The Monetary Authority of Singapore (MAS) is seeking to bring into regulatory effect six proposed cyber security requirements for financial institutions in Singapore. The six measures MAS has suggested businesses be obligated to take include:
- Addressing system security flaws in a timely manner;
- Establishing and implementing robust security for systems;
- Installing anti-virus software to mitigate the risk of malware infection;
- Deploying security devices to secure system connections;
- Installing anti-virus software to mitigate the risk of malware infection; and
- Strengthening user authentication for system administrator accounts on critical systems;
The measures are already part of the existing MAS Technology Risk Management guidelines, but the authority is proposing that they be used as a “baseline hygiene standard” and elevated into legally binding requirements. According to MAS Chief Cybersecurity Officer Tan Yeow Seng, the proposed measures are intended to strengthen the readiness of financial institutions to address cyber threats by “delineating a clear and common cyber security waterline.” MAS has issued a public consultation, which will run from 6 September to 5 October and allow members of the public to give their feedback.