joint comprehensive defence framework for the region? How will such bilateral or multilateral digital defence take shape in the light of certain geopolitical tension or relations? I hope to hear more plans on this from the Minister.

My third and last concern is this. We cannot just focus on defence per se, but it is important for us to also build up pre-emptive strike capability. I cite two examples from the UK and the US.

In the explainer published during the establishment of the UK National Cyber Force (NCF), part of the stated objective of the UK NCF was that it "is responsible for operating in and through cyberspace to disrupt, deny, degrade and contest those who would do harm to the UK and its allies".

The US Army Cyber Command's mission is to "integrate and conduct cyberspace operations, electromagnetic warfare and information operations, ensuring decision dominance and freedom of action for friendly forces in and through the cyber domain and the information dimension, while denying the same to their adversaries".

Both the stated missions of the UK NCF and US Army Cyber Command can be read to include not just defence, but strike capabilities.

It is vital that that MINDEF and SAF develop strong capabilities to detect and defend against similar threats. It is also critical not just to prevent such threats, but also, to build up offensive or strike capability and intelligence network, as a deterrence to those who want to do us harm. Such has been our Defence philosophy. There is, hence, an important need to ensure that sufficient budget and resources are allocated for our DIS of SAF in this regard.

In our history, we have not been immune to such disinformation attacks during peace or war time.

During the Japanese invasion of Malaya and Singapore in World War II, propaganda leaflets were airdropped onto the population. They contained messages of demoralisation, encouraging surrender. These leaflets were frequently dropped towards the end of the war and they were varied, depending on the target audiences, and in different languages.

In conclusion, we need to treat the defence of information and intelligence as a key part of the defence of our nation. This Bill sends a message to potential attackers and provocateurs that they cannot break our body nor our spirit without a fight. It is apt that in the month of celebrating our nation's 57th year of independence, we table this Bill to further enhance the protection and defence of our nation. Mdm Deputy Speaker, I stand in support of the Bills.

Mdm Deputy Speaker: Mr Don Wee.

5.00 pm

Mr Don Wee (Chua Chu Kang): Mdm Deputy Speaker, as the world becomes increasingly reliant on digital technology in almost every aspect of life, the impact of attacks in cyberspace is magnified manifold in our physical world. Warfare is no longer limited to land, sea and air. For example, by disrupting electricity and communications systems via online attacks, enemy forces can substantially weaken a nation's defence before launching a physical invasion.

Hence, I fully support the establishment of the DIS to boost our SAF's capability to defend Singapore.

So far, MINDEF has been running our military cyber defence and intelligence teams in the absence of a specific service branch. MINDEF already has its Command, Control, Communications, Computers and Intelligence (C4I) Community and the Defence Cyber Organisation, which coordinates cybersecurity across the defence sector.

Such an arrangement is quite similar to those in many other countries, such as the United States, Canada, France, the United Kingdom, Australia, Israel and South Korea. In these countries, the defence ministries manage cyber defence and military intelligence departments without creating another distinct service branch.

An exception is Germany, which set up its Cyber and Information Domain Service branch to take command of its cyber, IT, military intelligence, geoinformation and operative communication units.

Would the Minister share, with the House, the Ministry's considerations in creating a separate service branch? Why is this necessary and what are the specific advantages of doing so?

One of my greatest concerns is that our resources, in terms of both manpower and finances, are limited.

Our resident total fertility rate (TFR) of 1.1 remains substantially below the replacement rate of 2.1. We are a rapidly ageing society. National defence is not a sector which we can easily augment with foreign manpower or talents. In this shrinking pool of human resources, how will MINDEF ensure that we will be able to recruit and retain the necessary talents to join DIS?

With a sharp shortage of talent in the IT sector, not just in Singapore but all over the world, what strategies does MINDEF have to beat the competition, particularly the private sector, and hire the right talent to join this service?

The situation is acute as we can only hire Singaporeans who embrace these three hallowed words – duty, honour and country. They must see the big picture and understand the importance of defending our way of life, with a strong sense of mission and commitment.

In addition, how will the Ministry ensure that the formation of the fourth service will not compromise the defence capabilities of our three existing services? Mdm Deputy Speaker, in Mandarin.

(In Mandarin): [Please refer to Vernacular Speech.] I would like to ask the Minister if he could elaborate on whether and how the DIS will build our capability in information warfare, like what an European country had conducted against Ukraine in early 2022?

Such information campaigns are conducted on various platforms online, capitalising, especially, on the wide-ranging effect of social media. The concoctions of mashed-up news and fake news using different channels are spread widely and instantaneously. They seek to influence national and global opinions, to shape policies and developments of political agendas.

Such information operations are becoming increasingly more complex and sophisticated. How will we ensure that the hearts and minds of our Singaporeans will be protected against such malicious and nebulous influences? We need communications talent as well to help build the immune system of our psychological defence and to conduct information warfare, when necessary, against hostile state and non-state actors.

(In English): Madam, we celebrate our 57th National Day next week. This will be the last year where we will see demonstrations of the capabilities of only three SAF services. I look forward to seeing how the DIS will share with Singaporeans some of its capabilities at our 58th National Day celebrations next year.

Mdm Deputy Speaker: Mr Shawn Huang.

5.05 pm

Mr Shawn Huang Wei Zhong (Jurong): Mdm Deputy Speaker, the world is more connected today, an outcome of technological advancements, rapid digitalisation and the proliferation of mobile devices spurred by more affordable mobile devices.

We are experiencing an avalanche of innovation, opportunity and progress. For example, today's smartphones are a million times more powerful than the Apollo 11 guidance systems, and a thousand times faster than the Cray-2 supercomputers in the mid-1980s.

There were two billion people online in 2015. Today, over five billion people, or 63% of the world, are connected to the Internet.

The growing dependency on digital systems over the last 20 years has fundamentally changed how societies function, how communities interact and how individuals respond – everything from how we purchase our groceries, travel and play.

Last year, there were over 12 billion IoT active endpoints that manage many critical services and infrastructure, ranging from manufacturing and healthcare to e-commerce. The number of IOTs will double by 2025 to over 24 billion, of which 70% of IoTs contain vulnerabilities that can be exploited.

