As remote working increases threats to cyber security, MAS urges financial institutions to enhance safeguards

Financial institutions that have adopted remote access technologies have to assess if their cyber risk profiles remain acceptable. PHOTO: ST FILE
Ng Wei Kai
Updated
Nov 10, 2020, 05:04 PM
Published
Nov 10, 2020, 02:48 PM

SINGAPORE - The rise of remote working amid the Covid-19 pandemic has heightened technology-related risks, making it crucial for financial institutions to review their security controls, said the Monetary Authority of Singapore (MAS).

Among the recommendations by the MAS Cyber Security Advisory Panel (CSAP) were for financial institutions to review their risk profiles and adequacy of risk mitigating measures, to maintain oversight of third-party vendors and to strengthen governance of the use of open-source software.

These were presented at an MAS management meeting on Nov 5.

"Singapore's financial sector has done well so far in its cyber and operational resilience amid the new operating environment created by the pandemic," said MAS managing director Ravi Menon.

"But as the situation prolongs, that resilience will come under greater stress as cyber attackers look for new vulnerabilities. Financial institutions must remain alert and nimble and strengthen their defences against emerging cyber threats," he added.

Financial institutions that have adopted remote access technologies have to assess if their cyber risk profiles remain acceptable, and implement controls in the long run to mitigate any new risks, CSAP said.

The panel also emphasised the need for financial institutions to step up their oversight of third-party vendors and to monitor and secure remote access by these third-parties to their systems.

Noting the vulnerabilities of open source software to malicious attacks or exploits, the panel recommended that financial institutions establish policies and procedures on the use of open-source software, and to ensure these codes are robustly reviewed and tested before they are deployed.

CSAP had also had virtual meetings on Nov 4 and 5 with the Association of Banks in Singapore Standing Committee on Cyber Security (SCCS) and the Insurance SCCS on enhancing cloud resiliency, monitoring insider threats, and the role of cyber insurance in risk management. Representatives from government agencies such as the Ministry of Communications and Information, the Ministry of Defence, and the Government Technology Agency also participated.

More On This Topic
Nearly nine of 10 workers want to keep work-from-home option: Survey
Cyber security threats rise as more work from home: Poll

Join ST's WhatsApp Channel and get the latest news and must-reads.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top