The Monetary Authority of Singapore (MAS) has appointed its first Chief Cyber Security Officer (CCSO), as part of senior management changes, which will take effect from December 1, 2017.
Mr. Tan Yeow Seng will take up the position of CCSO, holding this appointment concurrently with his role as Executive Director (Technology Risk and Payments Department).
The CCSO will play an important role in strengthening the cyber resiliency of MAS and the financial sector. Mr. Tan’s responsibilities will include setting cyber resiliency standards and overseeing their implementation.
In September, MAS announced the establishment of a Cyber Security Advisory Panel (CSAP), comprising cyber security thought leaders from around the world. There are representatives from JPMorgan Chase & Co, Standard Chartered Bank, London Stock Exchange, Accenture Security, IronNet Cybersecurity Inc, Group, F-Secure, FireEye Inc, IBM Resilient and Cyber Ark. Mr. David Koh, Chief Executive, Cyber Security Agency of Singapore (CSA) is also part of the panel. The inaugural meeting will be held in October 2017.
The CSAP will advise MAS on strategies to enhance the cyber resilience of Singapore’s financial sector. Specifically, CSAP will provide MAS global perspectives on evolving technologies and cyber threats and their implications for financial services, along with insights on best practices in cyber security strategies.
Banking & Finance is one the Critical Information Infrastructure sectors identified by CSA. Protection of CIIs is a core focus area for the proposed Cybersecurity bill in Singapore, which was released for public feedback in July 2017. It provides a framework for the regulation of CII and formalises the duties of CII owners in ensuring the cybersecurity of their respective CIIs.
The inaugural “Singapore Cyber Landscape” publication from CSA released last week said that the Banking & Finance sector is the most spoofed in Singapore, accounting for 31 per cent of all observed (over 2500) phishing URLs during 2016. The compromise of banking accounts was also among the top five categories of cases reported under the Computer Misuse and Cybersecurity Act (CMCA).