Singapore seems all set to introduce changes to the existing guidelines for security risks and business continuity model, according to a report by ZDNet. The Monetary Authority of Singapore (MAS) said on Thursday that the proposed changes will address cyber surveillance, secure software development, and new risks brought about by the Internet of Things (IoT). The proposed changes will require financial institutions to implement more measures to boost their operational resilience.
The main aim of these changes is to prepare companies for the ever-changing landscape of physical and cyber threat which is becoming more complex with each passing day.
As per the report, the prosed changes will be made to the Technology Risk Management (TRM) and Business Continuity Management (BCM) to put in place the necessary contingency plan that would address the technological risks as well as a response mechanism in place to deal with any kind of technological disruption.
The MAS further noted that the banks were using such as APIs, smart electronic devices, and virtualization to improve the overall service efficiency. But at the same time, these moves increase the overall cyberattack surface making them more vulnerable to such attacks and to avoid these type of scenarios, these changes have been proposed.
Speaking about the proposed changes, MAS’ chief cybersecurity officer Tan Yeow Seng said, “A cyber attack can result in a prolonged disruption of business activities. Threats are constantly present and evolving in sophistication. We cannot afford to be complacent. Financial institutions need to remain vigilant and have in place effective technology risk management practices and robust business continuity plans to ensure a prompt and effective response and recovery.”
The Monetary Authority of Singapore (MAS) also announced the formation of a new group that would take into account the various aspects of cybersecurity and risk supervision. It is worthwhile to note here that in the month of January, the government of Singapore announced guidelines to beef up cybersecurity protection and capabilities in the telecommunications industry in an attempt to cut down on cyber threats.