CSA orders critical infrastructure owners to review cybersecurity as AI threats escalate, says Tan Kiat How
Singapore escalates cyber defence posture as AI threats grow. Tan Kiat How says CSA has ordered board-level reviews across critical sectors, warning risks are accelerating fast. Leaders—not just IT teams—must act now as frontier AI reshapes cyberattacks.
- CSA has instructed critical infrastructure leaders to review cybersecurity against AI-enabled threats urgently.
- Tan Kiat How stressed cybersecurity must be led by boards and CEOs, not delegated to IT teams.
- Singapore is strengthening partnerships and intelligence-sharing to address rapidly evolving AI-driven cyber risks.
Singapore has directed all Critical Information Infrastructure (CII) owners to conduct urgent cybersecurity reviews in response to rapidly evolving artificial intelligence-driven threats, with authorities stressing that responsibility must sit at the highest levels of organisational leadership.
Senior Minister of State for Digital Development and Information Tan Kiat How told parliament on 5 May 2026 that the Cyber Security Agency of Singapore (CSA) had formally written to boards and senior executives outlining expectations for these reviews.
He said the move reflects growing concern that advances in frontier AI are reshaping the cyber threat landscape at a pace that challenges existing safeguards.
“This is not an issue that should be delegated to IT teams alone,” Tan said.
“It demands leadership attention at the highest levels, including board members and chief executives.”
He added that the priority for organisations is to “get the fundamentals right, and do so quickly”, regardless of whether they operate information technology systems, operational technology systems, or both.
CII systems underpin essential services across sectors including energy, water, banking and finance, healthcare, transport, infocomm, media, security and emergency services, and government.
Cyber review expectations set out
In the letter to CII owners, CSA chief executive David Koh emphasised that developments in frontier AI require direct oversight from senior leadership.
“Frontier AI is accelerating at a rate where current assumptions in cyber risk management, on which your controls, measures and incident response plans were designed, may no longer be valid,” he wrote.
He warned that “vulnerability discovery is becoming faster and cheaper”, raising the urgency for organisations to reassess their preparedness.
The review is expected to examine whether existing cyber risk assessments adequately account for AI-enabled threats. It must also evaluate visibility over critical systems, internet-facing assets, privileged access, cloud services and third-party dependencies.
Organisations are required to assess whether their vulnerability management, patching, monitoring and incident response processes are sufficiently fast to keep pace with emerging threats.
They must also review governance over their own use of AI and consider how such technologies can strengthen cybersecurity operations.
Koh said findings should be formally tabled at board or executive risk committees.
“Where material gaps are identified, management should ensure that these are addressed through clear remediation plans and explicit risk acceptance decisions and where necessary, adjustments to cybersecurity investment priorities,” he said.
Financial sector and government response
Tan said the Monetary Authority of Singapore has already convened chief executives of major financial institutions to address the evolving threat landscape and coordinate responses.
“Financial institutions are treating this with the seriousness it deserves and have been strengthening their posture,” he said.
He characterised AI-enabled cyber risks as an amplification of existing systemic vulnerabilities rather than an entirely new category of threat.
Government agencies are similarly on heightened alert, with CSA continuing to monitor developments, issue technical guidance and collaborate with industry partners to strengthen collective resilience.
Recent advisory and Mythos concerns
The latest measures follow a CSA advisory issued last month urging companies to strengthen cybersecurity in anticipation of increased risks linked to frontier AI models.
The advisory came shortly after Anthropic previewed its AI system, Mythos, which has drawn attention for its advanced capabilities.
According to findings by the United Kingdom’s AI Security Institute, Mythos is more capable of facilitating complex cyberattacks than other widely used tools.
Anthropic has stated that during its internal testing, the system identified thousands of high-severity vulnerabilities, including some affecting major operating systems and web browsers.
Despite the concern, Tan said the Singapore government does not have direct access to Mythos.
The model has been released only to a limited group of partners under controlled conditions, and authorities are not aware of any local bank having access.
“More broadly, we do not assume that we will always have early access to every frontier model,” he said.
Instead, Singapore relies on close working relationships with AI developers and cybersecurity firms to track developments and assess risks.
“We are working with partners who have access to Mythos to better understand its capabilities and implications,” Tan added.
Approach to risk monitoring and mitigation
Without direct access to certain advanced models, authorities base their assessments on published evaluations, threat intelligence and ongoing engagement with AI laboratories.
“On Mythos, specifically, without direct access, we cannot test the model ourselves. But we assess the risk based on published evaluations, threat intelligence and our ongoing engagement with the major AI labs,” Tan said.
Where credible risks to critical systems emerge, CSA works with CII owners to implement protective measures.
“Where credible evidence emerges of a material risk to systems of national consequence, we work with and advise CII owners to patch and harden their systems,” he said.
He emphasised that the broader concern extends beyond any single AI model.
“The underlying shift is broader and the risks are real. We are treating them with the seriousness they deserve,” he added.
Parliamentary questions on access and readiness
During the session, Workers’ Party MP Louis Chua raised questions about whether Singapore is seeking direct access to advanced AI systems such as Anthropic’s models.
He also asked about tangible outcomes from partnerships with entities that do have access, including whether vulnerabilities have already been mitigated.
Chua further queried the government’s current risk assessment of CII systems and how it is supporting operators beyond issuing directives.
Trend-driven approach to AI threats
Responding, Tan stressed that the government’s approach is not focused on individual AI systems but on broader technological trends.
“We have to look at this not just as a single episode or single frontier model making an announcement,” he said.
He noted that AI capabilities are advancing rapidly, including through open-source models that can develop sophisticated functions within months.
Authorities have been monitoring this trajectory and taking action over an extended period, he said.
Singapore is working with global AI labs, cybersecurity firms and other partners to gain early access to emerging technologies where possible and to evaluate their implications.
Engagement with critical sectors
Tan said authorities have been actively engaging CII sectors over the past year.
He noted that he had personally visited all 11 critical sectors to meet leadership teams and reinforce awareness of AI-driven risks.
He said these engagements indicated strong awareness among senior executives and board members.
“They are not taking this lightly and they are putting in place not just processes and investments to secure themselves and their systems, but also proactively thinking about how to secure their AI users in their organisations,” he said.
He compared AI adoption to installing a powerful engine in a vehicle, noting that safeguards must evolve alongside capabilities.
“You need to have the safety features, the guard rails, your safety belts, good brakes in place,” he said.
Strengthening intelligence and capabilities
Tan outlined further steps being taken to support CII operators.
CSA is increasing the sharing of selected threat intelligence with designated infrastructure owners to improve detection of advanced persistent threats.
At the same time, the government is building internal capabilities to detect cyber threats using AI technologies.
These tools may be shared with CII operators where necessary to enhance their defences.
He reiterated that CSA retains enforcement powers under the Cybersecurity Act to direct action where required.
