July 04, 2026 08:54 pm (IST)
Follow us:
facebook-white sharing button
twitter-white sharing button
instagram-white sharing button
youtube-white sharing button
'Why can't citizens protest against the government? They are being made slaves by slapping cases': Bombay HC slams Mumbai Police, quashes activist's externment | 'First he cheats on me...': Siya Goyal's old pub video goes viral amid probe into fiancé Ketan Agarwal's alleged murder | Ronaldo's goal, Ramos' last-gasp winner send Portugal past Croatia, set up Spain clash | India-US trade deal almost done! Piyush Goyal hints at breakthrough | Ram Mandir donation scam: Champat Rai points finger at his own driver | PM Modi welcomes Japanese PM Sanae Takaichi as India-Japan ties enter a new era | 'Not an isolated incident': India slams Pakistan after 125-year-old historic Gurdwara is demolished | Ram Mandir donation theft: Six accused were employed by Varanasi-based security firm, probe reveals | Ayodhya Ram Temple donation theft: Probe says majority of money was allegedly stolen during Kumbh Mela | Commercial LPG price slashed by Rs 183.50 from July 1; check new rates in Delhi, Mumbai, Kolkata and Chennai

RBI asks banks to boost their cyber security framework

| | Jun 03, 2016, at 07:31 pm
Mumbai, Jun 3 (IBNS) The Reserve Bank of India (RBI) notified all scheduled commercial banks (excluding regional rural banks) that they should immediately put in place a cyber-security policy elucidating the strategy containing an appropriate approach to combat cyber threats given the level of complexity of business and acceptable levels of risk, duly approved by their Board.
In a notification on Thursday, addressed to all bank heads, the RBI said use of Information Technology (IT) by banks and their constituents has grown rapidly and is now an integral part of the operational strategies of banks. 
 
The RBI had provided guidelines on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds (G.Gopalakrishna Committee) vide a circular dated April 29, 2011, wherein it was indicated that the measures suggested for implementation cannot be static and banks need to pro-actively create/fine-tune/modify their policies, procedures and technologies based on new developments and emerging concerns.
 
Since then, the use of technology by banks has gained further momentum. On the other hand, the number, frequency and impact of cyber incidents / attacks have increased manifold in the recent past, more so in the case of financial sector including banks.
 
The RBI thus said there an urgent need to put in place a robust cyber security/resilience framework at banks and to ensure adequate cyber-security preparedness among banks on a continuous basis. These would include, but not limited to, putting in place an adaptive Incident Response, Management and Recovery framework to deal with adverse incidents/disruptions, if and when they occur.
 
The central bank also said that banks should immediately put in place a cyber-security policy elucidating the strategy containing an appropriate approach to combat cyber threats given the level of complexity of business and acceptable levels of risk, duly approved by their Board and send a confirmation in this regard to RBI's Mumbai-bsed Cyber Security and Information Technology Examination (CSITE) Cell of Department of Banking Supervision, Reserve Bank of India, Central Office not later than September 30, 2016.

The notification also mentioned that to address the need for the entire bank to contribute to a cyber-safe environment, the Cyber Security Policy should be distinct and separate from the broader IT policy / IS Security policy so that it can highlight the risks from cyber threats and the measures to address / mitigate these risks.

Having observed that banks are hesitant to share cyber-incidents faced by them, the RBI said, "Experience gained globally indicates that collaboration among entities in sharing the cyber-incidents and the best practices would facilitate timely measures in containing cyber-risks. It is reiterated that banks need to report all unusual cyber-security incidents (whether they were successful or were attempts which did not fructify) to the Reserve Bank."

Support Our Journalism

We cannot do without you.. your contribution supports unbiased journalism

IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.

Support objective journalism for a small contribution.
Related Videos
RBI announces repo rate cut Jun 06, 2025, at 10:51 am
FM Nirmala Sitharaman presents Budget 2025 Feb 01, 2025, at 03:45 pm
Nirmala Sitharaman on Budget 2024 Jul 23, 2024, at 09:30 pm