FIs called to review security controls against tech-related risks

They are asked to improve oversight of third-party vendors and review risk profiles.

The Monetary Authority of Singapore’s (MAS) Cyber Security Advisory Panel (CSAP) has stressed the need for financial institutions (FIs) to review their security controls amidst heightened risks arising from remote working and safe management measures as a result of the pandemic.

At its fourth annual meeting with MAS on 5 November, the panel made several recommendations for FIs to be better equipped against cyber risks in the new operating environment.

CSAP called for FIs to review their current risk profiles and the adequacy of their risk mitigating measures, especially with the rapid adoption of remote access technologies and work processes, which could affect FIs’ cyber risk profiles.

The panel also cautioned FIs to improve their oversight of third-party vendors on which they have become increasingly reliant upon amidst remote working, and to monitor and secure remote access by third-parties to FIs’ systems.

FIs are also asked to strengthen their governance over the use of open-source software (OSS). In particular, the panel recommended that FIs establish policies and procedures on the use of OSS.

CSAP also reminded FIs to ensure that these codes are reviewed and tested before they are deployed in their IT environment.

Over two days of virtual meetings, the panel also reportedly exchanged views with the Association of Banks in Singapore Standing Committee on Cyber Security (SCCS) and t

he Insurance SCCS on topics of enhancing cloud resiliency, monitoring insider threats, and the role of cyber insurance in risk management.Participants included representatives from government agencies such as Ministry of Communications and Information, Ministry of Defence, and Government Technology Agency.

Join Singapore Business Review community
A NOTE FROM SINGAPORE BUSINESS REVIEW

The people you want to reach are already in this room.

Every quarter, SBR lands on the desks of the founders, CFOs, and directors running Asia's most consequential companies. Every day, they open our newsletter and read our website. It's a room that took twenty years to build — and it's the one most of our partners are trying to get into.

The good news is that the door is open. We work with companies on thought leadership articles, sponsored content, industry summits across Southeast Asia, regional awards programmes, podcasts, and media placements in print and digital. The shape of the right partnership depends on what you're trying to do, which is why we'd rather start with a conversation than send a rate card.


If you have something this room should know about, tell us. We'll tell you honestly whether we can help, and how.

No rate cards until we understand the brief. It's a better use of everyone's time.