The Cyber Security Advisory Panel (CSAP) of MAS met to discuss the latest cyber-security challenges and strategies related to the financial industry in Singapore. During the discussions chaired by the MAS Managing Director Ravi Menon, CSAP members highlighted the need to strengthen the cyber risk culture in financial institutions, enhance cyber monitoring and surveillance capabilities, and better manage cyber-security risks in IT supply chains.
The CSAP members at the meeting discussed ways to strengthen cyber risk culture. The members highlighted that the board and senior management of financial institutions should set clear expectations for cyber risk culture and monitor and assess how well the desired risk management culture is operating across the organization. CSAP members encouraged MAS to continue working with the industry to strengthen cyber monitoring and surveillance capabilities in the financial sector and deepen cyber intelligence-sharing networks with both global and local partners. Finally, IT supply chains were identified as a weakness, as these supply chains are increasingly being targeted and exploited by cyber criminals. CSAP members recommended that financial institutions should have in place an effective multi-layered defense with measures, such as source code reviews, system integrity checks, and network anomaly detection, to mitigate these risks.
The CSAP comprises leading international cyber-security experts who provide MAS with global perspectives on evolving cyber threats and the latest insights on strategies to address cyber risk. As part of the two-day program this year, CSAP members will meet the Minister in-charge of cyber-security, Mr S Iswaran, and participate in a half-day dialog with CEOs of key financial institutions in Singapore.
Keywords: Asia Pacific, Singapore, Banking, Fintech, Regtech, Cyber Risk, Risk Culture, Cyber Security, CSAP, MAS
Previous ArticleFIN-FSA Conducts Review on Organization of Depository Activities
The European Commission (EC) published the Delegated Regulation 2022/786 with regard to the liquidity coverage requirements for credit institutions under the Capital Requirements Regulation (CRR).
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying the criteria to identify shadow banking entities for the purposes of reporting large exposures.
The Office of the Superintendent of Financial Institutions (OSFI) published the strategic plan for 2022-2025 and the departmental plan for 2022-23.
The European Banking Authority (EBA) is consulting, until August 31, 2022, on the draft implementing technical standards specifying requirements for the information that sellers of non-performing loans (NPLs) shall provide to prospective buyers.
The European Council and the Parliament reached an agreement on the revised Directive on security of network and information systems (NIS2 Directive).
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying information that crowdfunding service providers shall provide to investors on the calculation of credit scores and prices of crowdfunding offers.
The European Council published a draft Commission Delegated Regulation to amend the regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
The European Securities and Markets Authority (ESMA) published a paper that examines the systemic risk posed by increasing use of cloud services, along with the potential policy options to mitigate this risk.
The Monetary Authority of Singapore (MAS) published amendments to Notice 635, which sets out requirements that a bank in Singapore has to comply with when granting an unsecured non-card credit facility to individuals.
The European Commission (EC) published a public consultation on the review of revised payment services directive (PSD2) and open finance.