When Singapore's Government Chief Digital Technology Officer (GDCTO) Cheow Hoe Chan moved across from the banking industry in 2014, he was presented with a burning platform.

Key takeaways from Singapore healthcare data breach No system is infallible and cybersecurity breaches are inevitable, but Singapore needs to do better in mitigating the risks and following through on its pledge to safeguard citizen data. Read More

After almost two decades of outsourcing, and government IT projects taking a typical 3 to 5 years and tens of millions of Singaporean dollars to complete before they inevitably fell over, the Singaporean government had a big IT problem -- as Cheow describes it, the government couldn't do IT.

"The problem is that many people started in the government many years ago from a technology background, but when you start outsourcing everything, you end up not actually delivering technology, you end up delivering vendors," the GCDTO told ZDNet on Wednesday at the Government Digital Transformation NZ conference.

After spending the first year of his tenure cleaning up projects and killing others off, Chan said he wrote a proposal to rebuild the engineering capabilities within government. It was no easy task, as after years of failure, there was little trust in government to deliver.

"We started really small ... I went round the organisation, picked up a whole bunch of people that I thought could make it, and we started with a little team of 7 or 8 people initially, and we started delivering very interesting, small things, very small stuff, but we delivered it quickly," he said.

"And once people saw that it can be done, the movement took off, and today from that 7 or people, today we have about 750 people covering everything from digital services, AI, cyber security, sensors, IoT, and infrastructure."

Consequently, Cheow is also the deputy chief executive of GovTech, where Singapore houses its technical capability.

See: Australian Census 2016: A case study in the confluence of failure

Singapore is a long way from ending the use of outsourcers, as it continues to use them for around 70 to 80% of government work, but having an internal engineering capability allows the island nation to flex its muscle in negotiations.

"Being able to design this thing, architect, challenge the vendors when they come back with something that doesn't make sense is a very important," Cheow said.

"If you don't have that capability, you're going to fail, you will fail."

Citing the use of cloud services and the plethora of options available, the GDCTO told ZDNet that having people who know how to build technology is vital when looking at proposals and contracts.

"You got to AWS, they have thousands of services there, how do you know what to choose, do you need to construct it in such a way that is most relevant for what you are going to do?" he said.

"And that requires a lot of knowledge, and without that you'll find the vendors will take you for a ride, they will just do whatever the hell they want to do to maximise the output fee.

"And it doesn't benefit the government."

As GDCTO, Cheow is co-chair of the Public Sector Investment Review committee, with all projects above a certain threshold going before it. Not only do agencies need to present a business case, the architecture of the proposal also has to be presented.

"So my guys scrutinise it, and if they don't agree with the architecture, we will not approve it, so that helps a lot," Cheow said. "I'm also able to say that if you guys can't do it, then I will do it.

"It's very important to call their bluff."

When projects get approved, Cheow said the project is often co-sourced, where vendors and government workers sit side-by-side doing pair programming.

"This project requires 30 people, I might put 10-12 of our people in there, the vendor might put maybe another 15 people in there or something, they work together," he said.

"And after that, what happens is that when a project goes live, a lot of the time my guys pull out, and the vendor carries on.

"The beauty of that model is that we have the source code, our guys know everything, and if we have to step in because a project blows up, our guy can step in effectively."

In October, Singapore detailed its plans to move some of its workloads into the cloud and to develop Singapore Government Technology Stack (SGTS), which would comprise common software components used in application development.

"The SGTS will help us deliver better public services to citizens through reusable software, much faster and at a fraction of the cost," Lee Hsien Loong said.

"It will complement our greater use of the commercial cloud and support our efforts to share data more easily through published APIs."

Cheow told ZDNet that unclassified systems began to find their way into the cloud, and Singapore's security agencies needed to be convinced of the security model.

"We have proven to them that actually, from a security point of view, it's actually better, because we have more fine-grained control," he said.

"In fact, we are trying to implement zero trust in our own utility centres and networks too, as we move forward."

Related Coverage

Singapore Parliament passes Bill against online falsehoods amidst heated debate

As expected, the Singapore government has voted to pass the Protection from Online Falsehoods and Manipulation Bill despite strong calls from industry observers and global technology companies to reassess the legislation, which they say gives the government far-reaching powers over online communication.

Singapore seeks public consultation on 5G policies and deployment

Industry regulator wants industry and public feedback on the regulatory framework that will be put in place to facilitate the deployment of 5G network and services by 2020, including spectrum allocation and skills requirements.

Singapore workers more anxious about change than losing their job to automation

Unfazed about potentially losing their job, employees in Singapore instead are concerned that workplace automation will result in them having to learn new skillsets or change the way they carry out their tasks.

Researchers in Singapore demonstrate new quantum key distribution technique over Singtel's fibre network

It is touted by Singtel and the National University of Singapore as a new technique for securing information in a quantum world.