The Monetary Authority of Singapore (MAS)’s Cyber Security Advisory Panel (CSAP) has released its observations and recommendations on the cybersecurity challenges faced by Singapore’s financial industry and the strategies on tackling them.
The panel, which met on September 30 with MAS managing director Ravi Menon chairing the discussions, highlighted the need to strengthen the cyber risk culture in financial institutions, enhance cyber monitoring and surveillance capabilities, and better manage cybersecurity risks in IT supply chains.
According to a statement from the MAS, the CSAP offered the following observations and recommendations:
- Strengthen cyber risk culture – Poor risk culture was often cited as a contributing factor during cyber incidents. The meeting discussed ways to strengthen cyber risk culture. CSAP members highlighted that the board and senior management of financial institutions should set clear expectations for cyber risk culture and monitor and assess how well the desired risk management culture is operating across the organisation.
- Strengthen cyber monitoring and surveillance – Maintaining good situational awareness of the cyber threat landscape was an important tool in countering cyberattacks. CSAP members encouraged MAS to continue working with the industry to strengthen cyber monitoring and surveillance capabilities in the financial sector, and deepen cyber intelligence-sharing networks with both global and local partners.
- Effective management of IT supply chain cyber risks – IT supply chains were increasingly being targeted and exploited by cyber criminals. CSAP members recommended that financial institutions should have in place an effective multi-layered defence with measures, such as source code reviews, system integrity checks, and network anomaly detection, to mitigate these risks.
The CSAP is composed of leading international cybersecurity experts who provide MAS with global perspectives on evolving cyber threats and help formulate strategies to address cyber risk. As part of the two-day programme this year, CSAP members will meet Minister in-charge of Cybersecurity, S.Iswaran, and participate in a half-day dialogue with CEOs of key financial institutions in Singapore.