Sonatype's co-founder and Chief Technology Officer, Brian Fox, has been appointed to the newly formed Cyber and Technology Resilience Experts (CTREX) Panel, established by the Monetary Authority of Singapore (MAS).
This international panel of 13 global experts will advise MAS on key cybersecurity and technology resilience risks. Fox and other leaders from major organizations like Microsoft, Google Cloud, and Nasdaq will guide Singapore's financial sector in improving technology and cyber resilience.
With its first meeting in mid-2025, the panel will help financial institutions tackle complex challenges and mitigate risks as Singapore continues its digitization efforts.
Regulatory shifts and a route forward for financial institutions
Over the past decade, Sonatype's annual State of the Software Supply Chain report has shown how regulators have increasingly focused on securing open source software, especially as its role in critical infrastructure has expanded.
Recent regulations such as the EU's Cyber Resilience Act and the U.S. Executive Order 14028 emphasized the need for software transparency through tools like software bills of materials (SBOMs), which help organizations track and secure the components upon which they rely.
Our forthcoming State of the Software Supply Chain report explores global expansion efforts. Notably, the Association of Southeast Asian Nations (ASEAN) is striving for a unified cybersecurity regulatory framework by 2025. This initiative seeks to establish common standards across its ten member states to combat growing cyber threats. It focuses on securing critical infrastructure, enhancing information sharing, and promoting international collaboration.
As regulators continue to raise the bar for software supply chain security, the financial sector must embrace transparency, accountability, and proactive security measures. You can visit our resource hub for more information on regulations and compliance around the globe.
Supporting financial services organizations
Fox's appointment underscores Sonatype's leadership in cybersecurity, particularly in the financial services sector.
With financial institutions increasingly reliant on digital solutions, Sonatype's advanced software composition analysis (SCA) tools help banks and financial services companies manage open source risk, strengthen cybersecurity, and maintain compliance with industry regulations.
As discussed in our recent Financial Services Webinar Series, cyber resilience is increasingly vital for banks and financial institutions facing rising threats. Sonatype's tools provide the ability to detect and fix vulnerabilities at scale, helping ensure security and compliance in an evolving digital landscape.
For more details, explore Sonatype's financial services solutions.
Open source in financial services: An ADDO session
Fox will also present at our upcoming All Day DevOps (ADDO) conference in a session titled "Open Source in Financial Services: Balancing Innovation and Security in a Highly Regulated Industry."
Join us on October 10, 2024, at 1:00 PM ET for a session featuring Fox and Tosha Ellison, Strategic Advisor at the Fintech Open Source (FINOS) Foundation. They will delve into the findings of the 2024 State of Open Source in Financial Services report, focusing on how financial institutions can effectively balance security and innovation within open source.
Key topics will include:
-
current security practices,
-
the challenges posed by regulations, and
-
the role of open source in supporting cloud computing, AI, and compliance.
Given the financial sector's reliance on open source and its susceptibility to cyberattacks, this discussion promises valuable insights into maintaining security while fostering innovation.
