MAS’ Cyber Security Advisory Panel Proposes Ways to Tackle Mobile Malware Scams and Generative AI Risks for the Financial Sector

On October 30, 2023, the Monetary Authority of Singapore (MAS) published a press release to inform of the seventh annual meeting of its Cyber Security Advisory Panel (CSAP) which was held on October 24 and 25, 2023. During this meeting, the panel discussed global cybersecurity trends and their impact on the financial sector and identified steps to address „mobile malware scams“ and risks stemming from the use of generative artificial intelligence (AI) in financial institutions. Key takeaways from the meeting are as follows:
– Participants emphasized the need to collaborate with technology suppliers to reduce the threat of mobile malware-enabled scams.
– Participants noted the need to strengthen multi-factor authentication (MFA) for mobile banking and payments. In this context, they strongly recommended the adoption of “passwordless” and “out-of-band” authentication; latter requires authentication via a separate communication channel.
– Participants also discussed the need for raising awareness about the potential advantages and drawbacks associated with the expanding integration of AI. With more financial institutions (FIs) turning to AI to improve their systems and operational procedures, there’s a growing need to mitigate potential risks like the leakage of sensitive data and data manipulation. To address these risks, FIs should implement adequate protective measures, such as educating their employees about the safe utilization of AI and establishing comprehensive data handling policies.
– Participants further noted that AI-powered solutions may also be used by FIs in various other domains, including enhancing secure code development, strengthening security monitoring, conducting threat detection, and carrying out red-team exercises. These measures can significantly enhance the efficiency and resilience of their cybersecurity defenses, so the Panel.