European Union is considering mandatory data breach notification by Banks and other critical infrastructure services. A draft proposal to this effect is under consideration.
At present one of the hindrances to Cyber Crime Insurance is the lack of adequate information about cyber crimes. As regards Cyber Crimes that occur within the Banking fraternity, normally the need to maintain “Confidentiality” and “Prevention of erosion of Public Trust” has prevented public announcement of any Cyber Fraud statistics.
In India, Cyber Frauds are to be disclosed mandatorily by Banks to RBI. RBI in turn may some time release statistics in pursuance of an RTI application or otherwise. However most of the times these statistics are not properly classified so that the correct information about the prevalence of Cyber Frauds in Indian banking industry is not known. Various estimates range from Rs 1200 crores per annum to Rs 8000 crores per annum.
Under ITA 2008, GOI once tried to introduce mandatory data breach notification as a part of Section 70B powers. However this seems to have been put in the back burner because of some opposition from the business.
It is time RBI considers revising its Cyber Fraud guidelines to restructure the reporting format and also consider making relevant Cyber Crime statistics public.
This website has been in existence since 1998.
Older posts before the site switched to word press are available through the link at the top and here below.