ARTICLE
4 October 2018

Monetary Authority Of Singapore Panel Urges Financial Institutions To Adopt Cybersecurity Measures

RS
Reed Smith (Worldwide)

Contributor

Reed Smith (Worldwide) logo
Reed Smith is a dynamic international law firm helping clients move their businesses forward. By delivering smart, creative legal services, we enrich clients' experiences with us and support achievement of their business goals. Our longstanding relationships and collaborative structure enable the speedy resolution of complex disputes, transactions, and regulatory matters.
Explore Firm Details
An international cybersecurity advisory panel formed by the Monetary Authority of Singapore (MAS)
Singapore Technology
Photo of Charmian Aw
Authors

An international cybersecurity advisory panel formed by the Monetary Authority of Singapore (MAS) has recommended that all financial institutions in Singapore ensure that data stored on the public cloud is kept secure, and that they perform cybersecurity risk assessments on their third-party providers.

These proposals were raised at the panel's second annual meeting, after its members had met with representatives from the Standing Committee on Cyber Security from the Association of Banks in Singapore, Life Insurance Association Singapore and General Insurance Association of Singapore.

The panel also noted that there had been an increase in use by financial institutions of application programming interfaces (APIs) to build software and applications. As use of such APIs could pose a greater risk of cyber threats, the panel suggested specific ways in which the institutions should combat such risk; for instance:

  • conducting "red-teaming" cyberattack simulations
  • securing network connections with any third party providers
  • monitoring for any suspicious cyber activity.

Comment

Cyber risk should be a top priority for all financial institutions, particularly as they continue to digitalize. It is expected that existing regulations on technology risk management and guidelines on outsourcing by banks in Singapore will also soon be reviewed as mandatory breach reporting is introduced under Singapore's data protection legislation. It would therefore be an opportune time for financial institutions with operations in Singapore to consider updating their cybersecurity policies to incorporate the MAS panel's recommendations as above, as well as to run a mock exercise to test their resiliency in the event of a cyberattack. Financial institutions should also consider retaining external counsel to advise on any third-party agreements that they may enter into, to ensure that the institutions have all the necessary and appropriate warranties, audit rights and contractual indemnities in case of relevant cyber incidents.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Charmian Aw
Charmian Aw
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More