The information technology supply chains for the financial sector are increasingly being targeted and exploited by cyber criminals.

To keep them at bay, financial institutions should conduct source-code reviews, system integrity checks and network anomaly detection, among other things.

On top of putting in place an effective "multi-layered defence" against threats from the IT supply chains, top executives at financial institutions also need to set "clear expectations for cyber risk culture" as poor risk culture is often cited as a contributing factor during cyber incidents.

These are the observations of the Monetary Authority of Singapore's (MAS) Cyber Security Advisory Panel (CSAP), which met yesterday to discuss the latest cyber-security challenges and strategies of Singapore's financial industry.

The members said the financial industry should strengthen cyber monitoring and surveillance and deepen cyber intelligence-sharing networks with both global and local partners.

The CSAP comprises leading international cyber-security experts who provide the MAS with global perspectives on evolving cyber threats and the latest insights on strategies to address cyber risk.

The discussion was chaired by MAS managing director Ravi Menon. CSAP members also met Minister-in-charge of Cybersecurity S. Iswaran, who is the Minister for Communications and Information.