The Reserve Bank of India (RBI) has cautioned that in the post Covid-19 lockdown period, there has been increased incidence of cyber threats against the banking industry.
The central bank underscored that the banking industry is the target of choice for cyber-attacks.
Cyber risk appeared in the ‘high risk’ category for the first time since the inception of RBI’s systemic risk survey (SRS), the 18th in the series, conducted during April-May 2020 on the major risks faced by the financial system.
Since March 2020, the RBI issued more than 10 advisories/alerts to supervised entities on various cyber threats and best practices to be adopted, as per the latest Financial Stability Report (FSR).
Some of the advisories/alerts were issued in close coordination with Indian Computer Emergency Response Team (CERT-In).
In order to ensure that unconventional, remote working conditions necessitated by the lockdown and adoption of other practices/ procedures do not lead to relaxation of existing cyber security and data protection controls in supervised entities, the RBI emphasised that it has taken several measures.
Referring to the World Health Organisation (WHO) declaring Covid-19 a pandemic on March 11, the RBI said it issued an advisory on March 13 to all its regulated/ supervised entities to, inter alia , ensure that access to systems is secure and critical services to customers operate without disruption.
The FSR said that for the financial sector, on a proactive basis, CERT-In is tracking latest cyber threats, analysing threat intelligence from multiple sources, and issuing advisories and automated alerts to Chief Information Security Officers (CISOs) encompassing relevant details so that the financial entities can develop a set of effective practices for responding to and recovering from cyber incidents, while enhancing their respective cyber resilience.