BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Addressing the MAS Technology Risk Management Guidelines with Privilege and Vulnerability Management

Posted March 12, 2014    Morey Haber

The Monetary Authority of Singapore (MAS) is Singapore’s central bank and financial regulatory authority. The MAS frequently releases guidelines that address emerging technologies and evolving threat landscape.

In June 2013, the MAS created an updated set of guidelines for Internet Banking and Technology Risk Management (IBTRM). This addendum mandates certain requirements for Technology Risk Management (TRM) and contains a set of guidelines (TRM Guidelines) and errata notices (TRM Notices).

The TRM Guidelines are statements of industry best practices to which Financial Institutions are expected to adhere. The guidance is not legally binding but is used by MAS in risk assessment audits of financial institutions.

BeyondTrust solutions for privileged account management and vulnerability management address several TRM Guidelines, including those outlined in the following sections of the latest MAS TRM Guidelines document:

  • Section 4: Technology Risk Framework
  • Section 6: Acquisition and Development of Information Systems
  • Section 9: Operational Infrastructure Security Management
  • Section 11: Access Control

Learn more about how BeyondTrust solutions map to the MAS TRM Guidelines in this white paper: Monetary Authority of Singapore: BeyondTrust Solution Overview.

Tags:
, , , , ,

Leave a Reply

Additional articles

flash-logo

Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled”…

Tags:
, , , , ,

Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)

Posted January 22, 2015    Scott Lang

In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report…

Tags:
, , , ,
Larry-Brock-CISO

Basic Blocking and Tackling for Defending Against Advanced Targeted Attacks

Posted January 22, 2015    Larry Brock

With football season at its pinnacle at both the college and professional levels, the best teams continually focus on the fundamentals that make them successful. In security, we need to do the same.  It is okay for us to have a few key plays, especially in certain industries where we have to focus on unique…

Tags:
, , , , ,