An increasing number of financial institutions (“FIs”) are using public cloud services for their operations, as the COVID-19 pandemic continues to accelerate the pace of digital transformation. On 1 June 2021, the Monetary Authority of Singapore (MAS) issued an advisory highlighting some key risks and control measures that FIs should consider before adopting public cloud services. The advisory does not set out legal obligations per se, but instead offers specific guidance on managing cloud-related risks. In doing so, the advisory aims to supplement other MAS documents, which include the more general notices (e.g., on technology risk management and cyber hygiene for particular sectors) that set out legal requirements for FIs.
Join us to learn about:
• Develop a public cloud risk management strategy that takes into consideration the unique characteristics of public cloud services
• Implement strong controls in areas such as Identity and Access Management (IAM), cyber security, data protection and cryptographic key management
• Manage cloud resilience, outsourcing, vendor lock-in and concentration risks