According to the World Economic Forum, cybersecurity measures in place by businesses, governments and individuals today are increasingly made obsolete by the growing sophistication of cyber capabilities. The global risk report states a 435% increase in ransomware in 2020.

A case in point would be the Colonial Pipeline ransomware attack, which impacted the computerised system managing the pipeline and forced the company to shut down operations to contain the attack. This pipeline carries gasoline, diesel and jet fuel from Texas to as far as New York and delivers about 45% of all energy consumed on the east coast.

Eventually, the company paid the ransom of 75 bitcoin, or US$4.4 million back then, after which, an IT tool was given to them to restore the system.

This event triggered an emergency declaration for 17 states, including Washington DC, to keep the fuel lines open.

This attack could have happened in Singapore, especially for our critical infrastructure, such as our oil refineries and port and air services.

May I ask the Minister for Defence, as part of the build-up of the fourth service, what are the priorities and areas of focus for the next three years, and how will this focus shift in the medium term? How differently will we safeguard our critical infrastructure with DIS?

As digitalisation continues to accelerate and remote working capabilities expand into homes due to the pandemic, companies have increased their digital reach and footprint in homes. Workers today have acquired more digital capabilities to work and operate remotely. With this, every organisation now has a greater variety of connected devices with little protection against a cyber attack.

When well-coordinated, other threats, such as deepfakes and disinformation for hire, can cause disruption and deepen the mistrust among societies, businesses and governments.

For example, deepfakes have been used to clone voices to authorise the transfer of monies to fraudulent accounts. In other scenarios, it can influence outcomes and views.

The digital and intelligence operating domain is vastly different from traditional domains. The spectrum of the intensity of the conflict, the target sets, which include private and public infrastructure, as well as its potential impact, it is dynamic and difficult to attribute. The notions of force and violence will also be less apparent in the digital domain.

This is a difficult operating landscape and will need a flexible, highly adaptable force that has strong partnerships and networks to be effective.

May I ask the Minister for Defence how will DIS define the state of war in the digital domain? How will the state of victory and defeat be defined in the digital domain? Similar to the other three services, how does DIS project deterrence in this domain?

As we look deep within the core of the mission of DIS, future capabilities, such as quantum computing, can cause disruptions and inflexions to the security landscape. Quantum computing is one of those threats that can break existing encryption keys and pose immense security risks to critical data. The public key encryption is still uncrackable when using very long key pairs with 2,048- or 4,096-bit keys. An advanced quantum computer could crack the code in over a few hours.

However, the development of advanced quantum computers today will still require 100,000 times more processing power, with a 100 times improved error rate to be viable. This may be over-the-horizon, but we must continue to invest and be ready to guard against these threats as they emerge.

Looking closer to our current state today, an attacker's pathway takes an average of two days to penetrate the company's internal computer systems. Check Point research reported that there were 50% more attack attempts per week on corporate networks in 2021 than 2020. These attempts were predominantly on education and research organisations, followed by Government, military and communications.

Today, it will take an average of 212 days to identify the breach and another 75 days to contain it.

The total cost? US$3.86 million for the attack.

This offensive threat landscape is coupled with an employment gap of over three million cybersecurity professionals worldwide. There is a dearth of talent with the requisite technical skills. As such, the job industry has a high turnover and retaining talent is increasingly difficult, as there are bountiful opportunities to progress.

I would like to ask the Minister for Defence how will the DIS plan to recruit, train and retain these talents and if the overall compensation of the skilled personnel will be competitive with the industry to ensure a favourable retention rate within the service.

There is much to reflect on as we think of the city of Troy and the Trojan horse, the 300 Spartans and the betrayal at the battle of Thermopylae, and the story of Dune between the Harkonnens and the Atreides.

The world has fundamentally changed. Hence, we must change and evolve how we fight and defend ourselves. Like how the US Air Force was formed from the US Army Air Corps, and the US Space Force from the US Air Force, we need a service that can protect our sovereignty in our digital domain. Mdm Deputy Speaker, I support the Bill.

Mdm Deputy Speaker: Mr Sharael Taha.

5.13 pm

Mr Sharael Taha (Pasir Ris-Punggol): Thank you, Mdm Deputy Speaker.

In a week's time, we will celebrate our National Day and we will also celebrate our 55th year of National Service. Mdm Deputy Speaker, before I begin, I would like to thank all our NSFs, NSMen and all our Servicemen and women, past and present, for protecting our country and safeguarding our sovereignty.

Our Singapore Armed Forces have always protected us from all threats – land, air and sea – and have always evolved to take on any new threats.

The security threat confronting Singapore today is multifaceted and ever-changing. This is increasingly evident when we consider countries and non-state entities capable of launching attacks across both physical and digital spheres.

The current war in Ukraine, for example, has shown that Ukraine had been under cyber attacks since 2014 and these intensified just prior to the war in February this year.

Cyber attacks targeting a country is nothing new. In 2007, a series of cyber attacks targeted Estonian organisations, including its parliament, ministries, banks and newspapers. The online services of Estonian banks and media outlets were taken down by unprecedented levels of internet traffic. Massive waves of spam were sent by botnets and huge amounts of automated online requests swamped servers.

Just this year, malwares, such as Pipedream and Incontroller, can target ICS and SCADA systems in industries, and can seize control and take down critical infrastructure. Hence, I understand the pressing need to develop our defence capabilities to tackle attacks from the digital sphere. However, I do have several clarifications to make.

Firstly, let us take a look at the structure, scope and capability of our Digital and Intelligence Service (DIS). This Bill will enable the addition of our fourth service – the Digital and Intelligence Service (DIS), led by the Chief of DIS, and reporting to the Chief of Defence Force. DIS will include having a Digital Ops-Tech Centre and Centre of Excellence for Cyber Range. As announced in the Budget this year, DIS will be responsible for intelligence, cyber and psychological defence, as well as advancing the SAF as a networked force.

Given that attacks can originate from countries and non-state entities from across the globe, how does this align with the role of the Cyber Security Agency (CSA)? Do they have overlapping roles? With CSA reporting under a different Ministry, how can we ensure that both agencies complement each other and become our force multipliers?

