This notice applies to the following capital markets entities in Singapore:
all approved exchanges;
all recognised market operators which are incorporated in Singapore;
all licensed trade repositories;
all approved clearing houses;
all recognised clearing houses which are incorporated in Singapore;
all approved holding companies;
all holders of a capital markets services licence;
all Registered Fund Management Companies, as defined in regulation 2 of the Securities and Futures (Licensing and Conduct of Business) Regulations;
all authorised benchmark administrators;
all authorised benchmark submitters;
all designated benchmark submitters; and
all persons who are approved under section 289 of the Act to act as a trustee of a collective investment scheme which is authorised under section 286 of the Securities and Futures Act and constituted as a unit trust.
It sets out cyber security requirements on securing administrative accounts, applying security patching, establishing baseline security standards, deploying network security devices, implementing anti-malware measures and strengthening user authentication.
Seeking views on proposed Notice on Cyber Hygiene which prescribes a set of essential cyber security practices that FIs must put in place to manage cyber threats. These measures, if well implemented, would be effective against a wide range of cyber attacks.