Banks are depending more and more on technical solutions for their day to day functioning. They have crossed the controlled physical boundaries as many functions have been outsourced to third parties and electronic banking. Hence their exposure to the cyberattack and threat also increased. Therefore there is an urgent need to put in place the robust cyber security and resilience framework.
RBI, Reserved Bank of India, India’s Central Bank manages all major monetary policies of India. It has published a circular dated 31st Dec 2019 for Comprehensive Cybersecurity Framework for Urban Cooperative Banks (UCBs).
RBI has categorised the UCBs into four Grades /Levels, Level I, Level II, Level III and Level IV based on the Bank's digital depth and interconnectedness to the payment system landscape. Based on the grade, RBI has formulated the Cybersecurity Framework based on the grade approach. The UCBs don’t have any choice to choose and pick from the framework but to implement the complete framework.
There is no penalty clause mentioned in the circular for non-compliance by the UCBs. But it is mandatory for the UCBs to undertake a self-assessment of the level in which they fit into based on the criteria.
The UCBs have to inform their level to their respective RBI Regional Office, Department of Supervision within 45 days from the date of issuance of the circular i.e. by 15th Feb 2020.
to get your Bank’s Level.
We at DigiSec360 provide end to end solution to implement RBI's cybersecurity controls.
Connect to us on [email protected]