.jpg)
The Monetary Authority of Singapore (MAS) has released legally binding requirements to improve cyber security standards and strengthen the cyber resilience of the financial industry.
Known as the Notice on Cyber Hygiene, it details the measures that financial institutions must take to mitigate growing cyber risks. It will make several key elements in the existing MAS Technology Risk Management (TRM) Guidelines mandatory for financial institutions, namely the following:
The MAS gave financial institutions one year to comply with these measures, before they come into force on August 06, 2019.
“Cyber threats in the financial sector are growing as a result of an increased digital footprint and pervasive use of the internet,” said Tan Yeow Seng, chief cyber security officer of the MAS. “The financial sector needs to remain vigilant and ensure that defences are able to counter varied and evolving threats. Good cyber hygiene can go a long way in protecting financial institutions from common types of cyber incursions. These fundamental and essential measures can be implemented by all financial institutions regardless of size or system complexity.”
The guidelines incorporate the results of a public consultation held by the MAS in September 2018. According to the regulator, financial institutions generally welcomed the measures and provided several suggestions, such as focusing on strengthening user access to systems that store or access customer data, and allowing more time for financial institutions to design, acquire, and integrate robust user authentication technology into their critical systems.
