Singapore Tightens Screws On Cyber-Hackers

Tom Burroughes

7 August 2019

Singapore’s principal financial regulator has set out the standards for banks, wealth managers and other sector players to follow as part of a crackdown on cyber-security attacks that continue to claim victims. Financial firms have 12 months in which to adopt the measures.

The suffered a massive breach, with about 100 million people affected. Singapore, which has sought to position itself as a tech-savvy jurisdiction, embracing digital banking and modern ideas, would have much to lose if its systems were to be taken down by hackers. Among organisations in the city-state that have been hit are The National University of Singapore and Nanyang Technological University (hit in 2018), reportedly by Iranian hackers.

The MAS measures must be put in place by 6 August 2020.

“Cyber threats in the financial sector are growing as a result of an increased digital footprint and pervasive use of the Internet. The financial sector needs to remain vigilant and ensure that defences are able to counter varied and evolving threats,” Tan Yeow Seng, chief cyber-security officer, MAS, said. “Good cyber hygiene can go a long way in protecting financial institutions from common types of cyber incursions. These fundamental and essential measures can be implemented by all financial institutions regardless of size or system complexity.”

MAS sought feedback from the public in September 2018 on the proposal before making this suite of cyber-security measures into legally binding requirements.