Parliamentary Replies
Published Date: 12 July 2016

Reply to Parliamentary Question on cybersecurity measures to ensure the integrity of our banking system and financial transactions

QUESTION NO 385

NOTICE PAPER 234 OF 2016

FOR ORAL ANSWER

Date: For Parliament Sitting on 11 July 2016

Name and Constituency of Member of Parliament

Mr Ong Teng Koon, MP, Marsiling-Yew Tee GRC

Question:

To ask the Prime Minister what are the cybersecurity measures being taken to ensure the integrity of our banking system and financial transactions in light of the recent cyber theft incident encountered by Bangladesh Bank.

Answer by Mr Lawrence Wong, Minister for National Development on behalf of Mr Tharman Shanmugaratnam, Deputy Prime Minister and Minister in charge of MAS:

1   The recent incident at the Bangladesh Bank is a timely reminder that cyber attacks can be very costly.

2   MAS and financial institutions (“FIs”) in Singapore take cybersecurity very seriously and have been paying close attention to global developments in cyber threats.

3   MAS expects FIs to build strong and effective capabilities to  safeguard the integrity and availability of their critical systems and services, and protect customer and other sensitive information from unauthorised access. This means having in place measures to protect their critical systems, detect threats and system vulnerabilities in a timely manner, and recover from cyber attacks swiftly. They must conduct regular security reviews and tests to ascertain the continued effectiveness of these measures.  

4   MAS assesses FIs’ cyber resilience through both onsite and offsite supervision. Where there are any gaps or areas of improvement identified, MAS requires the FI to develop a remedial plan of action and will monitor the FI’s progress in its implementation. MAS also monitors the prevailing cyber threat landscape and issues targeted advisories to FIs.

5   The FIs themselves have been taking proactive steps to combat cybersecurity risks. In addition to investments at the individual FI level, they are also collaborating on industry initiatives to strengthen the sector’s cyber resilience. The Association of Banks in Singapore Standing Committee on Cyber Security (“SCCS”) was set up in 2013, and has since served as a useful platform for industry collaboration. Since inception, the SCCS has championed a number of initiatives to raise industry standards (e.g. in the area of penetration testing).  They have also commenced regular sector-level cyber exercises amongst its members to test the FIs’ responses and operating procedures against various cyber threat scenarios. The group also meets regularly to exchange insights and intelligence on cyber threats.

6   At the national level, MAS and major financial institutions work closely with the Cyber Security Agency to support national initiatives on cyber security and critical information infrastructure protection.

7   Cyber threats are persistent and threat actors will continue to enhance their tools and techniques. MAS will continue to work with FIs and industry partners to monitor developments in the cyber space, and adapt defences as appropriate to stay cyber resilient.

***