The Association of Banks in Singapore (ABS), with support from the Monetary Authority of Singapore (MAS), should be lauded for having developed a set of cybersecurity assessment guidelines recently to strengthen the cyber resilience of the financial sector in Singapore.
Known as the Adversarial Attack Simulation Exercises (AASE) guidelines or “Red Teaming” guidelines, the guidelines provide financial institutions (Fls) with best practices and guidance on planning and conducting Red Teaming exercises to enhance their security testing.
AASE is a form of cybersecurity assessment designed to test the robustness of FIs’ cyber defenses through a simulated cyber-attack using tactics, techniques and procedures that are commonly employed by threat actors.
The exercise is conducted in the FI’s actual operating environment, allowing FIs to identify gaps in their people, processes and technologies.
“A key aspect of AASE is the use of cyber threat intelligence to design realistic exercise scenarios that mirror actual threat actors and their actions to uncover vulnerabilities that may impact the FIs critical functions or business criticality,” said ABS in a recent statement.
MWR InfoSecurity, renowned as one of the world’s leading independent cybersecurity consultancies, has praised ABS and MAS for having the competency and foresight in establishing these guidelines.
Its technical director Benjamin Harris said that ABS and MAS should be lauded for this initiative as it is “highly relevant as cybercriminals are operating on unprecedented scales targeting organizations of all sizes, with varying motivations and objectives.”
He said as these criminals have increased their focus on cybercrime, FIs have increasingly become targets of major cyber attacks around the world. From state-sponsored adversaries attempting significant thefts from central banks to numerous complex and aggressive attacks on various global banks, the threat landscape continues to evolve in both sophistication and audacity.