28 June 2018
On 17 May 2018, the Monetary Authority of Singapore (“MAS”) highlighted some of the initiatives that it is undertaking to strengthen cybersecurity within the financial sector. The following three initiatives were announced by Mr Tan Yeow Seng, Chief Cyber Security Officer at the MAS, at the 2018 Visa Security Summit.
Cyber threat information sharing
To help build trust and promote cooperation within the financial industry, MAS has partnered with the Financial Services Information Sharing and Analysis Centre (FS-ISAC) to establish its Asia Pacific Regional Analysis Centre in Singapore. The Asia Pacific Regional Analysis Centre supports member financial institutions (“FIs”) across nine Asia Pacific countries, allowing them to share and receive cyber threat information and other resources tailored for the region.
Requiring the adoption of strong cyber hygiene
MAS announced it intends to issue a Notice on cyber hygiene which will require FIs in Singapore to implement a set of fundamental controls to raise their overall level of cyber resilience.
MAS will be proposing to require all FIs to adopt cyber hygiene practices such as strong authentication, controlled use of administrative privileges and proper patch management. FIs will also be required to conduct an independent review of their compliance with the Notice.
MAS intends to conduct a public consultation on the Notice in due course.
Refreshing the MAS Technology Risk Management Guidelines
MAS also announced it is currently reviewing the MAS Technology Risk Management Guidelines to place a stronger emphasis on cyber resilience and to incorporate new guidance to keep pace with technological advances and rapidly evolving cyber threats.
MAS added that it is partnering with the Association of Banks in Singapore (ABS) to establish guidelines for red-teaming to enhance cyber security testing.