The Monetary Authority of Singapore ( MAS ) has reiterated that financial institutions must ensure stringent cybersecurity measures are in place across their third-party vendors, following concerns about vendors becoming potential weak points.
In a response to a , MAS said financial institutions are expected to regularly review and confirm that vendors, including printing agencies like Toppan Next Tech ( TNT ), have adequate controls to protect customer information.
While protections are needed, MAS noted that breaches perhaps still happen, and institutions must act quickly to limit more loss and advise customers on precautionary steps.
The Cyber Security Agency of Singapore ( CSA ) also urged organisations to ensure their vendors have strong cybersecurity defences, including measures to mitigate the impact of any breach and support recovery efforts.
CSA encouraged suppliers handling sensitive info to choose regional security certifications such as the Cyber Essentials or Cyber Trust scars.
It is studying the possibility of requiring sellers to receive these qualifications before they can be licensed or pay for federal contracts involving access to sensitive data or methods.
Support measures, including up to 70 percent co-funding for eligible SMEs under CSA’s Chief Information Security Officer ( CISO ) as-a-Service scheme, are available to help vendors strengthen their cybersecurity practices.
The renewed focus comes amid wider issues following the earlier this month, which affected big clients including DBS Bank and Bank of China.
While the affair was not immediately referenced by MAS or CSA, it highlights the threats posed by third-party service providers.
In their mutual answer, CSA and MAS said they would continue working closely with the business to increase security standards, and stressed that all organisations, including vendors, may take a proactive approach to protecting themselves and their customers from digital threats.