RBI: Banks and Financial Institutions To Protect Banking Security

Rohit Jain, executive director of the Reserve Bank of India (RBI), ordered banks and financial institutions to fully fund the banking security system on Monday in light of the cybersecurity risk to the banking industry. He also stressed the importance of being ready for any potential effects that the growth of cloud computing and the Internet of Things (IoT) in the banking industry may have.

Before the very first G20 Finance Ministers including Central Bank Governors (FMCBG) conference and Finance and Central Bank Deputies (FCBD) conference, which supposedly occurred from February 22 to February 25 in Bengaluru, the top RBI official gave a keynote talk during a discussion panel on cybercrime.

According to him, security measures should be created and put into place, and security by design requirements to be integrated into banking procedures. The data security function must be sufficiently properly funded in terms of personnel size, degree of experience, use of procedures and tools as well as sufficient expenditure in IT and ITES, according to Jain, keeping in mind the dynamic landscape and the associated risks.

According to him, banks should regularly assess the danger profile of their vital information assets, test them for flaws, and make sure they are resilient to cybersecurity hazards. Before implementing new items and technology, due diligence should be done. According to Jain, the Information Technology Enabled Services (ITES) safety function must establish procedures to ensure that all application and technological stack modifications are made simultaneously.

He claims that as IoT grows, so do the security issues it raises. Jain urged the directors and managing directors of the banks to assume responsibility for the new risk areas and routinely assess the scope and trajectory of cybersecurity concerns.

He said the central bank sought to conduct some phishing simulations whereby it sent phishing emails to the institutions to determine how they managed them, commenting about the new methods for evaluating the robust cybersecurity capability of the regulated businesses under RBI’s jurisdiction. According to Jain, they investigate or suggest the relevant businesses enhance their firewalls and raise staff awareness of how to handle such emails based on some of the outcomes from phishing simulations.