For example, for threats, such as Pipedream and Incontroller, which can seize control of critical infrastructure in Singapore, how will both agencies collaborate across Ministries to provide the best defensive outcome for Singapore, without hindering the operations of each other?

Given our scarce resource of talent in this very specialised field, how can we ensure that we efficiently use the limited pool that we have for the best effective outcome, for the security of Singapore?

On DIS' capabilities, how can we ensure we are constantly seeking cutting edge capabilities and continuously evolve to tackle the ever-changing threats to safeguard our country?

Beyond cyber defence, our DIS must also have capabilities to strive to protect our assets in the digital space. How will we define the new rules of engagement in this digital sphere? Can, or should, DIS operate independently of the other three arms? And does DIS have some degree of autonomy to deal with cybersecurity threats from any source, state or non-state, quickly and expeditiously to neutralise the threat, without the knowledge of the other arms of SAF?

Part of deterrence is also showcasing our capability and posturing. How do we intend to showcase the capability of our fourth service as a deterrent measure?

Secondly, on manpower and talent required, what will be the estimated headcount size of our fourth service? In a recent Business Times' article on 7 July, it was reported that Singapore will add at least 20,000 digital jobs in the already heated labour market. In March 2022, there were 128,100 job vacancies and the ratio of job vacancies to unemployed people is 2.42, the highest since 1998.

Currently, it is already challenging to find Singaporean digital talents for the private industry. Setting up DIS will inevitably place additional demand on an already strained labour market. Hence, how can we man this fourth service with the right Singaporean digital talents?

To meet the needs of our industries, we can develop our local workforce with digital skills and complement them with global talents. However, we must keep in mind that for DIS, as is the case with our other three services, our personnel must be Singaporean, as their work deals with national security and interests.

While I acknowledge MINDEF's proposal of developing our SAF digital workforce by expanding the C4X and DCX digital schemes and attracting mid-career talents, providing flexible contract options and leveraging on NSmen, this shortage of local manpower with the right skillset may require a larger effort than a single Ministry.

Collectively, in Singapore, we cannot just move the local digital talents from one industry to another. Instead, we have to grow a larger pool of local talents to tap on, especially in context of our national defence. This will require a whole-of-Government approach over the next few years as we rapidly build our national cyber defence posture and digital capabilities.

To meet the short-term ramp-up phase, beyond attempting to attract individual mid-career talents, can we also consider mass career conversion programmes from other industries or even consider upskilling or retraining some of our NSF or NSmen units and redeploying them to DIS, so that we can gather the critical mass required for DIS to be effective quickly?

Alternatively, we can also consider having a scheme where NSmen who have completed their ORNS cycle continue to volunteer and support DIS. The Work-Learn Schemes where Digital Specialists can earn academic credits from Nanyang Technological University (NTU) that contribute to a degree in Data Science and AI, Computer Science or Computer Engineering is a very good idea for our NSFs. Can we expand that idea to also include opportunities for our higher Nitec graduates to acquire skills and gain academic credits for their future diplomas too?

And as we solve the short-term ramp-up needs of DIS and our industries, do we need to readjust the long-term supply of digital and tech talents graduating from our institutes of higher learning (IHLs)? What proportion of the future forecasted demand for these talents will be met by our local IHLs? For instance, should we be looking into increasing our cohort sizes for the digital and tech courses in IHLs to meet the long-term demand?

Thirdly, on cost. Will the addition of the fourth service increase our financial expenditure on defence or will the cost be contained within our current defence budget, which then implies that the other three services take a budget cut? If it is additional expenditure, what is the expected percentage increase in our defence budget? While we keep an eye on costs, it is also important for us to build the right capability to defend Singapore. Mdm Deputy Speaker, in Malay, please.

(In Malay): [Please refer to Vernacular Speech.] Singapore is now facing various security threats. These range from terrorism to cyber attacks which all have the potential to cripple our nation. The ongoing conflict in Ukraine is a stark reminder to take national security issues very seriously and to safeguard Singapore's security physically, as well as in cyberspace.

Hence, it is important for us to form the fourth service of the SAF; that is, the Digital and Intelligence Service to address new security threats.

However, it is important to delineate the responsibilities of the DIS and the Cyber Security Agency (CSA) to ensure that their responsibilities do not overlap. Instead, there should be inter-ministry cooperation to synergise the efforts of both organisations, in order to attain the most optimal outcome for Singapore's defence.

We must also look into upgrading the digital skills of our very own workforce because we cannot afford to depend on overseas talent to circumvent the shortage of manpower in Singapore itself. Personnel deployed in this fourth service must be loyal and true to Singapore, as their task involves our nation’s security and interests.This must be seen as an opportunity for us to contribute towards our nation’s safety and defence.

We should also be mindful of the costs of setting up DIS. This new service will need specialised resources. We should remain prudent with our expenditure, without compromising on the efficiency and effectiveness of national security.

(In English): In conclusion, Mdm Deputy Speaker, as the range of threats we face become multifaceted and more complex, it indeed important to consider how we can best develop our defensive capabilities as a nation. We need to consider how best to do this given our present capabilities, resources and manpower challenges. Recent world events have highlighted the urgency in which this has to be done. Notwithstanding the above clarifications, Mdm Deputy Speaker, I support the Bill.

Mdm Deputy Speaker: Mr Henry Kwek.

5.24 pm

Mr Kwek Hian Chuan Henry (Kebun Baru): Mdm Deputy Speaker, I stand in support of both Bills being debated today.

Over the last two decades, cyber warfare has been waged openly between the major powers, and increasingly undertaken by middle powers too. Iran and North Korea are frequently mentioned in the international media, but they are not the only ones.

The bigger concern is that the increased frequency and sophistication of the attacks are happening. We are seeing more and more use of zero-day exploits being unleashed on IT systems globally. By zero-day exploits, it means vulnerabilities that not even the authors of the software are aware of, which means IT users can expect limited protection from.

