When it comes to a business’ cyber hygiene, it pays to secure your extended ecosystem and ensure best practices are followed with all the partners, vendors, or any other intermediaries that you work with on a regular basis.
From a report dated July 2020, VMware survey findings reported that 80% of Singaporean business respondents have reported being the target of a cybersecurity breach. The survey also noted that the average organisations experienced 1.67 breaches during the 12-month period that the survey looked at.
Of all the documented breaches, the leading cause was vulnerabilities at 20%, followed by breaches originating from third-party applications at 15%, and attacks on web applications. OS vulnerabilities may have occupied the top spot, but third-party application breaches are a cause for concern. Third-party breaches saw a two-fold increase in business impact from the previous year, and a lot of these attacks were attributed to island-hopping as an attack vector.
With cyber incidents and attacks causing prolonged disruption to business activities and significant financial damages, organisations must stay vigilant against these ever-evolving and ubiquitous cyber threats.
Organisations should look to maintain and prioritise proper cyber hygiene practices. By identifying vulnerabilities and areas of risk, organisations can deploy the appropriate security resources and strategies to address and mitigate them.
Depending on entity type, Financial Institutions (FIs) are subjected to various Notices on Cyber Hygiene, including the PSNO6 Cyber Hygiene Notice issued under the Payment Services Act 2019. These notices set out the cyber hygiene requirements for FIs to ensure that essential cyber security practices are in place to manage the relevant cyber threats and ensure cyber resilience.
To go more in-depth, organisations are also highly encouraged to align with the Monetary Authority of Singapore (MAS) Technological Risk Management (TRM) guidelines that set out principles and industry best practices to establish a robust technology risk governance.
At Privasec, we can conduct a MAS TRM Gap Assessment for your organisations to identify gaps within the company’s processes and risk management frameworks against the best practices and principles prescribed by the Monetary Authority of Singapore (MAS).
Interested to establish a robust technology risk management framework for your organisation?
Check out DigiFinex, a global digital assets trading platform’s MAS TRM Gap Assessment with Privasec to find out more details.