The cyber-attacks have been on a rise lately. The Reserve Bank of India has got many cases of the complaints of such cyber-attacks in the last few years. To take a measure in this regard, the RBI is planning to extend the cyber-audit of all the banks in the country. As until now, RBI used to conduct the cyber-audit in only few bigger banks and not all the banks. This is a policy shift for the Reserve Bank of India which has come up in order to deal with the increasing cyber-attacks in the country.
RBI will ensure that all the banks which do not have security measures in place comply the same as soon as possible. This security measures compliance has to be as per the RBI standards. RBI will give enough time to all the banks to comply the same, but if any of the banks fail to do so, the regulator may initiate a stringent action, the legal news says.
RBI told a newspaper daily, The Economic Times, that they had created a cyber-cell under the department of banking supervision. The banks also revealed that they conducted a separate IT audit of the three banks. RBI had already increased the audit in the last year to include more than 30 banks but this year the bank doesn’t want to let go even one bank. RBI wishes to cover each and every bank for the process of separate cyber-security and IT audit this year.
Further to this market news, RBI is also going to initiate a ‘gap analysis’ based on the reports and thereafter will ask the banks to bridge the gaps. In the earlier model, RBI used to conduct random cyber audits on the banks. The banks were then issued the reports from RBI in case a remedial action is needed. But since the last year this model was changed. RBI now has been carrying out IT examination of banks separately from the regular financial examination of banks.
If we look at the data of the year 2015-16 there were about 16.4 k cases related to cyber fraud. These cases were reported to include debit card, credit card and net banking breaches. This number was even higher than 13 k cases in the previous year and 9.5 k cases in the year before that.
Talking about the year 2017, as per the Indian Computer Emergency Response Team (CERT-In), India has witnessed more than 27 k cyber-security threat incidents only in the first half of 2017. These threats are related to phishing attacks, website intrusions, defacements or damages to data, and ransomware attacks. In the previous year of 2016, nearly 50,362 incidents related to cyber-security were recorded while the incidents were 49,455 in 2015 and 44,679 in 2014.
The cyber-security frame work requires the banks to report any breach within 2-3 hours. Along with a national level CERT-in, now there will be a Fin-CERT also parallelly working to deal with financial sector breaches.
For more on Business & Share Market News, visit BloombergQuint.
Related articles:
- ATM card fraud: What it is ? How to avoid ATM Card fraud?
- Vijay Mallya: Rise and Fall of King of Good times
- India and bitcoin
- President of India and Rashtrapati Bhavan