It is useful for us to know how the world get to where it is – a cyberspace dominated by the law of the jungle. And how did IT, which has revolutionised humanity, get weaponised? And did how this cutting-edge expertise get proliferated? Sadly, the story is similar to that of nuclear weapon proliferation.

For many decades, the US, as the birthplace of IT, started as the dominant and sole superpower of cybersecurity. In 2006, the Stuxnet attack woke many countries up to the dangers of cyber attacks. After Stuxnet, countries realise that most civilian infrastructure can get compromised through hacks in industrial automation systems.

Some countries and groups started building up sophisticated capabilities. As early as December 2009, there were reports of coordinated attacks against IT giants like Google, aimed at not just compromising individual systems, but also went after core IP, such as the source codes and proprietary designs. Another example, in August 2012, Saudi Aramco, the world's richest company, had 30,000 of its computers demolished by malware. All data were wiped out and replaced with photographs of burning American flag.

A much larger wave of proliferation happened around half a decade ago. In August 2016, a group called The Shadow Brokers publicly claimed that they have hacked into the vault of NSA and stolen a large arsenal of NSA's zero-day exploits. And in April 2017, The Shadow Brokers then shared some of the most powerful codes to the public.

The world, since then, saw more waves of large-scale and sophisticated cyber attacks using tools that were supposedly leaked. How does these change the world?

Some of the most sophisticated code is now available to groups and nation states. And because the Internet respects no boundaries, the rest of the world is at risk. For example, Ukraine was the initial nexus of the NotPetya attack in 2014. The attack started through a software update from an Ukrainian tax filing software company. It quickly jumped onto Ukraine's ministry of health to Chernobyl's radiation monitors, and then to the rest of the world. Within months, analysts conservatively estimate that the cost of the attack to be more than US$10 billion. Some global insurers even chose not to pay off the damages as they claim that this damage, even for companies outside of Ukraine, was due to an act of war.

This changing battlefield affects us, for we have unique vulnerabilities. The obvious scenario facing SAF is a formal cyber attack as part of hostile military actions.

Consider this. Our next generation's SAF pushes C4I to a whole new level. We will fuse battlefield intelligence from all services, from near and far, from all parts of the battlefield, to determine the right course of action and get the right assets to respond. C4I is at the heart of this coordination.

If our C4I network or military equipment is fully compromised, then a significant amount of SAF's capability could be shut down, even for a short time.

But another kind of serious threats that Singapore must be ever ready for, is for global cyber attacks not aimed at Singapore but, nevertheless, spillover through our borders, given that Singapore is the telecommunications, digital, financial and business hub of the region.

Singapore has fully gone digital. I am not just talking about digital banking or enterprise software. Our hardware infrastructure, like the rest of the modern countries, rely on industrial automation. We are embracing IoT with a multitude of sensors to manage our city-state. In fact, our value proposition to the world can be summed up by three words: trust, connectivity and knowledge. And all these three pillars can be undermined by cybersecurity threats.

Beyond attacks on our economy, our society is also vulnerable. It is entirely possible that Singapore could come under constant attacks from nations with strong cyber capabilities that seek to destabilise our media, civic institutions, or even our political system. If the US Senate Intelligence Committee could conclude in 2019 that US democracy was hacked, what makes us think that a small country like Singapore would be spared of ill intentions?

And while we have natural vulnerabilities, we must also be cognisant that we are a net importer of IT capabilities and talent, and this makes it harder for us to keep us safe. I would like to just highlight two areas of intense shortage of skills.

There is an acute shortage of top-notch AI talent here, which is a concern as IT will increasingly power cybersecurity. Sometime ago, I had dinner with a top AI expert in Singapore. He shared with me how, within a few years, the top companies headhunted away the bulk of the teaching staff of AI at Carnegie Mellon University, which is one of the largest and best IT institutions in the US.

Indeed, if even the US is short of top-notch IT talents, it is not surprising that Singapore would be short too.

Singapore also lacks sufficient programmers skilled in assembly language. Assembly language is used to write codes for software to interface with hardware. For decades, assembly language work is seen as basic, low-level technology. As such, only a handful of locations – India, China, Eastern Europe and Taiwan – have deep pools of such skillsets.

But over time, the industry realised that assembly language helps a hacker manipulate systems at the architectural level. It is also the most appropriate for building malware like viruses and trojans.

In fact, assembly language is the go-to choice if someone want to reverse engineer a piece of software that has already been compiled. Far from being low-level work, assembly language is now seen as a sophisticated mean to subtly hack the chip, device or the telecoms equipment. This is what hackers mean when they say, "hacking down to the metal". This is a skill shortage that is not easy for most countries, including Singapore, to bridge.

In view of our unique vulnerabilities, I would like to make a few suggestions to SAF.

One, set the right culture. The DSI needs to be as much like Google and NSA, even as it retains its existing military culture. A key part of getting the culture right is being bold and innovative in the recruitment, growth and retention of cybersecurity talent.

Given that the bulk of cybersecurity expertise available to Singapore may be from the private sector, I hope that DIS can benchmark the salaries of cyber talent to the private sector, so that we can pull in the right mid-career professionals and retain good staff. So, perhaps the salary structure of DIS may have to deviate considerably from the rest of the military.

I also hope DIS can find ways of deploying our people to do very useful industry exchanges, attachments, or even sabbaticals. The obvious places for our people to spend time with are, of course, IT security companies. But we should not limit ourselves to that. It is an open secret to the security industry that there are certain countries with thriving pools of IT freelancers and experts capable of writing zero-day exploits. These exploits are then sold to cybersecurity firms, or even within the Dark Net. Are we prepared to let our people go to those countries to immerse themselves in those complex environments? I certainly hope so. Because they will allow us to have a pulse of this rapidly evolving field.

Two, I hope that DIS should actively participate in defence exchanges with trusted countries. Because national level threats and attacks can be of a different profile compared to isolated attacks on civilian and commercial IT systems. Even if the same tools are similar, the motivation, approach and the end goals are very different.

Three, I hope that DIS must ramp up and integrate with and defend the other services from cyberthreats quickly. For example, DIS could consider helping SAF architect our network architecture, so that certain basic capabilities can stay analogue, or even offline. This can help us preserve basic capabilities, even in the face of an overwhelming attack, which requires time to resolve in cyberspace.

