The Monetary Authority of Singapore (MAS) has underscored the need for a concerted effort to drive cyber security standards adoption across IT supply chains, with its Cyber Security Advisory Panel citing the need for a renewed focus on strengthening security against cyber-attacks on IT supply chains.
The issue was discussed at the fifth annual meeting of the central bank and financial regulatory agencies’ Cyber Security Advisory Panel (CSAP). The panel stressed the importance of adopting cyber security standards throughout IT supply chains and also emphasised the importance of incorporating security considerations throughout the system life cycle.
Our Cyber Security Advisory Panel has provided us rich insights on how the financial industry can deal with these threats. MAS and the industry will maintain a cooperative, proactive and agile posture to manage the rapidly changing cyber risk landscape.
– Ravi Menon, MAS Managing Director
Key insights from the CSAP meeting include:
- Strengthening the security of IT supply chains against cyber-attacks. The Panel stressed the importance of a coordinated effort to accelerate cyber security standards adoption across IT supply chains and to incorporate security considerations throughout the system life cycle, according to the report. They also emphasised the value of effective system monitoring and regular log review in detecting suspicious cyber activity quickly.
- Increasing the security of online payments and banking. Multi-factor authentication (MFA) remains an important and successful technique for protecting digital financial services, according to the Panel. However, because any authentication factor, whether based on SMS, software tokens, or biometrics, could be compromised, the Panel suggested that FIs use transaction notification and data analytics in addition to MFA to proactively detect cyber-attacks.
- Defending against ransomware attacks. To deter and disrupt ransomware attacks, the Panel stressed the importance of an ecosystem strategy that fosters closer cross-border collaboration and public-private partnerships. The Panel recognised the significance of securing golden source backup data for successful service recovery and advised FIs to consider deploying ransomware-resistant immutable data storage systems.
- Securing digital currencies and blockchains. Most blockchain developers’ security awareness and skill were not where they needed to be, according to the Panel, and more should be done to increase security in their software development lifecycle. The Panel also stressed the importance of developing a sufficient pool of IT specialists who are knowledgeable in both blockchain technology and cyber security, as well as making additional tools available to aid in the implementation and testing of blockchains’ security.
“MAS is paying close attention to the rising occurrences and severity of ransomware and IT supply chain attacks globally,” said Ravi Menon, MAS managing director. “These attacks have led to massive financial losses and disruptions of essential services. Meanwhile, the CSAP noted that multi-factor authentication (MFA) remained a key and effective tool for securing digital financial services.
OpenGov Asia reported that the Cyber Security Agency (CSA) has launched a series of tool kits for enterprises, which provide guidance on cybersecurity issues tailored for senior business leaders, owners SMEs, as well as employees. The new toolkits help to simplify cybersecurity and enable businesses to make more informed trade-offs between security, system usability and cost.
The toolkit for enterprise leaders and SME owners will focus on the business reasons for business leaders and SME owners to invest in cybersecurity, such as rationalising investment in cybersecurity, and how fostering a culture of cybersecurity would enable enterprises to reap the benefits of digital transformation.
In addition, the Panel exchanged views with the Association of Banks in Singapore Standing Committee on Cyber Security (SCCS) and the Insurance SCCS on their latest industry initiatives, including the adversarial attack simulation or red teaming exercise and bug bounty programme, as part of the two-day virtual meeting programme. The Cyber Security Agency of Singapore, the Defence Science and Technology Agency, the Government Technology Agency, the Infocomm Media Development Authority, the Ministry of Communications and Information, and the Smart Nation and Digital Government Office were among the participants.
The Singapore Tourism Board (STB) and Singapore Association of Convention & Exhibition Organisers & Suppliers (SACEOS) released the MICE Sustainability Roadmap, which outlines specific goals and plans for raising sustainability standards throughout the MICE sector in Singapore over the coming years.
