The Cyber Security Advisory Panel, formed by the Monetary Authority of Singapore (MAS) last year, has provided its recommendations on how to improve cyber security of the financial sector.
Among the advice given by the panel, which is composed of international experts, is for financial institutions to make sure that their data stored on public cloud services must be secure, according to a report by the Straits Times. The panel also recommended that financial institutions should perform risk assessments of third parties they work with.
During the panel’s second annual meeting, chaired by MAS managing director Ravi Menon, participants discussed how financial firms can maintain security amid the rise of new technologies, and advised how the MAS can improve its own cyber strategies.
It was noted that financial institutions are increasingly adopting the use of public cloud services, partly due to the cost savings such services offered. The panel reminded small and medium firms to choose reputable cloud solution providers with strong cybersecurity capabilities, as well as to adopt measures to secure stored data.
The panel also said that firms must secure their network connections to the service provider, which is one loophole attackers could exploit.
Meanwhile, cloud service providers must be transparent with customers about how they implement security measures to protect their systems and information.
While application programming interfaces (APIs) are becoming more popular due to ease of integration and building new software solutions collaboratively, the panel said that APIs also run the risk of exposing companies to cyberattacks.
As a result, companies can ready their defences by conducting risk assessments on the third parties who use their codes and monitor related activities for suspicious events.
In order to test out their systems’ resilience, financial institutions should enlist the services of programmes that search for vulnerabilities in digital platforms. The process, known as ‘red-teaming’, involves ethical hackers simulating a cyberattack and testing the security systems of the client firm.
Aside from the MAS, the panel also provided advice to the Standing Committee on Cyber Security from the Association of Banks in Singapore, the Life Insurance Association Singapore, and the General Insurance Association of Singapore.