The Monetary Authority of Singapore (MAS), in a move to tighten cyber security rules for financial institutions (FIs) in Singapore, has proposed making a set of six essential cyber security measures legally binding.
The measures are already part of the existing MAS Technology Risk Management Guidelines, but the financial regulator now aims to make them legally binding.
The move, announced yesterday, comes as more financial processes are being done digitally, and in the face of increasing cyber attacks.
The six measures are to: address system security flaws in a timely manner; establish and implement robust security for systems; deploy security devices for securing system connections; install anti-virus software; restrict the use of system administrator accounts; and strengthen user authentication for these accounts on critical systems.
Breaches often result from insecure system configurations or compromised system accounts, MAS said. The proposed measures will enhance FIs’ systems and networks as well as mitigate the risk of unauthorised use of system accounts with extensive access privileges.
A public consultation on the proposed measures was launched yesterday and will end…
