Money & Banking

RBI releases technology vision for cyber security for urban co-op banks

Our Bureau Mumbai | Updated on September 24, 2020

A differentiated tier-wise approach will be followed while prescribing cyber security controls for UCBs

Proposes five-pronged strategy to help UCBs guard themselves from cyber attacks

The Reserve Bank of India on Thursday came out with a Technology Vision for Cyber Security for Urban Co-operative Banks for 2020-23 listing action points for these lenders.

“The number, frequency and impact of cyber incidents and attacks have increased manifold in the recent past, more so in the case of financial sector including Urban Co-operative Banks (UCBs). It has, therefore, become essential to enhance the security posture of UCBs so as to prevent, detect, respond to and recover from cyber-attacks,” the RBI said.

A differentiated tier-wise approach will be followed while prescribing cyber security controls for UCBs with the tiers being decided based on risk exposure in terms of the digital services offered by the lenders.

“The board of the UCBs shall be assigned the primary responsibility for implementing the cyber security controls,” it further said.

GUARD approach

The vision document aims to achieve the objective through a five-pillared strategic approach call GUARD – including governance oversight, utile technology investment, appropriate regulation and supervision, robust collaboration and developing necessary IT, cyber security skills set.

As part of the action points, the RBI said matters related to cyber security need to be part of discussion in board meetings.

Noting that almost all UCBs are adopting digital technologies including expanding their footprint on digital delivery channels, it also said they would be required to develop own technology vision document outlining plans to incorporate IT solutions into their business in a secure manner along with a timeline for meeting the targets.

Also read: Cyberattacks rise as firms cut spends during Covid: Report

“Considering that implementation of cyber security controls will be capital intensive, UCBs may consider creating a reserve or fund earmarked for implementing IT or cyber security projects,” the RBI further said.

Business continuity plan

UCBs would be expected to prepare a Business Continuity Plan for all processes and ensure that it is well-communicated, well-rehearsed and reviewed periodically.

Further given their large numbers, the RBI has called for setting up effective offsite supervision of UCBs to monitor their compliance for cyber security guidelines as well as to have an overall and up-to-date understanding of the cyber security posture of the UCB sector.

Also read: Massive increase in mobile threats in Q2 2020: Kaspersky

“Digital regulatory reporting shall be explored for automation based on a predetermined interpretation of the relevant regulations and straight through reporting to the regulator in a standard format,” it further said.

Cloud services

The vision document also called for adopting cloud services and imparting technical skills for managing IT and cyber security issues at these lenders.

In the recent past, some UCBs have faced cyber-attacks and frauds, a prominent case being that of Pune based Cosmos Cooperative Bank.

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

Published on September 24, 2020
This article is closed for comments.
Please Email the Editor