In her recent speech regarding Cyber Risk Management Project’s ‘Bashe Report’ Launch on January 29, Elean Chin, division head of Monetary Authority of Singapore, cited that in Asia, cyber-attacks are disproportionately higher compared to other regions.
She noted although Asia has the most digitally connected financial channels with increased online connectivity and proliferation of smartphone usage, the region still lacks sufficient cybersecurity investment and data breach safeguards.
Earlier reports claimed that the Asia Pacific had the highest number of unfortunate incidents regarding security issues in the first half of 2018.
Nearly 40% of global cybersecurity activities and 30% of breached records were reported worldwide. In terms of financial losses, Asia lost US$1.75 trillion in 2017 or about 7% of the regional GDP caused by cyber attacks.
In a report released by the Cyber Risk Management (CyRiM) project, a well-planned global cyber attack can be initiated through a simple sending of an email that could bring an economic loss between $85 billion and $193 billion. The report was co-authored by Lloyd’s of London, Aon and other CyRiM partners.
The report presented a hypothetical situation where any firm’s equipment can be sent with a virus or malware that provides a threat to either delete or deny access to confidential files unless a ransom is given to the cyber attackers.
The Bashe report seeks to put emphasis on the cost and negative effects of any serious cyber attack. The report noted, in case of a major attack that came from Asia, for the next 24 hours, data installed in 30 million electronic devices could be encrypted. In turn, this could impact over 600,000 companies globally or about US$19 billion in financial losses.
To provide preventive measures in Singapore, Chin cited that MAS uses an updated Technology Risk Management Guidelines. This is designed to promote cyber resilience and guidance on regarding innovative technologies and new cyber threats. Also, the agency will require legally binding regulations on cyber hygiene to intensify the country’s financial sector’s resilience to any form of cyber risk.
The Cyber Security Act launched in August 2018 is a way of developing a regulatory framework for Singapore to have structured monitoring and reporting of potential cybersecurity threats.
Aside from the Breach notification to the Cyber Security Agency and sector heads, like MAS, there are also revisions on the Personal Data Protection Act to notify immediately the Personal Data Protection Commission as a mandatory initiative, along with the impacted individuals of data breaches.
Several efforts are also in the offing to make the cybersecurity ecosystem more interactive, focusing on regional sharing of knowledge and information.
For this year, the ASEAN-Singapore Cybersecurity Centre of Excellence will be introduced within the region, which seeks to strengthen the member states’ cyber strategy development, regulations, and guidelines.