Singapore Cyber Security Czar David Koh Tee Hian came under fire from netizens when he nonchalantly remarked during the recent cyber attack on SingHealth’s computer systems that the stolen information of the 1.5 million patients are only “basic demographic data”.
“We are watching to see if anything appears on the Internet both in the open and in some of the less well-known websites,” he said. “But considering the type of data that’s been exfiltrated (i.e, unauthorized transfer of data), it is – from our professional experience – unlikely that these will appear, because there is no strong commercial value to these types of data.”
In other words, he is telling the 1.5 million patients not to worry about the theft of their personal data, which includes their name, IC number, address, gender, race and date of birth.
One netizen said, “If name, NRIC, date of birth etc are ‘basic demographic info’ and have ‘no strong commercial value’, then David Koh should just openly give everyone his own.”
Added another, “Was having same thought. Still dare to state ‘professional experience’… if professional enough, experienced enough, such breaches won’t happen.”
Yet another said, “Fire that guy la! This kind of mentality. No wonder we got hacked. Can he transfer his money to us also since to me his money is basic demographic data too. Chief Executive some more.”
Promoted to BG in 2006
According to MINDEF, David Koh was awarded the SAF Merit Scholarship in 1985. And in 2006, he was among the 5 Colonels promoted to the rank of Brigadier-General. At the time, he was the Director of the Military Security Department in SAF. He was only 41 then.
Koh was said to have been trained at the various military institutions, including:
- The Royal Military Academy Sandhurst, UK
- The Signal Officer Advanced Course at the US Army Signal School, Fort Gordon
- The Command and General Staff Course at US Fort Leavenworth
In SAF, he has held various command and staff appointments. They include:
- G3 (Operations) in a Combined Arms Division
- Chief Signal Officer
- Head, Joint Communications and Information Systems Department in the Joint Staff
- Director of the Military Security Department, MINDEF
His awards include:
- Commendation Medal (Military)
- Public Administration Medal – Bronze (Military)
- Public Administration Medal – Silver (Military)
- Public Administration Medal – Gold
- Billington CyberSecurity International Leadership Award
In 2015 at 50, Koh was appointed Chief Executive of the newly formed Cyber Security Agency (CSA) under the Prime Minister’s Office. Concurrently, he is also the Commissioner of Cybersecurity, the Deputy Secretary (Special Projects) and Defence Cyber Chief in MINDEF.
In addition, he sits on the Boards of the Government Technology Agency (GovTech), Defence Science and Technology Agency (DSTA) and DSO National Laboratories (DSO), the Monetary Authority of Singapore (MAS) Cyber Security Advisory Panel as well as the Public Utilities Board (PUB)’s Board Risk Management Committee.
Koh graduated from King’s College, University of London, UK, with a Bachelors degree in Electrical and Electronics Engineering. He also has a Masters in Public Administration from Harvard University.
With the many hats he is wearing, Koh certainly has huge responsibilities. As the Commissioner of Cybersecurity, he has the power to investigate threats and incidents to ensure that essential services are not disrupted in the event of a cyber-attack. As Chief Executive of CSA, he leads Singapore’s efforts to provide dedicated and centralized oversight of national cyber security functions. These include enforcing the cybersecurity legislation, strategy and policy development, cyber security operations, ecosystem development, public outreach and international engagement. On top of that, he is still responsible for the cyber security of MINDEF.
Nevertheless, in his “professional experience”, he doesn’t think there would be any “strong commercial value” for personal data like users’ name, IC number, address, gender, race and date of birth.