India’s central bank announces cyber security initiative

The Reserve Bank of India (RBI) is planning on improving its cyber security measures. The RBI’s initiative was confirmed in its Annual Report 2017–18, which includes details such as the creation of “theme-based IT examinations” and an audit management application portal.

The initiative comes amid the increasing popularity of digital payments in the country and the worldwide threat of cyber crime.

“Continuous protection”

RBI says its scheme will tackle the threat of data breaches by “ensuring continuous protection against the changing contours” of cyber crime. The bank’s IT infrastructure will be supported by an Information Security Operation Centre, which enables staff to “monitor, detect, prevent and mitigate various types of information and cyber security risks”.

Technological defences are essential to information and cyber security, but must be accompanied by policies that ensure employees follow the correct procedure. Human error is the biggest weakness in any security system, and if it isn’t addressed, technological defences will be of limited use.

RBI provides only a few details of its policies, but that’s probably because they are confidential rather than non-existent. However, a project this big will probably have made use of ISO 27001, the international standard for information security.

The adoption of ISO 27001 is essential for any organisation that takes information security seriously. The Standard outlines the process for creating an ISMS (information security management system), which gives organisations a central base for operating, reviewing and improving their data protection practices.

ISO 27001 certifications in the Asia–Pacific region have grown rapidly in the past few years. More than 5,500 organisations certified between 2015 and 2017, bringing the overall number to 17,562.

Don’t risk it, cyber secure it

You can learn more about ISO 27001 by reading our free green paper: Cyber Security & ISO 27001: An introduction, which will help you understand:

  • Why cyber security is more than a technological issue;
  • How international cyber criminals target your website and what they do with your stolen information;
  • Why SMEs (small and medium-sized enterprises) are more vulnerable to attack than their larger counterparts; and
  • How ISO 27001 certification can stop you missing out on business and help you comply with international regulations and laws.