At Last, the Finance Ministry seems to have recognized Cyber Threats in Banks

Posted on August 10, 2016 by Vijayashankar Na

It has been pointed out ad nauseam on this forum that Cyber threats in Banks are looming large to be considered as a “National Security Issue”. However, the commercial considerations in Banks have pushed technology solutions ahead of security considerations in most Banks and new services dependent on insecure technology has been embraced with enthusiasm by the system. Customers are being lured by the fancy of “Convenience” to adopt technologies that they donot understand and open themselves to threats of Cyber Crimes.

While our repeated cries in the name of Customer Fraud Protection through Cyber Insurance have still not caught the attention of the Government, what seems to have moved them now is the direct attacks on the Banks such as what Union Bank Faced in the SWIFT system. It appears that the “Intelligence Officials” have nudged the ministry to initiate the latest set of measures.

Recognizing the risks in the compromise of the Banking system, the Finance Ministry has sent out a warning  to state owned Banks to strengthen the Bank’s Information Technology Systems. Coming close on the heels of the RBI’s notification of the Cyber Security Framework-2016, there appears to be some positive action from the regulatory system to harden security in e-Banking.

In the past there have been such short bursts of enthusiasm which have later fizzled out due to commercial considerations.

160808gycs_17Last Saturday, the undersigned addressed a group of Bankers in Chennai and spoke on “Role of Banks in Cyber Security”. During the interaction the immediate measures that the Bankers need to initiate to meet the September 30 deadline for implementing the Cyber Security Framework were briefly discussed.

In the latest monetary policy speech, the Governor of RBI has hinted at some more immediate regulatory notes on the FinTech industry In particular, there could be some measures to regulate P2P lending and aggregation services in Financial Services.

Following the deliberations in the workshop, Naavi is intending to launch a “CSF-2016 Compliance initiative” directed to create better awareness with the Bankers on the implications of the new RBI guidelines. Watch out for more information on the developments in the coming days.

However these new regulations are likely to be more on regulating the business of these FinTech companies rather than addressing the information security issues arising out of these services.

We need to wait and watch the shape of these new regulations before passing any specific comment on them. But our earlier warning to FinTech companies remains in tact.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.