To take your ideas to Policymakers, Join the Campaign of #PolicyPulse Write to

Develop cyber security policy immediately: RBI tells banks

The central banks have asked for the cyber security policy to be separate from the broader IT policy

Policy Pulse
Publish Date: Jun 3 2016 12:49PM | Updated Date: Jun 3 2016 4:25PM

Develop cyber security policy immediately: RBI tells banks

Reserve Bank of India (RBI) has asked banks to immediately put in place a cyber-security policy to tackle internet-based threats to the banking system.


"In view of the low barriers to entry, evolving nature, growing scale/velocity, motivation and resourcefulness of cyber-threats to the banking system, it is essential to enhance the resilience of the banking system by improving the current defences in addressing cyber risks," the Reserve Bank said in a notification.


It further said that the cyber security policy should be separate from the broader IT policy so that it can highlight the risks from cyber threats and the measures to address / mitigate them.


Noting that the use of technology by banks has gained momentum, RBI said the number, frequency and impact of cyber incidents/attacks have increased manifold in the recent past, more so in the case of financial sector.


This underlines the urgent need to put in place a robust cyber security/resilience framework at banks and ensure adequate cyber-security preparedness among banks on a continuous basis, it said.


The central bank said a Cyber Crisis Management Plan (CCMP) should be immediately evolved and should be part of the overall Board approved strategy.


"CCMP should address the following four aspects - detection, response, recovery and containment," RBI said.