Operating from our regional hub in Singapore, FS-ISAC continues to build its presence across the Asia Pacific region. We work closely with partners such as the Monetary Authority of Singapore (MAS), collaborating through the CERES Forum for central banks and regulators. This year we also partnered to develop a framework for Responsible Disclosure Programs for the Singapore Banking sector.
In November, we signed a Memorandum of Understanding with South Korea’s FSI to establish an agreed and transparent approach to sharing and management of global cyber threat intelligence and to strengthen capabilities for understanding and responding to cybersecurity threats through mutual cooperation.
Given its role as a key strategic player in the global financial system, FS-ISAC is investing in building the Australian fincyber community through the creation of its Australian subsidiary, with a dedicated Regional Director and Intelligence Officers already on staff and another analyst being added in 2023 specifically to work on public-private partnership.
At our Sydney Summit and other member events this year, members engaged on a wide range of topics, from ransomware to risk quantification, and cyber hygiene to cyber resilience. Of special note was our Melbourne member meeting, where behavioral insights and the human factors in cybersecurity was a hot topic among members, who shared their best practices on how to encourage better cyber hygiene among staff and customers.
This year, we expanded two of our standing communities of interest to the APAC region, and created a committee to focus on deepening our presence in India.
The mission of the APAC BRC is to strengthen critical financial sector infrastructure in the region through a trusted information sharing community of business resilience and operational risk experts.
The committee plans and conducts exercises to enhance the operational resilience of the financial sectors’ critical functions and technology. It also serves to communicate impact and needs during a sector crisis through the maintenance of the Intelligence Sharing and Incident Response Playbook. The APAC BRC convenes on a bi-monthly basis under the guidance of two volunteer co-chairpersons. As of 30 November 2022, 35 members from about 20 member firms from 7 countries across APAC and EMEA have joined the APAC BRC.
The APAC Insurance Risk Council (IRC) is a forum for insurers to collaborate and share best practices to address emerging or existing cyber security issues and raise their security posture. It provides direction for the insurance sector to address cyber security risks and it advises members on cybersecurity-related incidents affecting the sector. The APAC IRC convenes on a quarterly basis under the expertise of a chairperson. As of 30 November 2022, about 20 member firms have joined the APAC IRC.
The India Strategy Committee (ISC) was set up to serve the security needs of the Financial Services industry in India, grow the member community and enhance collaboration. It aims at getting buy-in from local public and private stakeholders and it leverages FS-ISAC’s resources for members in India. The ISC reports to the APAC Strategy Committee (ASC).
Initial discussions to form APAC chapters of the Payment Risk Committee (PRC) and Post-Quantum Cryptography (PQC) Working Group have begun. There is also a strong appetite to build a new regional community around regulatory requirements to address challenges encountered by CISOs. The APAC team will continue their deep engagement with members and public partners while strengthening FS-ISAC’s brand awareness in Asia’s emerging economies.