MAS' CSAP list five recommendations for strengthening Singapore's financial sector

The Monetary Authority of Singapore's (MAS) Cyber Security Advisory Panel (CSAP) has discussed strategies to enhance the cyber resilience of Singapore’s financial sector at its inaugural meeting on 5-6 October, 2017.

Source: MAS. From left: Andrew Khoo, Deputy MD, MAS; Lim Chee Onn, Member of the Board of Directors and Chairman of the Risk Committee, MAS; Alexander; Loy; Menon; Asher; Koh; Mokady; McGuire; Abend; and Ong Chong Tee, Deputy MD, MAS. 

CSAP members agreed that having strong basic cyberhygiene practices is fundamental to securing cyber resilience. They also suggested that it was important to strengthen the competency and capability of the boards of financial institutions to exercise effective oversight of cyber risk management. 

CSAP members highlighted the importance of conducting realistic penetration tests, including red-teaming*. Acknowledging the challenge posed by the large amounts of information that is collated in monitoring for cyber incidents, CSAP members advocated the use of data analytics and machine learning to make sense of the information. They were unanimous in emphasising the importance of timely information sharing by financial institutions of cyber incidents and developments. 

Ravi Menon, MD, MAS, chair of the CSAP meeting said, “The meeting provided MAS an opportunity to validate its strategy for strengthening cyber resilience in the financial sector and to identify areas where we need to do more. We are grateful to CSAP members for their sharp insights and helpful suggestions.” 

David Koh, Chief Executive, Cyber Security Agency of Singapore and a member of the CSAP, said, “The creation of the CSAP is a laudable initiative by MAS. The panel brings together distinguished individuals from around the world, with a rich and diverse range of experience and expertise in the cybersecurity, banking and finance domains. The quality of insights and ideas generated will certainly boost our collective efforts to augment the cybersecurity posture of Singapore’s banking and financial sector.” 

CSAP members who attended the meeting included Valerie Abend, MD, Financial Services North America Security & Global Cyber Regulatory Lead, Accenture Security; Keith Alexander, Founder and CEO, IronNet Cybersecurity; Adrian Asher, Group Chief Information Security Officer, London Stock Exchange Group; Koh of CSA; Vincent Loy, Partner, Financial Crime & Cyber Leader, PricewaterhouseCoopers Risk Services; Kevin R. Mandia, CEO & Board Director, FireEye; Cheri McGuire, Group Chief Information Security Officer, Standard Chartered Bank; and Udi Mokady, Chairman & CEO, CyberArk.

The CSAP will convene again in 2018.

Interested?

Read the TechTrade Asia blog post about the announcement of the CSAP

*Red-teaming is the use of a team of ethical hackers to continuously test for weaknesses in an organisation’s people, processes and technology by adopting a hacker’s mindset.