MAS Issues New Rules to Strengthen Cyber Resilience of Financial Industry
Singapore, 6 August 2019… The Monetary Authority of Singapore (MAS) today issued a set of legally binding requirements to raise the cyber security standards and strengthen cyber resilience of the financial sector. The Notice on Cyber Hygiene sets out the measures that financial institutions must take to mitigate the growing risk of cyber threats.
2 The Notice will make compulsory key elements in the existing MAS Technology Risk Management (TRM) Guidelines
- establish and implement robust security for IT systems;
- ensure updates are applied to address system security flaws in a timely manner;
- deploy security devices to restrict unauthorised network traffic;
- implement measures to mitigate the risk of malware infection;
- secure the use of system accounts with special privileges to prevent unauthorised access; and
- strengthen user authentication for critical systems as well as systems used to access customer information.
3 Financial institutions have 12 months to put these measures in place before the requirements come into effect on 6 August 2020. Mr Tan Yeow Seng, Chief Cyber Security Officer, MAS, said, “Cyber threats in the financial sector are growing as a result of an increased digital footprint and pervasive use of the Internet. The financial sector needs to remain vigilant and ensure that defences are able to counter varied and evolving threats. Good cyber hygiene can go a long way in protecting financial institutions from common types of cyber incursions. These fundamental and essential measures can be implemented by all financial institutions regardless of size or system complexity.”
4 MAS had sought feedback from the public in September 2018 on the proposal to make this suite of cyber security measures into legally binding requirements. Financial institutions generally welcomed these measures and provided some suggestions regarding implementation of the requirements. These include:
a) focusing on strengthening user access to systems that store or access customer data; and
b) allowing more time
5 MAS has taken the industry’s feedback into consideration when finalising the Notice. The detailed response to the feedback received can be found on the MAS website . MAS thanks the public for their feedback.
***
Related News
-
Media ReleasesPublished Date: 27 August 2024
Equities Market Review Group Convenes Inaugural Meeting, Identifies Priority Areas, and Announces Members of Workstreams
The Equities Market Review Group held its inaugural meeting on 19 August, chaired by Mr Chee Hong Tat, Minister for Transport, Second Minister for Finance and Deputy Chairman of the Monetary Authority of Singapore. The meeting discussed key challenges and opportunities facing Singapore’s equities market, and set out its strategic direction for the review.
-
Media ReleasesPublished Date: 02 August 2024
MAS Sets Up Review Group to Strengthen Equities Market Development
The Review Group will be chaired by Mr Chee Hong Tat, Minister for Transport, Second Minister for Finance and Board Member of MAS, and comprise key private sector stakeholders and public sector representatives.
-
Media ReleasesPublished Date: 09 July 2024
Banks in Singapore to Strengthen Resilience Against Phishing Scams
MAS and ABS announced that major retail banks in Singapore will progressively phase out the use of One-Time Passwords for bank account login by customers who are digital token users within the next three months, to better protect them against phishing.