Dr Melvyn Kuan
Senior Assistant Director
Cybersecurity Engineering Centre, CSA
Setting the Baseline through Standards
For Dr Melvyn Kuan, standards is an important tool to improve cybersecurity posture and enhance risk management. As a Senior Assistant Director at the Cybersecurity Engineering Centre, Dr Kuan leads his team to shape standards to raise our ecosystem’s cyber hygiene.
Dr Kuan’s job involves researching the latest developments in the cybersecurity landscape to anticipate digital risks. As no one has a complete view of what is emerging, his team consults widely, engaging academia, industry as well as technology research companies. He then establishes standards and guidelines to address these risks.
“My interest in standards is inspired by the impactful outcomes they lead to,” shared Dr Kuan.
Although risks cannot be fully eliminated, Dr Kuan believes that a strong baseline of controls can improve our preparedness against cybersecurity threats and response to cyber incidents.
A key project that Dr Kuan worked on was TR 91, a national labelling standard on the cybersecurity labelling of consumer Internet of Things (IoT). TR 91 broadens the impact of the Cybersecurity Labelling Scheme (CLS), Asia-Pacific’s first multi-level labelling scheme for consumer IoT. By elevating the requirements of CLS into a national standard, there is now clear guidance for developers to produce more secure IoT devices.
The success of TR 91 at the domestic level has encouraged Dr Kuan’s team to surface a proposal to the International Organisation for Standardisation (ISO) on a universal cybersecurity labelling framework for consumer IoT. The journey ahead on the international stage is unprecedented and Dr Kuan is excited at the prospects of this project that he describes as a “moonshot”.
“At the end of the day, it is a fulfilling experience as we are galvanising a global effort towards a more secure IoT ecosystem,” shared Dr Kuan.