To take your ideas to Policymakers, Join the Campaign of #PolicyPulse Write to feedback@policypulse.com

Develop cyber security policy immediately: RBI tells banks

The central banks have asked for the cyber security policy to be separate from the broader IT policy

Policy Pulse
Publish Date: Jun 3 2016 12:49PM | Updated Date: Jun 3 2016 4:25PM

Develop cyber security policy immediately: RBI tells banks

Reserve Bank of India (RBI) has asked banks to immediately put in place a cyber-security policy to tackle internet-based threats to the banking system.

 

"In view of the low barriers to entry, evolving nature, growing scale/velocity, motivation and resourcefulness of cyber-threats to the banking system, it is essential to enhance the resilience of the banking system by improving the current defences in addressing cyber risks," the Reserve Bank said in a notification.

 

It further said that the cyber security policy should be separate from the broader IT policy so that it can highlight the risks from cyber threats and the measures to address / mitigate them.

 

Noting that the use of technology by banks has gained momentum, RBI said the number, frequency and impact of cyber incidents/attacks have increased manifold in the recent past, more so in the case of financial sector.

 

This underlines the urgent need to put in place a robust cyber security/resilience framework at banks and ensure adequate cyber-security preparedness among banks on a continuous basis, it said.

 

The central bank said a Cyber Crisis Management Plan (CCMP) should be immediately evolved and should be part of the overall Board approved strategy.

 

"CCMP should address the following four aspects - detection, response, recovery and containment," RBI said.