Mr R Gandhi, Deputy Governor RBI said that "banks need to put in place preventive measures such as appropriate controls framework around the systems, reconciliation of transactions in on near real time basis, close monitoring of transactions and disabling USB, and Internet access on the connected nodes", at an ASSOCHAM event.
Mr Gandhi inaugurated '9th annual summit on cyber & network security,' organised by The Associated Chambers of Commerce and Industry of India (ASSOCHAM).
Here are 5 important highlights of his speech during an Cyber Security event:
1) Detection measures
Important is the timely detection measures. It is pertinent to prepare ourselves to face such incidents, by having a robust crisis management plan. I am sure the banks are taking earnest steps to comply with the provisions of the circular as soon as possible, MR R Gandhi said.
2) Indian economy and banking sector
"The banking sector is similar to other sectors of the Indian economy has always been very responsive to change and has adapted itself very well to meet the challenges which keep emerging frequently. It has also proved that it cannot only adapt well but also quickly so that response times are fast to prevent recurrence of negative incidents. The same fervour, I am sure, will be witnessed in the area of cyber security as well and will leave a mark of confidence in the minds of the customers of banks." added.
3) Developments in banking
MR R Gandhi said that the recent developments in banking as also payment and settlement systems have resulted in enhanced customer comfort and flexibility in terms of timing, location and choice of channels. These, however, also expose the customers as well as banks to risk of cyber-attacks. While the banks have better resilience in terms of risk mitigation structures and ability to absorb the losses and expenses, the customers may not be so privileged.
4) Financial sector
Cyber criminals and the attacks they launch on financial sector and its users come with different faces. There are organised criminals who are looking to attack the financial institutions, with a view to siphon away funds, illegally.
"Then there are those who steal confidential data from financial institutions which may also include customer related information. The latter are more interested in ex-filtration of data, though no loss happens immediately. These stolen data then land in the hands of petty criminals, who defraud the banks directly or by enticing the customers to share more information such as passwords and pins where after actual loss takes place".
5) Fraudulent transactions
There are other cyber criminals who steal money by putting through fraudulent transactions, or changing the particulars, so that they are able to take large sums away and vanish.
In such cases, customer may not be directly contacted, but his particulars are taken through malware or other means.