RBI calls upon financial institutions to strengthen their IT and cyber security systems

RBI calls upon financial institutions to strengthen their IT and cyber security systems



The Reserve Bank of India Governor Shaktikanta Das on Thursday called upon banks and financial institutions to strengthen their IT and cyber security systems after a global Microsoft outage led to disruption across industries from travel to finance. Das added that incidents like these highlight the over-dependence on big-techs and third-party technology solution providers.

“There was an unprecedented IT outage globally, which affected businesses in many countries,” Das said. The outage demonstrated how a minor technical change, if it goes haywire, can wreak havoc on a global scale. It also showed the fast-growing dependence on big-techs and third-party technology solution providers. In this background, it is necessary that banks and financial institutions build appropriate risk management frameworks in their IT, Cyber security and third-party outsourcing arrangements to maintain operational resilience. The Reserve Bank has time and again emphasised the importance of robust business continuity plans (BCP) to deal with such incidents.”

According to RBI data, in India, security incidents handled by the Indian Computer Emergency Response Team (CERT-In) have increased from 53,117 in 2017 to 13,20,106 during the period January-October 2023. Unauthorised network scanning, probing, vulnerable services account for more than 80% of all security incidents in India.

Data published in the RBI report on currency and finance, globally, cybercrime costs are expected to reach US$ 13.82 lakh crore by 2028, up from US$ 8.15 trillion in 2023. The average cost of a data breach has also risen to US$ 4.45 million in 2023, a 15% increase over three years.

Recognising the significant costs involved, most central banks have increased their cyber security investment budgets by 5% since 2020. In India, the average cost of data breaches stands at US$ 2.18 million in 2023, a 28% increase since 2020 albeit less than the global average cost of data breach. The most common attacks in India are phishing which comprises 22% of the total incidents, followed by stolen or compromised credentials at 16%.

On 19 July, the RBI had said that India’s financial sector was largely unaffected by the global Microsoft outage. An assessment carried out by the regulator had shown that only 10 banks and non-banking financial companies (NBFCs) faced minor disruptions.“Critical systems of most banks are not in Cloud and further, only a few banks are using the CrowdStrike tool,” the RBI had said.A widespread Microsoft outage had disrupted flights, banks and companies around the world. The glitch had caused users to see the Blue Screen of Death error messages that caused their computers to shut down or restart.

Central bank had enquired with banks whether their customer-facing channels- branches, ATM, mobile banking and net banking – were performing normally after technical problems at Microsoft and its vendor US cyber security firm Crowdstrike triggered a global tech outage.



Source link

Online Company Registration in India

Leave a Reply

Your email address will not be published. Required fields are marked *