In the past couple of years, the Internet has seen some major data breaches across major industries, but especially the financial sector. This past week, two Hong Kong and Singapore authorities have improved their cyber security efforts and have implemented major advancements in cyber security initiatives.
Both Hong Kong Monetary Authority (the HKMA) and Monetary Authority of Singapore (MAS) have announced a three-pillar initiative to improve cyber security resources named “Cybersecurity Fortification Initiative.” The three pillars from HKMA are as follows.
1) The Cyber Resilience Assessment Framework. This framework helps financial institutions perform a basic self-assessment that can be used to evaluate any potential risks within the organization. This self-assessment framework is designed to give financial institutions a way to review a list of current threats and assign risk to internal resources. With risk assessment, the institution can then determine their true level of threat and take steps to lower threat incidents.
2) The Professional Development Program. This program contains an initiative to increase the number of professionals in the industry. HKMA will partner with Hong Kong Applied Science and Technology Research to increase cyber security professionals in the industry.
3) The Cyber Intelligence Sharing Platform. This pillar aims to improve sharing and collaboration across Hong Kong’s Association of Banks. HKMA will develop better sharing of analysis, collection details and intelligence to improve threat response.
As part of the collaboration, MAS has introduced its Cyber Risk Management Project. This project overlaps with the previous HKMA initiative but focuses on better regulations and compliance for the financial industry. This comes after a major breach in banking security where SWIFT messaging services were compromised in Bangladesh and continues to be an ongoing issue for investigators.
MAS initiatives propose better research, cyber security compliance, and monitoring to improve security across financial institutions.
The two projects promise to improve security for Hong Kong’s banking sector to reduce the number of threats and successful cyber attacks against financial systems. Recent years have seen a spike in financial industry attacks, especially insider threats that pose the greatest threat to any organization. The banking sector has increasingly been a target for cyber attackers who aim to steal data including personally identifiable information (PII) and banking credentials that can be sold on the black market or used as a way to financially gain from successful attacks.