ABS and MAS lauded for AASE guidelines, MWR InfoSecurity shared global insights

The Association of Banks in Singapore (ABS), with support from the Monetary Authority of Singapore (MAS), should be lauded for having developed a set of cybersecurity assessment guidelines recently to strengthen the cyber resilience of the financial sector in Singapore. 

Known as the Adversarial Attack Simulation Exercises (AASE) guidelines or “Red Teaming” guidelines, the guidelines provide financial institutions (FIs) with best practices and guidance on planning and conducting Red Teaming exercises to enhance their security testing. 

AASE is a form of cybersecurity assessment designed to test the robustness of FIs’ cyber defences through a simulated cyber-attack using tactics, techniques and procedures that are commonly employed by threat actors. 

The exercise is conducted in the FI’s actual operating environment, allowing FIs to identify gaps in their people, processes and technologies. 

“A key aspect of AASE is the use of cyber threat intelligence to design realistic exercise scenarios that mirror actual threat actors and their actions to uncover vulnerabilities that may impact the FIs critical functions or business criticality,” said ABS in a recent statement. 

MWR InfoSecurity, an F-Secure company and renowned as one of the world’s leading independent cybersecurity consultancies, has praised ABS and MAS for having the competency and foresight in establishing these guidelines. 

Its technical director Benjamin Harris said that ABS and MAS should be lauded for this initiative as it is “highly relevant as cybercriminals are operating on unprecedented scales targeting organisations of all sizes, with varying motivations and objectives.” 

“As these criminals have increased their focus on cybercrime, FIs have increasingly become targets of major cyberattacks around the world. From state-sponsored adversaries attempting significant thefts from central banks to numerous complex and aggressive attacks on various global banks, the threat landscape continues to evolve in both sophistication and audacity,” said Harris. 

“The uptick in aggression and sophistication demonstrates that adversaries are evolving and refining their tactics, techniques and procedures to keep up with the advances and evolutions of organisational defence. Similarly, as adversaries evolve, organisations must continue to evolve their cybersecurity discipline to ensure they are resilient to the changing threats,” he added. 

AASE, said Harris, employ a holistic approach when compared to traditional penetration testing exercises. 

“Where penetration testing focuses on validating technical controls or identifying technical weaknesses in specific assets, AASE place emphasis on the target organisation’s ability to prevent, detect and respond to adversaries targeting critical functions, across multiple technical and non-technical domains,” said Harris. 

“These assessments look to stress the defensive capabilities of an organisation, with the view to ultimately identifying areas for enhancement and strengthening within these capabilities,” he added. 

Harris further said that MWR InfoSecurity is pleased to have shared insights from the company’s experience of having run successful AASE throughout the world with ABS and MAS during the development of the guidelines. 

“MWR InfoSecurity was able to share insights from our involvement with similar exercises globally, including similar regulator-led exercises,” he said, adding that the company’s views on how these exercises can be conducted to yield the most value to strengthen organisations’ resilience were also shared. 

“Certainly, these guidelines will further contribute to the enhancement of security and operational integrity of the financial sector in Singapore, cementing Singapore’s position as a leading financial hub within the Asia-Pacific region and throughout the world,” concluded Harris.


Please enter your comment!
Please enter your name here

Latest News

Petronas Dagangan Berhad becomes first LNG solution provider for off-grid customers in Peninsular Malaysia

Following the launch of the Virtual Pipeline System (VPS) solution via the Regasification Terminal (RGT) in Pengerang, Johor, Petronas Dagangan Berhad (PDB)...

Huawei Malaysia signs MoU with Serba Dinamik to establish Smart Campuses in Malaysia

Huawei Technologies (Malaysia) Sdn. Bhd. (Huawei) and Serba Dinamik Group Berhad (Serba Dinamik) have teamed up to explore and develop innovative digital...

Shopee finds demand for premium and branded segment multiplied by over 300 times since 2015

E-commerce platform, Shopee has seen growing confidence and comfort in purchasing premium and branded items priced RM3,000 and above in addition to...

Social Enterprise Education Lab showcases journey of teams in 1st cohort

Social Enterprise Education Lab (SEEd.Lab), a programme developed by Petroliam Nasional Berhad (PETRONAS) and Tata Consultancy Services (TCS), marked its first Open...

HSBC Malaysia bags 2 accolades in Malaysia Technology Excellence Awards 2020

The Malaysia Technology Excellence Awards laud exceptional companies who are leading the technological revolution and digital journeys of their respective industries to...

Must read

Affordable rent-to-own scheme for the youth of B40

By Sofea Azahar, In addressing the issue of housing affordability and ownership within the youth in low-income group...

The pandemic push to pivot: The reality of a renewable energy leader

By Ko Chuan Zhen, Chief Executive Officer & Co Founder of Plus Solar, The pandemic was an acid test...

Empowering Malaysians to become informed investors one app at a time

With a goal to build 500 applications that focuses on enabling action, Reactive Labs, co-founded by George and Riza, aims to go...

Bigo Live: A growing sensation in an industry with a big appetite

The live-streaming industry has seen a massive growth in years. From the likes of Vimeo to Facebook Live, the industry has grown...