I also hope that DIS can be actively involved in securing our IT environment and processes as various SAF units conduct firmware updates of our software, weapons systems and communication systems. Through DIS, I also hope that SAF mandate and implement a Software Bill of Materials policy, and also help SAF assess the risk of the underlying software and hardware components being deployed.

At the same time, we should also be cautious of the silo effect. According to some industry experts, the key challenges that the US government face is the silo effect in achieving a stronger cybersecurity defence. Some commentators felt that NSA, given the nature of its mandate, was viewed as unwilling to share the full expertise and know-how with the Department of Homeland Security, which is in charge of cyber defence. Singapore is too small a country to afford the luxury of turf wars, so I hope we bear that in mind as we have a fourth service.

Four, we must safeguard of our capabilities very carefully. DIS needs an extremely vigorous process to audit our people and processes, and the security of our tools. We have the moral responsibility to ensure that the codes and tools do not get out, because of the potential unintended effect.

Last of all, I hope that DIS will work hand in glove with our Cybersecurity Agency of Singapore (CSA) to protect Singapore. I hope DIS can actively contribute by to our Critical Information Infrastructure (CII) by probing our CIIs for vulnerabilities. Doing so will also help our CSA sharpen their skills on how to keep our CII safe. DIS should also help with defending non-military CII, because not all adversaries draw a line between military and civilian targets.

Let me now conclude. The creation of our fourth service DIS opens many new possibilities for SAF. SAF is now in a better position to supplement our existing capabilities with that of the private sector and to keep our military and non-military CII safe. On that note, I would like to congratulate SAF for the creation of DIS and I wish success to the founding generation of DIS officers and staff. With that, I stand in support of both Bills.

Mdm Deputy Speaker: Mr Darryl David.

5.36 pm

Mr Darryl David (Ang Mo Kio): Mdm Deputy Speaker, since inception, the Singapore Armed Forces (SAF) has adopted the military doctrine of deterrence and forward defence. While Singapore has never sought to be a military aggressor, we have never shied away from the need to build a technologically advanced, modern and competent SAF. Indeed, today, I am proud to say, that SAF is a well-regarded fighting force, with possibly the best air and naval forces in the region.

While Singapore has excelled in our preparedness and readiness in conventional jungle and urban warfare, the strategies and tactics of war have changed considerably in recent years. To tackle the multitude of new security threats, SAF has begun its transition from a third generation army to a fourth generation one, fortifying its capabilities to confront more complex defence challenges with more modern technologies and newer equipment.

I am, thus, happy to learn that SAF has continued its earlier trajectory of boosting its cyber and digital defence capabilities with the proposed setting up of the Digital and Intelligence Services (DIS). The set-up of DIS is very timely in providing the much-needed safeguard to SAF's network assets as SAF transit, in earnest – to a firm, fighting 4G force.

In today's networked world, countries face a multitude of security threats on different fronts. While the potential of open armed conflicts remains high, the actual possibility of countries openly engaging in hostile confrontations and conventional warfare, as what is happening in the Russo-Ukraine conflict, thankfully, remains low.

A more commonplace security threat in the 21st century is the invisible cyber warfare waged by state and non-state actors against countries, using cyber weapons that mask the identity of the aggressor. Such cyber attacks often go unnoticed by the man on the street as these attacks happen in cyberspace with low signatures in the physical realm, leaving no visible damages to real world infrastructures and assets until they actually happened. As Minister had said, "the battleground has changed".

It is precisely because of the invisible and masked nature of such attacks that makes them so dangerous. We tend to underestimate the devastating real life damages that such attacks could cause, and could possibly be underprepared for widespread cyber terrorism, or "hacktivist", attacks that assail multiple soft cyber targets simultaneously.

While I agree wholeheartedly with the setting up of DIS, I would like to ask where does the jurisdiction of DIS begins and where does it end, especially regarding cybersecurity matters and threats that could have an impact at the national level? Unlike a physical infrastructure where we can adopt a more sectoral approach in defence, it is a little bit more challenging to do so in the case of cyber defence.

Also, a network attack on the SAF can potentially cripple multiple systems at the same time and could possibly be difficult to isolate and contain. In the unlikely or unfortunate event of a cyber attack on SAF's system – which we hope would never happen – who would be ultimately responsible for the defence of the system?

Would it be SAF's Defence Cyber Organisation (DCO)? The Cyber Defence Group (CDG) under SAF Command, Control, Communications, Computer and Intelligence (C4I)? Or would the defence be coordinated by SAF's Digital Ops-Tech Centre (DOTC), which has the mandate to partner with the Defence Tech Community (DTC) and whole-of-Government digital agencies to secure SAF's system? And if the plan is for all the SAF units and platforms mentioned above to be coordinated under DIS, how would DIS liaise with CSA who is responsible for coordinating a whole-of-Government defence? I hope that Minister could provide some clarity on this later.

Mdm Deputy Speaker, I would like to shift my focus now from the digital and virtual realm to the physical and natural world.

The second part of the Bill proposes amendments to the Military Manoeuvres Act of 1905 to permit the SAF to carry out of military manoeuvres in catchment areas with the approval of the Public Utilities Board. The catchment areas in Singapore, generally, comprise a majority of our reservoirs and natural landscape. These areas contain a diverse range of flora and fauna, many of which are possibly still awaiting discovery.

For example, nine plants, fungi and algae were discovered, or re-discovered, in 2021, with more than half of these discovered in Bukit Timah Nature Reserve. NParks also reported in 2017 that 480 new species of flora and fauna were discovered, or rediscovered, in Singapore between 2012 and 2017.

I would like to ask if allowing military manoeuvres in catchment areas would impact Singapore's biodiversity adversely? Does MINDEF plan to do any environmental impact study or engage the relevant agencies and perhaps even nature groups with regards to the impact of such military exercises on the catchment areas, so we can minimise the ecological footprints of such activities on our natural environment?

