The Monetary Authority of Singapore's (MAS) Cyber Security Advisory Panel (CSAP) discussed strategies to enhance the cyber resilience of Singapore’s financial sector, at its inaugural meeting on 5-6 October. The formation of CSAP was announced on September 20.
The discussions covered areas ranging from regulatory guidance, supervision, and surveillance to information sharing and capability development.
CSAP members agreed that having strong basic cyber hygiene practices was fundamental in securing cyber resilience. They also suggested that it was important to strengthen the competency and capability of the boards of financial institutions to exercise effective oversight of cyber risk management.
CSAP members highlighted the importance of conducting realistic penetration tests, including “red-teaming”. Red-teaming is the use of a team of ethical hackers to continuously test for weaknesses in an organisation’s people, processes and technology by adopting a hacker’s mind-set.
The members acknowledged the challenge posed by the voluminous information that is collated in monitoring for cyber incidents, and advocated the use of data analytics and machine learning to make sense of the information. They were unanimous in emphasising the importance of timely information sharing by financial institutions of cyber incidents and developments.
Mr. Ravi Menon, Managing Director, MAS, who chaired the CSAP meeting, said “It was a rich and engaging discussion. The meeting provided MAS an opportunity to validate its strategy for strengthening cyber resilience in the financial sector and to identify areas where we need to do more. We are grateful to CSAP members for their sharp insights and helpful suggestions.”
Mr. David Koh, Chief Executive, Cyber Security Agency of Singapore and a member of the CSAP, said, “The creation of the CSAP is a laudable initiative by MAS. The Panel brings together distinguished individuals from around the world, with a rich and diverse range of experience and expertise in the cybersecurity, banking and finance domains. The quality insights and ideas generated will certainly boost our collective efforts to augment the cybersecurity posture of Singapore’s banking and financial sector.”
The CSAP also met members of The Association of Banks in Singapore’s Standing Committee on Cyber Security, comprising of Chief Information Security Officers from key financial institutions. They exchanged views on technological developments in the financial sector, such as FinTech and artificial intelligence, and cyber security challenges faced by the industry. CSAP members also met DPM Tharman Shanmugaratnam, Chairman of MAS, and exchanged views on developing talents and capabilities in cyber security.
The CSAP will convene again in 2018 for its next annual meeting.