.jpg)
The Monetary Authority of Singapore’s (MAS) Cyber and Technology Resilience Experts (CTREX) Panel1 convened to discuss a range of topics, including technology resilience, third-party risks, quantum security and digital financial scams at its inaugural meeting on 16 April 2025.
2 The CTREX Panel was formed in August 2024 to advise MAS on key emerging cyber and technology risks facing Singapore’s financial sector, and recommend strategies to enhance its resilience. The key insights and recommendations from the meeting include:
a. Adopting a service-centric approach to strengthen operational resilience. The panel highlighted the importance of viewing disruptions from the customer’s lens, and adopting an end-to-end approach in measures to enhance the availability and continuity of digital financial services. Financial institutions (FIs) were also recommended to move beyond routine, scripted IT disaster recovery exercises by incorporating unscripted elements into their regular disaster recovery drills. This will better prepare FIs to respond effectively to real-world IT incidents and strengthen their overall operational resilience.
b. Addressing third-party and open-source software risks in the IT supply chain. The panel emphasised the need for FIs to understand how specific risks may arise from their IT vendors and use of open-source software, in order to develop effective risk assessments and mitigation strategies. This includes maintaining a comprehensive inventory of IT components used within FIs, and mapping their third-party dependencies to address potential supply chain risks.
c. Preparing the industry for a post-quantum security landscape. The panel cautioned about the materialising security threats posed by quantum computers, and recommended that FIs inventorise, without delay, their use of cryptographic solutions across their operations. This will allow FIs to better prioritise the replacement of cryptographic solutions that are prone to quantum attacks.
d. Enhancing anti-scam measures. The panel highlighted the increasing sophistication of digital financial scams, and emphasised the need for FIs to adopt a multi-layered approach in addressing emerging scam campaigns. This could include the use of artificial intelligence for fraud detection, phishing-resistant authentication, greater information sharing among FIs on new scam typologies, and continuing to bolster customer education.
3 As part of the two-day event, CTREX members also engaged senior technology professionals from the financial industry through a seminar jointly organised by MAS and the Association of Banks in Singapore.
***
[1] The CTREX Panel comprises 13 global industry thought leaders, experts and practitioners in cybersecurity and technology resilience. Please refer to the Annex for the list of CTREX members.