Also, how does MINDEF intend to balance military needs which are critical and crucial, and I support, with public interest given that our catchment areas are family-friendly leisure locations frequented by leisure hikers and families who are seeking a respite from urban life? What considerations would MINDEF have taken to ensure that the public's interest is catered for in these areas before embarking on such proposed manoeuvres?

Mdm Deputy Speaker, as we celebrate NS55 this year we are reminded of the contributions and sacrifices that our Servicemen and Servicewomen have made to protect Singapore. I am personally grateful to all of those who have served for their contributions to the nation and hope that the proposed amendments in the Bill will contribute to the further strengthening of our Armed Forces and other Services. My clarifications notwithstanding, I end my speech in firm support of the Bill.

Mdm Deputy Speaker: Leader of the Opposition.

5.43 pm

Mr Pritam Singh (Aljunied): Mdm Deputy Speaker, I note both Bills, the Constitution (Amendment) Bill and the Singapore Armed Forces and Other Matters Bill are being read at the same time. My speech is restricted to the Constitution (Amendment) Bill.

Mdm Deputy Speaker, clause 2 of the Bill amends Article 22 of the Constitution, to extend the President's discretionary powers of appointment to include the office of the newly created Chief of the Digital and Intelligence Service (DIS) of the Singapore Armed Forces (SAF). This Bill enjoins the Chief of the DIS to the list of key public sector appointments that must be agreed to, by the President.

The President can veto the appointment. As established by my colleagues, Mr Gerald Giam and Mr Dennis Tan, the Workers' Party has no fundamental objection to this newly established appointment and substantively support the Singapore Armed Forces and Other Matters Bill.

Mdm Deputy Speaker, the Workers' Party is on record in Parliament, with regard to the prospect of a gridlock if any elected President withholds nominations to key appointments, particularly in the context of a new Government, which defeats the PAP at the General Elections.

Most recently, at the Parliamentary debate on the Menon Constitutional Commission's report in 2016, the Workers' Party advocated returning to the elected presidency, to its original form to an appointed office without blocking powers. This will enable the President to focus on being a unifying figure for the nation, rather than having any confrontational role vis-à-vis the elected Government.

In view of the Workers' Party's position on the elected presidency, we will vote against the Constitution (Amendment) Bill as a matter of principle.

For the Singapore Armed Forces and Other Matters Bill, we will support the Bill, but cannot support clause 6, which is specifically related to the President's discretionary powers. However, since the substantive change is located in the Constitution of the Republic of Singapore (Amendment) Bill, we will support the Singapore Armed Forces and Other Matters Bill as our position is clarified by voting against the constitutional amendment.

Mdm Deputy Speaker: Minister Ng Eng Hen.

5.45 pm

Dr Ng Eng Hen: Mdm Deputy Speaker, I think all of us can agree that the Members' speeches have been quite helpful in fleshing out in greater detail the growing threat in the digital domain, which Singapore and, indeed, all countries will face.

I must say that I was very impressed with every speech. Members did their research, have extensive knowledge way above the average citizen and they gave details of digital attacks elsewhere and how other militaries or agencies are addressing these threats and the difficulties faced.

I think, perhaps, the first order of the day is to recruit some of them into the Digital and Intelligence Service. So, do not be surprised if you get your SAF100. But in the interest of disclosure and to make sure that we do not perpetuate scams, if you do get one after this, please know it is not from me and do not answer it. [Laughter.]

Let me laud Members for their efforts and thank them for supporting the Bill.

There has been unanimous agreement that, just as we do in the air, land and sea, SAF's missions must also protect Singapore against digital threats. The issue is how SAF does this and, in relation to DIS, their questions can be summed up in four areas.

First, why a formal service, a fourth, to add to the Army, Navy and Air Force?

Second, how will DIS meet manpower challenges, given our constraints and demands for IT-related skills?

Third, how will DIS and SAF work with partner organisations, such as the Home Team and CSA, to optimise our digital defences?

Fourth, how will DIS guard against excesses and abuse of its powers and capabilities?

They are four important areas, so, let me address each in turn.

Mr Don Wee asked about our considerations in deciding for a formal fourth service. This, indeed, was a critical issue that MINDEF and SAF leaders looked at extensively for some time. At the end of it, two main reasons led to this decision – manpower and mission mindset.

The manpower issue for DIS is, indeed, a serious challenge and I think almost all Members alluded to it – Mr Alex Yam, Mr Gerald Giam, Mr Desmond Choo, Mr Don Wee, Mr Henry Kwek, Mr Sharael Taha, Mr Shawn Huang and Mr Zhulkarnain Abdul Rahim. They have highlighted this and given us good suggestions for recruitment and we will study their proposals seriously.

But first things first. Forming a formal fourth service on par with the Army, Navy and Air Force is the best footing for DIS to attract the right type of people it needs. It provides their new entrants and existing staff career paths and progressions on par with the Army, Navy and Air Force, including for those with the aptitude to be Chief of Service, and even to be the Chief of Defence Force.

Once formed, it puts the onus on the DIS leaders to fight for their fair or unfair share of talent that they need. I completely agree with Members of this House that, indeed, there is a global demand for these types of skills, but this is healthy competition between the services first, and then, for the SAF to compete with the rest of the organisations that need that kind of talent.

For soldiers and personnel who join DIS, there will be a dedicated digital vocation which will develop experts in competencies, such as software engineering, app development, data science, AI, cloud architecting, among others. Talents in these fields will be eligible for top-tier SAF scholarships. Compensation, as Members have supported, will be benchmarked against industry norms and regularly reviewed.

The formation of DIS will boost their recruitment drives. Already, we have our first SAF scholar who applied and was selected to join DIS. I met her last week during the presentation ceremony. I joked with her that we have awarded her the scholarship on the assumption – because DIS has not been formed yet, because we have not passed the Bill – that Parliament approves the Bill and that the President assents. I told her, well, if Parliament or the President does not do what we hope they do, we will have to deploy her elsewhere.

She is doing law at Oxford and I think, perhaps, if Mr Vikram Nair will wait for a couple of years, she may be able to give him the answers to the questions that he asked about law and international relations.

