The assessment of gaps in banks’ cyber security preparedness reveals that barring a few banks the gaps are significant, more so in respect of public sector banks, according to the RBI.

This warrants immediate and continued attention of the boards and senior management of banks, said Deputy Governor SS Mundra, at a recent seminar on ‘Financial Crimes Management’ organised by CAFRAL.

“In the changed world, if bank boards do not have expertise in this (cyber security) area, it would become a handicap in the smooth operations of banks.

“Second, the traditional ways of allocating budgets for IT services in general and cyber security in particular need to undergo a radical change leading to need-based assessment and cost-effective solutions,” he said.

The Deputy Governor noted that the scare that was created during a recent ATM/debit card incident clearly indicates that cyber security requires top attention by the boards.

Referring to an article published by Risk.Net on the ‘Top 10 Operational Risks for 2017’, Mundra said it indicated cyber risk to be uppermost in the minds of chief risk officers.

In this regard, the Deputy Governor emphasised that it is important that the CISO (chief information security officer)is sufficiently senior in hierarchy;understands technology well; appreciates the security aspects of all the technologies adopted by the bank; is responsive; and is sufficiently enabled to stall launch of unsecured products, whenever necessary.

“However, ground realities do not provide the needed comfort. I want to use this forum to reiterate that the role of CISO needs to be clearly articulated and reinforced immediately,” he said.

The RBI has observed that in many cases the banks react to cyber incidents in a knee-jerk and an ad-hoc manner which at times has a potential to jeopardise future investigations.

“Having a thorough plan of action with clearly identified roles and responsibilities in the event of cyber incidents is a must in today’s environment,” said Mundra.

Related Topics
comment COMMENT NOW