Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

MAS TRM guidelines require continuous compliance monitoring: Tenable

Nurdianah Md Nur | Aug. 6, 2014
Tools that automate and simplify the compliance monitoring process are thus needed.

Attley Ng of Tenable
Attley Ng, VP APAC for Tenable Network Security

Financial institutions in Singapore today need to have tools that automate and simplify the compliance monitoring process as the updated Technology Risk Management (TRM) guidelines by the Monetary Authority of Singapore (MAS) requires continuous compliance monitoring, said Attley Ng, VP APAC for Tenable Network Security.

The MAS TRM guidelines aim to provide financial institutions with a framework to address existing and emerging technology risk. According to MAS' website, the guidelines are frequently updated and the latest notices went into effect on 1 July 2014.

In the past, only systems that supplied online services were needed to comply with MAS TRM. Now, the guidelines require all infocomm technology systems within a financial institution to comply with it. Providing compliance will thus be a daunting task. Ng said: "Dealing with this complexity will require investments in procedures, personnel, software and hardware. Herein lies the main challenge-performing a gap analysis between what's there and what needs to be there, and then closing these gaps in a convenient and cost-effective manner."

To help financial institutions navigate compliance and continuously monitor for threats, Tenable recently rolled out its SecurityCenter Continuous View (CV) dashboard. Ng explained that the dashboard presents data collected from vulnerability scans, network monitoring, and real-time events in an "efficient format." By doing so, administrators are able to "drill down from high-level view into explicit details to identify issues that can cause non-compliance and/or security issues."

Since the dashboard tracks 10 domains of interest which are directly traceable to specific paragraphs in the MAS TRM guidelines document, customers can be assured that the SecurityCenter is TRM-ready too, said Ng.


Sign up for CIO Asia eNewsletters.