Comments
The Reserve Bank of India on Thursday came out with a Technology Vision for Cyber Security for Urban Co-operative Banks for 2020-23 listing action points for these lenders.
“The number, frequency and impact of cyber incidents and attacks have increased manifold in the recent past, more so in the case of financial sector including Urban Co-operative Banks (UCBs). It has, therefore, become essential to enhance the security posture of UCBs so as to prevent, detect, respond to and recover from cyber-attacks,” the RBI said.
A differentiated tier-wise approach will be followed while prescribing cyber security controls for UCBs with the tiers being decided based on risk exposure in terms of the digital services offered by the lenders.
“The board of the UCBs shall be assigned the primary responsibility for implementing the cyber security controls,” it further said.
GUARD approach
The vision document aims to achieve the objective through a five-pillared strategic approach call GUARD – including governance oversight, utile technology investment, appropriate regulation and supervision, robust collaboration and developing necessary IT, cyber security skills set.
As part of the action points, the RBI said matters related to cyber security need to be part of discussion in board meetings.
Noting that almost all UCBs are adopting digital technologies including expanding their footprint on digital delivery channels, it also said they would be required to develop own technology vision document outlining plans to incorporate IT solutions into their business in a secure manner along with a timeline for meeting the targets.
Also read: Cyberattacks rise as firms cut spends during Covid: Report
“Considering that implementation of cyber security controls will be capital intensive, UCBs may consider creating a reserve or fund earmarked for implementing IT or cyber security projects,” the RBI further said.
Business continuity plan
UCBs would be expected to prepare a Business Continuity Plan for all processes and ensure that it is well-communicated, well-rehearsed and reviewed periodically.
Further given their large numbers, the RBI has called for setting up effective offsite supervision of UCBs to monitor their compliance for cyber security guidelines as well as to have an overall and up-to-date understanding of the cyber security posture of the UCB sector.
Also read: Massive increase in mobile threats in Q2 2020: Kaspersky
“Digital regulatory reporting shall be explored for automation based on a predetermined interpretation of the relevant regulations and straight through reporting to the regulator in a standard format,” it further said.
Cloud services
The vision document also called for adopting cloud services and imparting technical skills for managing IT and cyber security issues at these lenders.
In the recent past, some UCBs have faced cyber-attacks and frauds, a prominent case being that of Pune based Cosmos Cooperative Bank.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.