Cloud Computing industry is well developed in Singapore, so it is not a big surprise seeing MAS TRM guideline has a section only on Cloud Computing. Reading the document as whole, it seems MAS is accepting the fact that cloud computing is or will be part of financial industry development. Section 5.2 Cloud Computing is …
When capturing and storing technology are so cheap, it is tempting for Gov to store everything. In this case, car plate images. I guess car rental business has another marketing theme to explore! Soon we will see computer rental and mobile phone rental. When trust is gone, people are willing to try extreme measures. There …
Since Singapore MAS released the TRM guideline last month, I believe many people are studying them (including me). Big Four accounting firms are usually most active in publishing explanatory reports and article with a purpose to generate more business leads. However, a group of Vmware certified professionals are taking the lead this time. They worked …
VCPs technical analysis on the MAS Technology Risk Management guidelines. Read More »
When attending a PWC Singapore meeting on new MAS guideline, there are many questions in my head regarding how the 1 hour incident reporting requirement could be fulfilled. The requirement requires banks operating in Singapore to report to MAS within one hour when relevant incident ( security breaches and malfunction) is discovered. There are a …
Singapore MAS Tech Risk Guideline (TRM) – Incident Reporting Read More »
In my last post, I wrote about an equity research report stated traditional outsourcing companies are losing. However, the big giants are not retreating without a fight. This war is real and happening. “IBM charged that the CIA improperly awarded the deal to Amazon Web Services  by failing to evaluate all the pricing scenarios.”URL http://gigaom.com/2013/06/07/gao-says-not-so-fast-on-proposed-secret-amazon-cia-cloud/ The $600Mil is now …
I am reading an equity research paper published by an investment bank this morning trying to balance my portfolio and gain some insights. The most surprising thing to find is not related to any investment advice or market prediction. It is about their statement on cloud computing. “The traditional IT services model is under attack …
Going to Vegas for the Amazon Re:Invent event is one of the best ways to learn about Cloud Computing and Cloud security. And the second best of course is to just browsing the slide decks or videos of the event, from your office or home. So here you go, fresh from the Internet, the course …
I talked about browser based security last week. As we have more and more cloud or web delivered applications, the browser is playing an important role. Most (if not all) user interaction in browser are programmed via javascript. With Cloud Computing, client side script will be playing a ever more important role. The data security and data …
Since I moved from an internal IT Risk manager to a security consulting firm, I have been involving in different discussions on web application security. These experiences made me think that browsers are not a security software and its design has little security consideration. Missing security features in browser is one of the root cause …