The Meetings, Incentives, Conventions, and Exhibitions (MICE) industry is a type of tourism travel in which groups of people are brought together for a specific reason, usually well in advance. On the other hand, the MICE market refers to a subset of people who plan, arrange, and facilitate conferences, seminars, exhibitions, and other events.
Part of STB’s overarching plan to develop a sustainable tourism sector is the use of such roadmaps, which direct businesses in the sector to achieve specific sustainability goals. Following the launch of the Hotel Sustainability Roadmap earlier this year, the MICE Sustainability Roadmap is the second such project.
The Singapore Green Plan 2030 and the Sustainable Development Goals of the United Nations (UN) serve as the roadmap’s guiding principles. Three goals are listed in the MICE Sustainability Roadmap to help Singapore become one of the most environmentally-friendly MICE destinations in Asia Pacific:
- By 2023, create a set of industry-acceptable sustainability standards with the goal of having them recognised internationally by 2024.
- For all six purpose-built MICE venues and 80% of SACEOS members to get internationally or nationally recognised sustainability certification, or both, by 2025.
- To attain net-zero emissions by 2050 in accordance with the country’s net-zero aim, the Singapore MICE sector must first track waste and carbon emissions by 2023, reduce waste in line with the Singapore Green Plan by 2030, and reduce waste overall by 2050.
The MICE Sustainability Committee (MSComm), established by STB and SACEOS in August 2022 to advance sustainability capabilities and create awareness of sustainability initiatives and best practices, will help the industry adopt sustainable practices and meet these goals.
The dedication to sustainability follows a robust MICE rebound in the wake of Singapore’s borders being reopened in April this year and a rising desire for environmentally friendly business travel. More importantly, the industry is aware of how crucial it is to lessen the environmental impact of MICE events.
With STB and SACEOS leading the charge and offering support as necessary to further develop a sustainable business events landscape in Singapore, the MICE Sustainability Roadmap will ensure that MICE players move forward in pursuing relevant and achievable sustainability goals that are tracked at appropriate milestones.
Meanwhile, OpenGov Asia recently reported that the Infocomm Media Development Authority (IMDA) of Singapore is working with a large American technology company to address climate change-related challenges and enhance the sustainability of digital technologies.
The cooperation aims to hasten the local and international development of software applications and solutions to assist businesses in using their resources more efficiently.
The tech giant and IMDA will exchange best practices, standards, learnings, and certification pathways for accurate measurement and reporting of carbon emissions resulting from software applications. Through this relationship, the nation hopes to speed up the application of the ideas and resources needed to create green technologies.
According to IMDA, Southeast Asia is well-positioned for the region to take the lead in digital sustainability. This collaboration will produce cutting-edge digital sustainability solutions that can be used by multinational corporations, bringing about positive change for the environment worldwide and ensuring a sustainable future for all.
The Singapore University of Technology and Design (SUTD) and Tecnológico de Monterrey (Tec) through its Institute for the Future of Education, signed a research collaboration agreement to improve the cyber-physical learning of students and teachers in Singapore and Mexico.
The three-year agreement will see the two parties share practices and experiences in the configuration and usage of cyber-physical learning infrastructure to create new opportunities for educational innovation and research, resulting in new pathways for the future of education.
The SUTD-Tec’s Institute for the Future of Education agreement will foster the exchange and sharing of practices of cyber-physical learning and evaluation of the effectiveness of associated educational delivery models. Both parties will conduct joint experiments involving students and instructors to explore domains such as technology-enabled learning, translational pedagogical innovations, learning analytics, and personalised and engaging learning.
This research collaboration will have its focus on the SUTD campusX initiative, which focuses on the needs and experiences of students and instructors using data analytics and learning sciences with the purpose of creating a safe, inclusive, and enjoyable space for students to learn, interact and optimise their learning outcomes.
