Amid a scenario, when theb digital economy is being given a push, Finance Minister in his budget speech announced the set up of CERT-Fin or Computer Emergency Response Team for fostering security in the financial sectors which reels under high incidents of cyber thefts and attacks.
Cyber security is critical for safeguarding the integrity and stability of our financial sector. A Computer Emergency Response Team for Financial Sector (CERT-Fin) will be established remarked Jaitley in his budget speech.
The set up unit shall work in close coordination with all regulators of the financial sector in the country in addition to other stakeholders. The scenario drew attention after more than 32 lakh credit and debit card were compromised last year in one of the biggesr cyber frauds that hit the banking sector.
Role and the impact of Cert-Fin on us
The new body shall act as an umbrella CERT for the financial sector as a whole and as per the laid down rules in the Information Technology Act and Rules provide reporting to Indian Computer Emergency Response Team (Cert-In) at the national level. The independent body shall be incorporated as a company and provide direction, review performance, allocate resources and make recommendations. Further it is proposed that each of the financial sector regulator shall also have an additional entity that would provide information to Cert-Fin on real time basis.
Consequently, there shall be bank-Cert, Securities-Cert, insurance-Cert and pension-Cert reporting to the Cert-Fin which would then furnish information to National Critical Information Infrastructure Protection Centre (NCIIPC) that monitors as well as coordinates national infrastructure that are highly critical.
1. The set-up unit would collect, analyse as well as distribute information on cyber thefts and attacks across the financial sector.
2. The unit shall also engage in making forecast in respect of such threats and send alerts to the entire financial sector. On confronting any emergency situation, Cert-Fin will gear on and take emergency measures.
3. Modern cyber-security architecture shall be maintained and awareness shall be fostered across the sector together with the users.
4. Information shall also be passed on security issues through its dedicated website and set-up of 24*7 helpdesk for incidence response.
5. Incident prevention, response services and quality management service shall also be offered by Cert-Fin at par with Cert-In.