As reported in our blog earlier this year MAS guidelines are set to change the way financial institutions conduct business in Singapore.
Now, nearly four months past the compliance date of July 2014, we are revisiting the guidelines that surround the regulations. Non-compliance was said to result in the following implications for financial institutions:
- Financial penalties
- Reputational damage
- Revocation of licence to operate in Singapore
How many have fallen fowl of the penalties to date? We aren’t sure, but what we do know is if you are late in meeting the TRM Guidelines how BeyondTrust can help.
The TRM Guidelines specify technology processes and controls that financial institutions should implement in a range of functional areas, including risk management oversight and framework, system reliability, availability and recoverability, access control, provision of online services and payment mechanisms. The guidelines are broad and detailed—to a level previously only seen in the PCI DSS industry standards.
BeyondTrust offers an integrated IT Risk Management Platform that helps financial institutions in their compliance efforts across two key areas:
- Privileged account management to enforce least-privilege best practices and provide the access employees need to perform their jobs safely, without obstructing IT or end-user productivity
- Vulnerability management to identify exposures, analyse business impact, and plan and conduct remediation across diverse IT infrastructure
BeyondTrust in partnership with Bloor Research Analysts’ Fran Howarth have prepared BeyondTrust’s MAS TRM solution overview applicable to financial institutions worldwide. This document will provide you with a high level overview of everything you need to know about becoming MAS Compliant.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.