With regards to the campusX and its impact on the future of education, SUTD’s Provost stated that both Tec and SUTD share a common vision of cyber-physical learning, with similar interests and understanding of the challenges in areas of applying human-centric technology and design to the practice of pedagogy and andragogy in actual higher learning environments. This forms a strong basis on which many more projects can be conducted between Tec and SUTD. The current research collaboration is an important start and SUTD looks forward to furthering the partnership with Tec in years to come.
He noted that, similarly, SUTD also looks forward to working with more like-minded partners across academia and industry and from local and global landscapes to make cyber-physical learning a reality.
Speaking about the research collaboration between the two renowned higher education institutions, the Rector for Higher Education of Tecnológico de Monterrey expressed his satisfaction with the signing of the agreement and said that to advance in current-day education challenges and design the future of education, collaboration is key.
He noted that Tec has pioneered educational innovation in Mexico and Latin America, and they aim to expand their projects and initiatives to have an increasingly global relationship and impact. An initiative aimed at strengthening links with Asia is being developed; these collaborations with them will extend to the areas of research, education, and technology.
Furthermore, the Executive Director of the Institute for the Future of Education of Tecnológico de Monterrey emphasised the importance of this kind of agreement between both universities. He noted that conducting joint experiments to evaluate innovative cross-border educational models will be key to developing effective cyber-physical learning environments.
The collaborative project with SUTD’s campusX initiative will increase learning opportunities for global higher education audiences, capitalising on the intercultural exchanges between Singaporean and Mexican students and professors, and developing best practices with an international perspective, he added.
The research activities framed in this agreement are slated to begin in the first quarter of 2023 and the experimental and simulated learning environment trials will result in the identification of best practices in digital education delivery models supported by effective cyber-physical technology platforms.
The Indian Institute of Technology, Madras (IIT-Madras) has launched an online masters in technology (MTech) course for working professionals, allowing candidates to pursue the educational qualification while working. According to a statement, the tailor-made online programme for qualified engineers is gaining popularity and over 600 working professionals have already enrolled for the three-year course.
The MTech degree includes programmes on communications, VLSI and analog circuits, microelectronics, multimedia signal processing, software security, automotive engineering, mechanical design, interdisciplinary programmes in quantum technology, and data sciences.
IIT-Madras is the first IIT to offer an MTech course in a distance learning mode through its Centre for Continuing Education. “The students of this programme have the same rights and privileges as regular students. The working professionals can carry out the project work at their workplaces. They do not need any residency as compared to sponsored candidates,” a representative from the IIT-Madras said. From only 14 candidates in 2020, the number has shot up to 605 this year.
IIT-Madras faculty, teachers from other premier academic institutions, and eminent industry professionals will be conducting the classes. Apart from online classes, which are held in the evening, students will also have live interaction with their faculty members. Students will give exams in the same city as their offices. In terms of the evaluation method, a problem statement will be evaluated and approved by IIT-Madras faculty. A mentor will guide the student at their workplace. The student’s progress will be jointly evaluated by faculty from IIT-Madras and the mentor. The faculty member will approve the problem statement and review the progress.
In September, IIT-Madras launched an industry-oriented Online Certificate Programme on e-mobility for working professionals. Four out of the nine modules in the programme are delivered by industry professionals. The programme was conceived with inputs from industry experts and would be continuously upgraded based on technology trends, market trends, and industry needs, the Institute noted.
The course is offered through IIT-Madras’ Centre for Outreach and Digital Education (CODE). It provides an overview of the e-mobility ecosystem and fundamentals in technical areas like vehicle development, power electronics, battery engineering, thermal management, power trains, and EMI/ EMC, among others. The programme contains 120 hours of video classes and 40 hours of online contact classes with the faculty. The candidates need to complete regular assignments and a final evaluation, after which they will receive a certificate. The first cohort started at the beginning of October.
