Complying with Monetary Authority of Singapore (MAS) Cyber Hygiene guidelines

In the Monetary Authority of Singapore (MAS)’s most recent revision to the Technology Risk Management Guidelines in 2021, the updated guidelines focus on addressing technology and cyber risks by financial institutions (FIs) specifically in cloud technologies, application programming interfaces and rapid software development. The enhanced guidelines reinforce the importance of incorporating security controls as part of FIs’ technology development and delivery lifecycle, as well as in the deployment of emerging technologies.

With the rapidly evolving nature of cyber threats and the acceleration of digital transformation has resulted in the elevation of the Cyber Hygiene guidelines contained in the Technology Risk Management (TRM) guidelines into legally binding requirements.

These guidelines address risk management principles and best practice standards to guide financial institutions in establishing a robust framework with the aim of strengthening system security, reliability, resiliency, and recoverability as well as deploying strong foundations to protect customer data, transactions, and systems.

This updated white paper will give an overview of the six legally binding pillars recommended for organisations to manage cyber threats. Applying security patching is one of the key practices and pillars laid out in the MAS guidelines. To gain control, companies need a data-driven proactive solution to prioritise the vulnerabilities that pose the most risk, and securing assets that are most business critical to the organisation.

Known vulnerabilities remain one of the most commonly used entry points for ransomware exploits, and with the  increase in ransomware attacks, we will also cover how you can leverage on MAS Cyber Hygiene Guidelines to predict Active Directory flaws and misconfigurations.