Just like other services, and perhaps with even more challenges, DIS must ensure that it provides an attractive proposition for jobseekers. It must provide job security, a good working environment and advancement opportunities.

But as Members here have pointed out, because it serves a higher calling, it must also bring in people with the right values and commitment and the mission mindset. As Mr Gerald Giam, Mr Alex Yam and Mr Sharael Taha reminded us, we need to be very security conscious. They are guardians of our secrets and I agree with them.

This mission mindset was the second key reason for our decision to form a fourth service. In its current configuration, the Command, Control, Communications, Computers and Intelligence (C4I) community is a supporting force that supports the overall mission of the SAF and that of the Army, Navy and Air Force. The C4I community will continue to perform these supporting roles for other domains. But with the DIS as a formal service, it is now also directly responsible and accountable to protect the cyber domain against external aggressors.

As cyber warriors there, they are the frontline troops. This mindset shift is crucial for the SAF as it builds the DIS. I think this was the broader theme which Member Shawn Huang alluded to. As a trained pilot, he knew to ask important strategic and tactical questions about missions for DIS and the key response for effective outcomes, whether for DIS personnel, soldiers, sailors or airmen, is the mission mindset.

So, I think the quick answer to Mr Vikram Nair's question – whether it could be a civilian chief – I would say no. You need a military man in a uniform to have a military mindset.

Mr Zhulkarnain Abdul Rahim, Mr Don Wee and Mr Dennis Tan asked about misinformation warfare and whether foreigners could be part of this force. I think not. Singaporeans must, just like air, land and sea, be the core elements of this fourth service. Obviously, there will be services that they can outsource to third-party contractors. But I agree with them – we have to be very careful even when we do that.

There were other questions related to NSmen, and also whether soldiers in DIS would be trained and deployed differently, compared to the Army, Navy and Air Force.

Mr Alex Yam asked about women – whether they could join as volunteers. Women can join as regulars. I would like more women to join this if they are up to it.

My broad answer is that certain modules will remain common. Without the right military values and mission mindset, there is a limit in using any individual soldier, no matter how talented he or she is. But if someone serving National Service or a regular, has the aptitude and right attitude, I agree that such an individual can do more in DIS, even if his attributes are not best suited for physical combat.

In fact, we have already started this. The Cyber NSF Scheme, which Members alluded to, provides training in threat monitoring and assessment for NSFs to become cyber operators during their two-year full-time National Service. Selected ones with leadership aptitude may be selected to become cyber specialists in a three-year or four-year undergraduate work-learn programme where they will perform specialised roles, such as incident response, cyber forensic, malware analysis and penetration testing.

Members have asked about the sizing of the DIS. I mentioned before in this House that it will grow organically from the current MIO and, at steady state, I think it will likely be two or three times that.

Our digital defence network is multi-layered. I agree with Members that no single Ministry can do it alone.

Broadly, DIS will be external facing against potential aggressors, while the Home Team and CSA deal with threats internally. But as Members have pointed out, the cyber arena is much more porous than the physical domain. Mr Darryl David, Mr Desmond Choo, Mr Henry Kwek, Mr Sharael Taha, Mr Shawn Huang, Mr Zhulkarnain Abdul Rahim and Mr Gerald Giam asked how the DIS will organise itself and also complement and work with other relevant Government agencies.

Let me give a practical answer.

Our agencies know that they cannot work in silos, lest the cyber attackers exploit gaps or poor coordination. Inter-agency sharing of information, coordination and cooperation already exists.

Our counter-terrorism efforts have taught us valuable lessons about whole-of-Government (WOG) responses and I cite this because it is a very good parallel example of interagency work.

So, similar to cyber threats, MINDEF and SAF are external facing for terrorism, working with foreign agencies to detect terrorists, either individually or their networks that mean to do us harm. MINDEF set up the Counter Terrorism Information Facility (CTIF) to facilitate this work and share that information with external partners and local agencies. MHA addresses the internal threats. For cybersecurity, it will do the same, together with CSA.

Such coordination already exists today, so we are not starting on a blank sheet.

I can foresee exercises to test and improve multi-agency responses to common cyber threats, just as we do against terrorism. So, if you remember, we have had multi-agencies exercises – when it comes to terrorism, I think there are as many as 10 or 11 agencies. We have done exercises in ferry terminals, in Changi Airport, in the southern waters.

When the new service, DIS, is formed, it can help build more sophisticated cyber ranges that can add depth and realism for these exercises. I have already announced the setting up of a new Digital Ops-Tech Centre and a state-of-the-art digital training and simulation range.

The Digital Ops-Tech Centre (DOTC) will raise a core of practitioners who will apply their cross-cutting digital skills, such as in software development and Artificial Intelligence, towards operational outcomes for SAF. The digital range will provide a rich simulation environment for digital training and will host bilateral and multilateral exercises to bring together militaries, industry and academia to share best practices and insights.

Together, the DOTC and the digital range will form a strong foundation, from which the DIS will hone our digital defence capabilities and contribute to our digital defence, alongside the Home Team and CSA.

I visited such a cyber range, and this was in Estonia and the NATO Centre of Excellence. Very impressive set-up. You build systems but there are water systems, power systems, support systems, hospital systems, so on and so forth. They work with private practitioners and they are taught how to defend and, obviously, to act against penetration attacks. But these are the cyber troops that are raised.

The mission and mandate, as scoped for the DIS to be primarily external-facing, reduce the risk of abuse and overstepping the SAF's authority. So, Mr Louis Ng's characterisation of the DIS as a wide-ranging one is not quite accurate. It is, primarily, external facing.

In daily practice, the rules of engagement will also apply, just as it does to the SAF troops in civilian settings when they are guarding Changi Airport, Jurong Island or when they are deployed to deal with terrorist attacks or riots. The rules of engagements are spelt out ex-ante to reduce the risk of abuse.

I was piqued by Members' grand vision for the DIS because it is not yet formed. Some said that we should commercialise our successes and that we should share our secrets and capabilities with other agencies. I thank Members for your confidence and hope, and we will try to meet your expectations.

Let me now address the questions on proposed changes to the disciplinary processes and penalties under the military justice system.