In November, the Institute partnered with United States-based Purdue University to jointly develop a dual-degree programme in semiconductors. As OpenGov Asia reported, the programme focuses on an innovative, cooperatively developed curriculum to meet the growing needs of the industry. Undergraduate students with strong academic credentials and a deep interest in semiconductor devices, chip fabrication, and circuits and systems will be considered. The programme will enable a quick ramp-up of skilled talent, preparing the next generation of the semiconductor workforce. The partnership would also entail research collaboration in semiconductor supply-chain management, chip design, packaging, system architecture, and advanced manufacturing methods
Australia’s national science agency, CSIRO, recently revealed details of an AU$15 million project to develop a national soil information system, aimed at improving the sustainable management of one of the nation’s most precious assets.
Supporting the National Soil Strategy, and funded by the Australian Government’s Department of Agriculture, Fisheries and Forestry, the Australian National Soil Information System (ANSIS) project is a collaboration between the government, research organisations, industry, the private sector and the community.
Using innovative processes and technologies, ANSIS will allow improved sharing of nationally consistent soil data and information through online access for users. This will help Australians to better understand their nation’s diverse range of soils and make better decisions about managing our important soil resources. Currently, soil data is collected using different methods, by different organisations, and at a range of depths in the soil. This makes it hard to access, compare and use data from diverse sources.
The Project Lead at CSIRO stated that improving access to the best soil data and information can help promote digital agriculture innovation and is key to sustainably managing Australia’s soils. By using ANSIS, farmers and agricultural advisors will have access to more soil data and be better placed to more sustainably manage the soil on which they rely.
Soil is vital to agricultural production and natural environments, as well as health and well-being. This information system will help everyone care for this important natural resource. Productive, healthy, and resilient soil means more economic, environmental, and social benefits to Australia. Monitoring soil also helps scientific understanding of how the natural world is changing.
This work will provide insight into biodiversity, water resources, landscapes and coastlines, fauna, climate, and geology. By harmonising Australia’s soil data, we can make it accessible across many fields of science and exploration. The project is being delivered under the Federal Government’s National Soil Strategy, which is about prioritising soil health, empowering soil innovation and stewards, and strengthening soil knowledge and capability. The new ANSIS system will be available for use in 2023.
ANSIS will provide improved access to nationally consistent soil data and information needed to help sustainably manage Australian soil. ANSIS will provide:
- More soil data
- More data sets are available that in other soil systems
- Enables more certainty in products developed
- Opportunity to develop new products
- Improved access
- Multiple data sets are now discoverable and accessible
- National coverage
- Most up-to-date data available
- Efficient provision
- Organised and standardised data for immediate use
- Can feed into many users’ requirements
- Consistent delivery
- Substantial reduction in time to prepare information products
- Trusted location
- Certainty that data is from an authoritative source, verified and satisfies standards.
The country has established the Indonesian Aviation Sector Computer Security Incident Response Team (IAS-CSIRT) to strengthen cybersecurity. The team will report to the Ministry of Transportation’s Director General of Air Transportation.
To anticipate system vulnerabilities, identify opportunities for bad actors to exploit, and reduce the risk of cyber incident threats, the aviation sector required a dedicated cybersecurity team. The CSIRT will regularly publish information on vulnerabilities, security, and new technology trends. The team is also prepared to face various escalating challenges. Members of the CSIRT will be trained through cyber drills and workshops.
The team is in charge of receiving, reviewing, and responding to cyber incident reports and activities with the function of providing reactive services by performing incident coordination, incident triage, and incident resolution.
During the IAS-CSIRT inaugural speech, the Deputy for Cybersecurity and Economic Cryptography of the National Cyber and Crypto Agency (BSSN), Markos, said that the aviation industry increasingly relies on digital technology for flight operations, ground services, communications navigation and surveillance, airport infrastructure, air traffic management, and supply chain.
