The Monetary Authority of Singapore on Thursday proposed six required cyber-security measures for financial institutions in the city-state to protect their technology systems.
The six measures are:
- Address system security flaws in a timely manner
- Establish and implement robust security for systems
- Deploy security devices to secure system connections
- Install anti-virus software to mitigate risks of malware infection
- Restrict the use of system administrator accounts that can modify system configurations
- Strengthen user authentication for system administrator accounts on critical systems
“These measures, which are already part of the existing MAS Technology Risk Management Guidelines, are aimed at enhancing the security of financial institutions’ systems and networks as well as mitigating the risk of unauthorized use of system accounts with extensive access privileges,” the city-state’s central bank said. “MAS is proposing to stipulate these measures as a baseline hygiene standard for cyber security by elevating them into legally binding requirements.”
Tan Yeow Seng, chief cyber-security officer at MAS, said in the statement that the central bank wanted to delineate “a clear and common cyber security waterline for the financial industry.”
The public consultation period on the proposal will run from 6 September to 5 October, the MAS statement said.