The Monetary Authority of Singapore (MAS) has reiterated that financial institutions must ensure stringent cybersecurity measures are in place across their third-party vendors, following concerns about vendors becoming potential weak points.
In a response to a letter published by The Straits Times, MAS said financial institutions are expected to regularly review and confirm that vendors, including printing agencies like Toppan Next Tech (TNT), have adequate controls to protect customer information.
While safeguards are necessary, MAS noted that breaches may still occur, and institutions must act quickly to limit further loss and advise customers on preventive steps.
The Cyber Security Agency of Singapore (CSA) also urged organisations to ensure their vendors have strong cybersecurity defences, including measures to mitigate the impact of any breach and support recovery efforts.
CSA encouraged vendors handling sensitive information to adopt national cybersecurity certifications such as the Cyber Essentials or Cyber Trust marks.
It is studying the possibility of requiring vendors to obtain these certifications before they can be licensed or bid for government contracts involving access to sensitive data or systems.
Support measures, including up to 70 percent co-funding for eligible SMEs under CSA’s Chief Information Security Officer (CISO) as-a-Service scheme, are available to help vendors strengthen their cybersecurity practices.
The renewed focus comes amid wider concerns following the ransomware attack on Toppan Next Tech earlier this month, which affected major clients including DBS Bank and Bank of China.
While the incident was not directly referenced by MAS or CSA, it highlights the vulnerabilities posed by third-party service providers.
In their joint response, CSA and MAS said they would continue working closely with the industry to raise cybersecurity standards, and stressed that all organisations, including vendors, must take a proactive approach to protecting themselves and their customers from cyber threats.