Therefore, cybercrime prevention and management are crucial for many parties, including aviation service providers. F. Budi Prayitno, the Director of Aviation Security at the Ministry of Transportation, outlined the importance of cyber defence since cybercrime has resulted in considerable losses across sectors. “Effective cyber-crime prevention and management necessitate the collaboration of various cyber security stakeholders who already have a CSIRT,” said Budi. The BSSN contributed to the formation of the IAS-CSIRT.
Markos hopes that the IAS-CSIRT will be able to collaborate, synergise, and share information with various stakeholders and other cybersecurity constituencies in Indonesia, particularly in the handling and recovery of cyber incidents.
BSSN wants other sectors to form a CSIRT as well. The IAS-CSIRT was established for the first time (IIV) following the issuance of Presidential Regulation 82 of 2022 concerning the Protection of Vital Information Infrastructure. Sector IIV prioritises the CSIRT because it manages various strategic information assets related to community survival, national stability, and sovereignty.
Before the inauguration, BSSN signed a memorandum of understanding (MoU) and cooperation agreement with state-owned Aviasi Wisata Indonesia (InJourney Group) to support the tourism industry. In addition, cooperation on information protection and electronic transactions intends to improve the quality of information protection and electronic commerce.
The agreement’s scope includes information and communication technology security, the use of electronic certificates to improve electronic transaction security, the improvement and development of human resources, the exchange of information, and cybersecurity campaigns and literacy.
At the signing ceremony, the Head of the National Cyber and Crypto Agency (BSSN), Hinsa Siburian, emphasised the importance of synergy and collaboration to recover the Indonesian aviation and tourism industry through a reliable and safe digital transformation.
Furthermore, between January and November 2022, BSSN detected over 1.14 million traffic anomalies across all InJourney Group assets. BSSN said the most anomalies were discovered in August, with 235,742 events.
The collaboration is expected to make digital information transactions and exchanges more secure and leak-proof. The rapid advancement of digital technology presents an opportunity for Injourney to gain trust and confidence in the Indonesian tourism industry. However, as a result, it must be balanced with maximum data, information, and electronic transaction security.
China Provincial Development and Reform Commission announced the list of the second batch of digital transformation promotion centres in Liaoning Province. There are 13 additional provincial-level digital transformation promotion centres to help small and medium-sized enterprises improve transformation capabilities, reduce transformation costs, and shorten transformation cycles. There are currently 29 digital transformation promotion centres in the province, in addition to the previously announced first batch of lists.
The centres will assist the government in promoting digital construction in Liaoning and cultivating a digital transformation ecology. The programme is under the construction of the second batch of digital transformation promotion centres in Liaoning Province according to the Provincial Development and Reform Commission. The listed enterprises in this programme are based on self-declaration and recommendations from provincial and municipal departments. Experts then review the voluntary requests before being finalised and publicised.
According to the Provincial Development and Reform Commission, the digital transformation promotion centre should fully integrate resources to assist small and medium-sized enterprises.
The province government will provide transformation tools, products, technologies, and customised solutions to support business digital transformation and development. The centre promotes traditional businesses, internet platform enterprises, industry platform enterprises and financial institutions.
The government also promotes collaborative innovation in industries, education, medical care, employment, elderly care, and other fields. Companies participating in the programme will use the projects as a starting point to develop digital technology application scenarios. Participants in the programme are also permitted to complete personnel training with universities and colleges and vocational training and education.
The Provincial Development and Reform Commission will regularly evaluate provincial-level digital transformation promotion centres. The results will be used to recommend applicants for national-level digital transformation promotion centres.
China is currently driving the country’s digital economy. In early November, the General Office of the Ministry of Industry and Information Technology issued the “Guidelines for the Digital Transformation of SMEs.” The regulation aims to fully implement the Party Central Committee’s and State Council’s decision-making deployment to encourage SMEs to improve their overall strength and core competitiveness through digital transformation.
