India: RBI Guidelines For Cyber Security Framework

Setting the context

In a race to adopt technology innovations, Banks have increased their exposure to cyber incidents/ attacks thereby underlining the urgent need to put in place a robust cyber security and resilience framework.

The Reserve Bank of India has provided guidelines on Cyber Security Framework vide circular DBS. CO/CSITE/BC.11/33.01.001/2015-16 dated June 2, 2016, where it has highlighted the urgent need to put in place a robust cyber security/resilience framework to ensure adequate cyber-security preparedness among banks on a continuous basis.

The RBI Guidelines related to Cyber Security framework will enable banks to formalize and adopt cyber security policy and cyber crisis management plan. The requirement to share information on cyber security incidents with RBI will also help structure proactive threat identification and mitigation.

Difference between Cyber Security and Information Security

While Information Security focuses on protecting confidentiality, integrity, and availability of information, Cyber Security is the ability to protect or defend the use of cyberspace from cyberattacks. Cyberspace is nothing but interconnected network of information systems or infrastructures such as Internet, telecommunications networks, computer systems, embedded processors and controllers and many others systems.

Traditional information security has limited coverage of risks emanating from cyberspace such as Cyber warfare, negative social impacts of interaction of people (trolling, defamatory viral messages, etc.), software and services on the Internet and threats from Internet of Things (IoT). These and other threats are not classic information security issues and thus need to be covered under a separate Cyber Security Framework. The emerging technologies and tools within the cyberspace is rapidly increasing organizations exposure to new vulnerabilities thereby increasing the risk to the organization. Given the benefits of the cyberspace, it is imperative that organizations manage their risk effectively through a robust Cyber Security Framework.

Download >> RBI Guidelines For Cyber Security Framework

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.