Mr Louis Ng asked if abetment will be an offence that may be compounded. That will depend on the actual offence being abetted. For offences, such as those under the Penal Code, like abetting the assault of a superior officer, which I mentioned in my first speech, the maximum penalty has increased to seven years imprisonment to align with the Penal Code, and is not compoundable.

For the abetment of lesser offences, I think this was mentioned by Mr Dennis Tan as well, MINDEF is open to allowing composition. For example, currently, if a soldier abets another into defaulting on IPPT, say by encouraging him to default or wilfully misleading him with inaccurate information on his IPPT requirements, both would have been charged. With the proposed amendments, both would have committed an offence which may be compounded.

There was a question asked whether compared to summary trials, if compoundable offences, will be on your personal records. The current system is that for all STs, it is on your records. So, it is very interesting with people discharged, we see all the offences, maybe some were even committed 20, 30 years ago for minor infractions. I think it is balance between what we need to maintain military discipline and what the organisation really needs. And over time, I think we have found a new balance.

So, Mr Dennis Tan and I think Mr Louis Ng asked which specific offences will be put in the personal record and which ones will not. I will say, broadly, our most common offences are IPPT infractions and smoking in non-designated areas. If Members push very hard, I will try and keep that on the personal record. But I think not. Probably, we will not keep that on. But if you repeatedly miss an IPPT, or purposefully go against the superior's order not to smoke in the area, that is a very different kind of situation.

Mr Louis Ng asked whether it was a discharge and acquittal. It again depends on whether there is a charge against the offence. In all cases referred to an authorised composition officer, no charge is preferred. Once the composition sum is paid, no further proceedings are to be taken against the accused for that alleged offence, as reflected in the proposed section 79A(4) of the SAF Act.

Mr Louis Ng also asked if the Public Prosecutor will provide directions for how authorised composition officers should exercise their composition powers. For military offences, the jurisdiction comes under the Chief Military Prosecutor who will ensure that compounded offences are broadly aligned to the civil justice system but take into account the need for military discipline.

For increased fine limits, Mr Louis Ng is broadly accurate that the fine limits under section 118 have increased significantly. However, sections 68, 69, 70, 70A, 70B and 72 will be amended for higher fine limits but to different degrees.

Even with the increase in fine limits, it remains for the military courts and disciplinary officers to assess the specific circumstances of the case and to decide on the appropriate fine to impose. We are just raising the limit, but the powers are still theirs.

MINDEF and SAF have established guidelines on fine amounts, based on offence severity and the rank of the offender, and will adjust these guidelines as he has asked for, when the amendments of the Act take effect.

Mr Ng asked whether the military court would consider the impact of the preceding civil proceedings and any sentences served by the accused for related civil offences, when imposing a sentence for the military offences. The short answer is yes. Before preferring charges against the serviceman in the military court, MINDEF will assess all available information and findings which may be relevant, including, but not limited to, the findings and sentences by the civil courts in related civil proceedings.

Mr Darryl David and Mr Dennis Tan asked about the environmental impact and public security of military manoeuvres in catchment areas. I feel a little embarrassed about this amendment. I will tell you why.

We are just regularising what all of us as NSmen have gone through. All of us, I think, have been into Mandai Reservoir, Kranji Reservoir; some got lost, maybe. Thankfully, I did not; or maybe, I helped somebody get lost; never mind. But we had an agreement with PUB, I think, as far back as in the 1990s to train there. All of us have done it.

But we are regularising it to say that now, we can only exercise if PUB says we can. So, that is just regularising it.

People asked about the environmental impact from such training. We have been doing it for 40-over years under very strict guidelines that protect our catchment area, water especially. Biodiversity – there have been environmental impact assessments done from time to time. We leave it to the agencies. But I want to sound a word of caution: we do not have much terrain to train in. The SAF will take precautions. But if we say, "Oh, your training can affect", as Mr Darryl David said, "one of nine particular fauna or flora", we may have very limited land to train in. So, please bear that in mind when you are pushing to protect biodiversity – as all of us want to, but there is a balance to be struck.

Let me conclude. Mdm Deputy Speaker, the substantive change in this Bill is the set-up of a fourth service. The three services of the SAF were established in 1972 with the enactment of the SAF Act. So, 50 years on, the amendments today bring into existence a fourth service. The DIS positions the SAF and Singapore to better deal with cyber threats today and into the future. It provides the SAF with the right structure and emphasis to continue building a full suite of capabilities that can protect Singapore's sovereignty and independence, whether on land, sea, in the air and in the digital domain.

Once again, let me thank the Members who have spoken on the Bill and for their support. Madam, I beg to move. [Applause.]

Mdm Deputy Speaker: Mr Gerald Giam.

6.06 pm

Mr Gerald Giam Yean Song: Mdm Deputy Speaker, I just have one clarification for the Minister.

The Minister said that DIS will compete with other organisations for tech talent. I am concerned that this would further exacerbate the talent crunch in the private sector, especially for SMEs who cannot provide the same salary scales of the Government or MNCs. Besides scholarships, what is MINDEF's plan for increasing the pipeline for tech talent in Singapore to feed into DIS and other organisations. For example, will MINDEF be working with MOE to help our IHLs increase their Singaporean intake for IT-related majors?

Dr Ng Eng Hen: Let me thank Mr Giam for the reminder. When I said that the formation of the fourth service, the DIS, should compete with the other services, it is not a signal to "chiong". They will have a budget to work with. They have to be attractive. But that is the reality. We say that the DIS is important and we say manpower is important. And with the formation of the DIS, it puts it on a somewhat more equal footing, but they will have to compete.

But I agree completely with Mr Giam and, I think, others spoke about it, that we are acutely short of these talents. We will have to grow the overall pie or find ways of being efficient. And I completely agree and, yes, the answer is that we will work with other agencies. It is the task of the commanders to make it attractive to grow the pie to bring people in.

Question put, and agreed to.

Bill accordingly read a Second time and committed to a Committee of the whole House.

The House immediately resolved itself into a Committee on the Bill. – [Dr Ng Eng Hen].

Bill considered in Committee; reported without amendment; read a Third time and passed.