The General Secretary of the Communist Party of China, Xi Jinping, stated that “small and medium-sized enterprises can do great things.” He also emphasised the importance of grasping the direction of digitisation, networking, and intelligence. Moreover, promoting the digitisation of manufacturing, service industries, agriculture, and other industries is also necessary.
The guidelines aim to implement Party Central Committee and State Council decision-making and deployment, strengthen policy coordination, strengthen scientific guidance, deepen transformation awareness, and gather work synergy. The report also needed to promote high-quality economic development through the digital transformation of small and medium-sized businesses. The effort also had to be consistent with the overall economic and social digital transformation trend.
Furthermore, China will use the guidance to increase specialisation and new development of small and medium-sized businesses. The government intends to expand the use of digital technology in various sectors, including research, production, supply, marketing, and clothing. They plan to empower and refine products, increase value, plus accelerate technological innovation and new development in small and medium-sized businesses.
Another role of guidance is strengthening the digital transformation system and the comprehensive path of small and medium-sized businesses. Digital transformation is a multifaceted, cross-cutting project. The guidelines thus aid transformation from the demand side, the supply side, and local governments at all levels. All interested parties can use the guidelines to clarify their positioning and path and strengthen the collective force of transformation.
Stakeholders in the payments industry were challenged to step up their technological advancement. The appeal was issued as a government effort to ensure that the country stays current in advancing the money and payments landscape.
“My overarching message is that we all work and live in a period of substantive change. (The change) offers enormous opportunity if embraced, but potentially greater risk if not,” Karen Silk, Assistant Governor of the Reserve Bank of New Zealand – Te Ptea Matua, said at a conference in Auckland.
Silk emphasised the technological improvement needed because New Zealand does not yet have scalable electronic, instant, peer-to-peer payments and lacks real-time retail payment systems. She also encouraged speeding up the fintech developments in the country. She noted that the country could become more digitally competitive by nurturing home-grown fintech enterprises.
The government has recognised the importance of increasing domestic competition and efficiency savings in the payment space and the broader financial system. However, lingering reliance on legacy systems, failure to understand regulatory impetus and focus, and limitations in cohesion and provision of regulatory support for innovation are impeding real progress.
Nevertheless, Silk praised recent legislative changes. Financial regulators provide a one-stop shop for fintech firms and system-level work to improve cross-border payments. The positive movement makes domestic interbank payments available seven days a week.
Silk stated that challenges could arise from new players who “inadvertently” introduce design or technology risks. She called it a risk as the nature of the business avoiding New Zealand regulation or undermining the role of central bank money, whether cash or a possible Central Bank Digital Currency (CBDC). Even though the Reserve Bank is still researching the CBDC.
The Reserve Bank of New Zealand published a paper recently describing the current state of the country’s payments system. It will issue another next month, consulting on the potential need to regulate private crypto assets until March 2023.
The Reserve Bank remains committed to improving the cash system’s efficiency and resilience to ensure that it continued providing payment options for everyone and financial and social inclusion for those who rely on it, Silk said. Next year, the Bank has planned small live experiments to investigate various ways to expand merchants’ roles in the cash system.
This could include assisting merchants in recycling cash at the point of sale; compensating them for cash-out services; facilitating frequent, affordable cash delivery and collection for merchants; and consolidating the cash system through the creation of utility entities, Silk explained.
Payments represent the flow of money. Sooner or later, the global payment evolution will also impact New Zealand. Hence, the country demands better, smarter, and faster payment. As a result, the study of payments has come under scrutiny.
Only some understand the intricacies of New Zealand payments, and because they are complex and interconnected, creating a single view of the payments landscape takes time and effort. Furthermore, payment systems and services differ from country to country.
The Reserve Bank plays a multifaceted role in the payment landscape. The bank runs, participates in, regulates, and monitors core payment systems. It has also recently taken on the part of money steward in New Zealand. In addition, it is interested in supporting and ensuring that money and payment systems are efficient and reliable and supporting innovation and inclusion.