How Firebreak™ and InsightBull offer a path forward for trust, isolation, and resilience
In April 2025, Singapore — globally recognised for its digital maturity and cybersecurity leadership — found itself grappling with a breach that exposed thousands of banking customers’ personal data.
This wasn’t the result of a system-wide compromise at DBS Bank or Bank of China (BoC). Instead, the attack came through a third-party vendor — Toppan Next Tech (TNT) — contracted to print physical customer statements.
More than 11,000 customers were potentially affected. Personal names, addresses, and details of equity positions and loan relationships were exposed. And though encryption was in place, the files were accessible — held on systems that remained continuously connected to the internet.
Connectivity is no longer neutral. It is exposure. And exposure is risk.
The Singapore breach reveals a powerful truth: in today’s cyber threat landscape, we don’t just need better defences.
We need fewer attack surfaces.
Fewer open doors.
Less exposure.
The answer?
Not just zero trust.
But zero presence.
This feature explores how Firebreak™, delivered into the market by InsightBull as strategic partner to the OEM, represents a pivotal shift from digital containment to physical isolation — and how Singapore’s financial ecosystem can lead this next evolution in cybersecurity.
What Really Happened in Singapore?
The ransomware attack occurred at TNT, a contracted vendor for DBS and BoC, responsible for printing and mailing customer statements.
The process was simple:
Banks sent encrypted data files to TNT. TNT stored and processed those files on internal systems. Attackers breached those systems — either exfiltrating or gaining access to sensitive, encrypted content.
While neither DBS nor BoC’s core banking systems were compromised, the trust placed in the vendor — and the assumption that encryption was sufficient — proved dangerously optimistic.
Encrypted files stored on always-connected infrastructure become potential trophies for attackers.
The issue isn’t just how well they’re protected — but why they were online in the first place.
The Core Risk: Unnecessary Connectivity
Cybersecurity today is fixated on three pillars:
Protect, detect, respond.
But when breaches happen at trusted vendors, infrastructure providers, or overlooked endpoints, those pillars don’t always stand.
Firewalls don’t block a vendor already inside the perimeter. Monitoring doesn’t matter if no one sees the breach in time. Encryption doesn’t guarantee safety if stolen files are cracked later.
We’ve focused so long on defending what’s connected, we’ve forgotten to ask:
Should it be connected at all?
Firebreak™: When Cybersecurity Starts With Disconnection
Firebreak™ is a patented hardware-driven segmentation solution, designed to physically isolate critical systems from digital attack surfaces — on demand, remotely, and without using any IP-based control mechanisms.
In essence, it disconnects to protect — rendering data stores, servers, or operational systems physically unreachable unless intentionally brought online.
No IP. No VPN. No endpoint to discover.
When disconnected, a Firebreak™-protected system simply does not exist on the network.
For vendors like TNT, Firebreak™ could have:
Kept sensitive data physically isolated from external threats Allowed time-based or role-based access only during approved print windows Prevented persistent exposure of customer data to a connected environment Stopped ransomware from seeing or stealing anything
The Legal Implication in Singapore: Is Always-On Still Reasonable?
Singapore’s regulatory leadership is undisputed. But the TNT breach raises a legal and ethical question: when technologies like Firebreak™ exist, can companies still defend always-on exposure as “reasonable”?
1. Under the PDPA (Personal Data Protection Act)
Organisations must “make reasonable security arrangements” to protect personal data. But “reasonable” is a moving target — and 2025’s standard is not 2018’s.
As technology like Firebreak™ becomes available, failure to use it in high-risk vendor environments may increasingly be viewed as negligent, especially in the eyes of the public, investors, and future regulators.
2. Under MAS Guidelines
The MAS Technology Risk Management Guidelines explicitly require:
Network segmentation Vendor oversight Zero-trust principles Attack surface minimisation
Firebreak™ not only enables physical segmentation — it fully enforces it, even when virtual controls fall short or are misconfigured.
The Role of InsightBull: Supporting Singapore’s Financial Trust Ecosystem
InsightBull, as the strategic lead and go-to-market partner for Firebreak™, is uniquely positioned to support Singapore’s financial institutions, regulators, and their trusted supply chains in adopting this next-generation disconnection model.
1. Enabling Deployment Across Critical Banking Functions
InsightBull is working directly with OEM, telco, financial, and infrastructure partners to deliver Firebreak™ into live environments — including:
Print and communications vendors (like TNT equivalents) SWIFT gateways and payment channels High-value customer data repositories Disaster recovery and resilience architectures
With sector-specific expertise, InsightBull helps localise the solution for Singapore’s regulatory and operational environment, ensuring physical disconnection is applied where it delivers the highest return on risk reduction — without impacting service delivery.
2. Helping Vendors and Third Parties Meet Bank Security Expectations
It’s not just the banks that need Firebreak™ — it’s the vendors they rely on.
InsightBull works with third parties to:
Reduce breach liability and risk exposure Build trust with financial institution clients Implement Firebreak™ without disrupting operations Improve standing with regulators and procurement teams
By helping third parties adopt stronger disconnection policies, InsightBull strengthens the entire ecosystem — closing gaps attackers increasingly exploit.
3. Supporting Regulatory and Strategic Dialogue
InsightBull actively engages with stakeholders across the Singaporean ecosystem to:
Champion disconnection as a proactive compliance asset Share global insights on evolving regulatory expectations Collaborate with institutions on pilot programmes and guidance Educate the market with case studies and thought leadership
Singapore’s regulatory bodies are agile. InsightBull’s role is to help them stay ahead, supporting the evolution of policy and security practice together.
Beyond Singapore: A Global Pattern Emerging
TNT is not an outlier. Worldwide, the pattern is clear:
Latitude Financial (Australia): Data breach via third-party access exposed 300,000+ IDs MOVEit exploit: Global software tool exploited, impacting banks, governments, and corporations Colonial Pipeline (USA): One compromised password on a dormant VPN brought down national infrastructure
The common theme?
Always-on systems connected to the wrong things, at the wrong time.
The difference with Firebreak™ is that it doesn’t just limit access — it removes exposure entirely.
If it’s not online, it cannot be breached.
What Firebreak™ Makes Possible
Imagine a future where:
Your most sensitive data is air-gapped by default A ransomware attack at a vendor finds no files worth stealing Third parties earn preferred vendor status by showing physical segmentation Regulatory audits see Firebreak™-protected systems as best-practice, not experimental
This isn’t a theory.
It’s a tested, supported, real-world solution — with InsightBull helping Singapore’s financial institutions adopt it before the next breach.
Final Word: From Recovery to Reinvention
Singapore has long set the pace in digital governance, but the TNT breach is a reminder: trust isn’t just about reputation — it’s about architecture.
In the face of increasingly advanced, persistent, and supply chain-driven attacks, Firebreak™ offers a tangible, immediate, and strategic advantage.
And InsightBull is ready to deliver that advantage — through technology, through ecosystem engagement, and through regulatory alignment.
Disconnect to protect.
The next era of trust in Singapore banking starts with a break.
Learn more at https://insightbull.co/goldilock-firebreak-disconnect-to-protect/