Published Date: 06 August 2019

Notice CMG-N03 Cyber Hygiene

Requirements on cyber hygiene for capital market entities.

This notice applies to the following capital markets entities in Singapore: 

  • all approved exchanges;
  • all recognised market operators which are incorporated in Singapore;
  • all licensed trade repositories;
  • all approved clearing houses;
  • all recognised clearing houses which are incorporated in Singapore;
  • the Depository;
  • all approved holding companies;
  • all holders of a capital markets services licence;
  • all Registered Fund Management Companies, as defined in regulation 2 of the Securities and Futures (Licensing and Conduct of Business) Regulations;
  • all authorised benchmark administrators;
  • all authorised benchmark submitters;
  • all designated benchmark submitters; and
  • all persons who are approved under section 289 of the Act to act as a trustee of a collective investment scheme which is authorised under section 286 of the Securities and Futures Act and constituted as a unit trust.

It sets out cyber security requirements on securing administrative accounts, applying security patching, establishing baseline security standards, deploying network security devices, implementing anti-malware measures and strengthening user authentication.

Amendment Notes

There are no amendment notes for this notice.