Media Releases
Published Date: 30 September 2019

MAS’ Cyber Security Advisory Panel Highlights Need for Managing Cyber Risks in IT Supply Chains

Singapore, 30 September 2019… The Monetary Authority of Singapore (MAS)’s Cyber Security Advisory Panel (CSAP)For more information on MAS’ CSAP, please refer to: https://www.mas.gov.sg/who-we-are/MAS-Advisory-Panels-and-Committees/Cyber-Security-Advisory-Panel meeting convened today to discuss the latest cybersecurity challenges and strategies related to the financial industry in Singapore. During the discussions chaired by MAS Managing Director Ravi Menon, CSAP members highlighted the need to strengthen the cyber risk culture in financial institutions, enhance cyber monitoring and surveillance capabilities, and better manage cybersecurity risks in IT supply chains.

2     The key observations and recommendations of the CSAP meeting are as follows:

a. Strengthen Cyber Risk Culture: Poor risk culture was often cited as a contributing factor during cyber incidents. The meeting discussed ways to strengthen cyber risk culture. CSAP members highlighted that the board and senior management of financial institutions should set clear expectations for cyber risk culture and monitor and assess how well the desired risk management culture is operating across the organisation.

b. Strengthen Cyber Monitoring and Surveillance: Maintaining good situational awareness of the cyber threat landscape was an important tool in countering cyberattacks. CSAP members encouraged MAS to continue working with the industry to strengthen cyber monitoring and surveillance capabilities in the financial sector, and deepen cyber intelligence-sharing networks with both global and local partners.

c. Effective Management of IT Supply Chain Cyber Risks: IT supply chains were increasingly being targeted and exploited by cyber criminals. CSAP members recommended that financial institutions should have in place an effective multi-layered defence with measures, such as source code reviews, system integrity checks, and network anomaly detection, to mitigate these risks.

3  The CSAP comprises leading international cybersecurity experts who provide MAS with global perspectives on evolving cyber threats and the latest insights on strategies to address cyber risk. As part of the two-day programme this year, CSAP members will meet Minister in-charge of Cybersecurity, Mr S Iswaran, and participate in a half-day dialogue with CEOs of key financial institutions in Singapore.  

***