New APAC Center to Coordinate Threat Info SharingFS-ISAC, Monetary Authority of Singapore Collaborate on Project
The intelligence center is expected to begin operations in the first half of this year.
"The center will strengthen the APAC cybersecurity ecosystem by providing deeper capabilities in cyber intelligence gathering and analysis for enhanced in-region intelligence support," says Robert Poh, director of FS-ISAC's Singapore chapter. He notes that threat information sharing has been ongoing in the financial sector in the region, but the new center will directly support organizations in data analysis.
Many security leaders in the region welcome the formation of the new center.
"In this new initiative, the regulator will provide the necessary thought leadership, as the center can be used as a reference point for the regional economies to promote threat intelligence and establish a standard," says Singapore-based Chuan-Wei Hoo, technical adviser, Asia-Pacific at (ISC)². He explains that many banks in Singapore claim they have some sort of threat analysis and cyber threat intelligence, but most have not adopted a common intelligence framework for addressing cyber risks.
What's Different Now?
Members of the Singapore chapter of FS-ISAC have been informally sharing information on the latest cyber threats and breach incidents. In addition to helping facilitate that sharing, the new center will employ local analysts who will monitor cyber threats and provide analysis as well as recommend courses of action to mitigate those threats.
"Cyberattacks continue to increase globally and can move around the world instantaneously. Reliable, timely and actionable information and threat intelligence is critical to the security and resilience of the global financial sector," says Bill Nelson, FS-ISAC's president and CEO.
Nelson says the new initiative will enable financial firms to develop an even stronger community defense model and provide an important resource to deliver deeper analysis, mitigate risks and encourage greater collaboration.
"I believe the primary purpose for forming FS-ISAC's Singapore center is to collect primary data from APAC FIs directly as this is currently proprietary information owned by respective players or CERTs," says Andrew Koh deputy chief manager, risk management, China Construction Bank at Singapore.
Koh sees merit in FS-ISAC emphasizing helping organizations to monitor cyber threats and providing analysis, which will help banks design their plan of action.
Sopnendu Mohanty, chief FinTech officer at the Monetary Authority of Singapore, notes: "Considering the increasing interconnectedness of the financial services sector, sharing of timely and actionable cyber information between financial institutions is essential in building collective cyber resilience within the ecosystem. MAS believes that establishing the FS-ISAC APAC Intelligence Center will bolster the quality and timeliness of cyber threat intelligence received by financial institutions, strengthen cybersecurity risk management and response, as well as champion cybersecurity programs and initiatives in the APAC region."
But ovecoming resistance to data sharing will be a challenge for the new initiative, some security experts argue.
"The key issue would be about handling reputation management of various organizations who fear sharing data with the third party for fear of their data vulnerabilities getting exposed and also affecting their reputation," says Michael R. K. Mudd, managing partner at the security consultancy Asia Policy Partners.
Most financial institutions will need assurance from FS-ISAC or MAS about the confidentiality and privacy of data shared, he says. Institutions also must clearly understand how the data will be aggregated and shared and "what role MAS will play in the entire threat intel sharing game, which is not very clear," he adds.
While the center's functions will revolve around research, training and advisory services, its success will depend on MAS taking the leadership in providing timely, accurate threat intelligence, Hoo of (ISC)² contends. With MAS in the lead role, organizations in other parts of APAC will be more likely to share their data, he argues.
In a statement, however, MAS which is also a collaborative partner said the new center will be staffed and operated entirely by FS-ISAC Asia-Pacific.
In launching the new center, FS-ISAC will maintain the policies, procedures and controls to assure that threat information is properly gathered, stored, labeled and used in a manner that abides by all related sharing agreements, privacy protections, circles of trust, member operating rules, regional requirements and governing laws.