Although there has been a growing number of cyber attacks, security experts say that most cyber attacks are known threats or variant of known threats. Their growing number has made it imperative for organizations, banks and financial institutions to detect and prevent cyber security breaches by employing defensive measures. Experts say that cyber security budget requirements will only increase as organizations digitize more of their internal and customer-facing operations using Internet of Things, cloud technology, and mobile devices. Let us take a look at what cyber security looks like for organizations, banks, and payment processors.
Cybercriminals are continuously looking for means to hack into organizations through network weaknesses. This can be prevented by implementing a policy that balances prevention, threat detection and response. An organization should invest in a multi layered approach to security by integrating all aspects of digital infrastructure. This includes network, systems, cloud based services and endpoint devices. Frequent updates to software to fix software vulnerability and stay current on security patches is a must. This will help to prevent attacks from the variants of known threats.
In order to increase awareness of cyber security breaches, there is a need for training and education programs designed to increase employee vigilance. The entire ecosystem including contractors and business partners should be made to abide by policies and control around cyber security as a precondition to work with the organization. All these measures can be most effective if organizations employ a proactive rather than reactive approach towards cyber security breaches.
Hackers are usually looking for personal or payment related information and hence credit and debit card information is very much a prime target for them. This information is then traded on the dark web marketplace. To tackle cyber security breaches in debit/credit cards RBI has set up Cyber security and IT Examination (CSITE) cell within its Department of Banking Supervision. It has also issued a circular to banks on Cyber Security Framework covering best practices pertaining to the various aspects of cyber security. This requires banks operating within its jurisdiction to have a cyber security policy, cyber crisis management plan, a gap assessment with respect to the baseline requirements indicated and report unusual cyber activity within 2- 6 hours.
In addition, RBI has been carrying out IT examination of banks since the last year. It has also set up a Cyber Crisis management group to address any major cyber attacks. These initiatives by RBI are welcome as they enforce a security culture at banks and avoid cyber security breaches.
Taking Cyber Security Breaches Seriously
Cybercriminals are continuously looking for means to hack into organizations through network weaknesses. This can be prevented by implementing a policy that balances prevention, threat detection and response. An organization should invest in a multi layered approach to security by integrating all aspects of digital infrastructure. This includes network, systems, cloud based services and endpoint devices. Frequent updates to software to fix software vulnerability and stay current on security patches is a must. This will help to prevent attacks from the variants of known threats.In order to increase awareness of cyber security breaches, there is a need for training and education programs designed to increase employee vigilance. The entire ecosystem including contractors and business partners should be made to abide by policies and control around cyber security as a precondition to work with the organization. All these measures can be most effective if organizations employ a proactive rather than reactive approach towards cyber security breaches.
Debit/ Credit Card Security
Hackers are usually looking for personal or payment related information and hence credit and debit card information is very much a prime target for them. This information is then traded on the dark web marketplace. To tackle cyber security breaches in debit/credit cards RBI has set up Cyber security and IT Examination (CSITE) cell within its Department of Banking Supervision. It has also issued a circular to banks on Cyber Security Framework covering best practices pertaining to the various aspects of cyber security. This requires banks operating within its jurisdiction to have a cyber security policy, cyber crisis management plan, a gap assessment with respect to the baseline requirements indicated and report unusual cyber activity within 2- 6 hours.In addition, RBI has been carrying out IT examination of banks since the last year. It has also set up a Cyber Crisis management group to address any major cyber attacks. These initiatives by RBI are welcome as they enforce a security culture at banks and avoid cyber security breaches.
