Market participants should not consider cost savings when formulating cyber security measures, said RBI governor Urjit Patel while launching digital payments platform UPI 2.0.
Financial services providers must ensure strong cyber security measures regardless of costs, RBI (Reserve Bank of India) governor Urjit Patel said in a speech at the launch of the United Payments Interface 2.0 in Mumbai.
Costs cannot be considered an inhibited factor in this “critical area”, he said. “Operators should ensure that no corner is cut regarding cyber security – after all, in a network environment we are only as strong as the weakest link. We owe it to ourselves that we don’t compromise the integrity of the system by individual (in)action – in this context, cost savings should be eschewed.”
Recently, Cosmos Co-operative Bank, a Pune-based lender, was a victim of a malware attack that led to a loss of INR 940 million (USD 13.4 million).
> ALSO READ: India’s Cosmos Bank Suffers $13mn Theft
The United Payments Interface was first launched by the NPCI (National Payments Council of India) in April 2016 and the most recent launch is a second iteration of app which includes a few extra features including inward remittances and overdraft facilities.
SEBI is planning to develop a cyber-capability index to measure the readiness of market infrastructures to deal with potential hacking and cyber threats.
“SEBI is conducting a full cyber security review of MIIs [Market Infrastructure Institutions] that includes all the cyber security advisories issued by it and full list of cyber security threat vectors. In addition, a cyber-capability index is being developed to assess the cyber security preparedness and resilience of MIIs,” SEBI said in its annual report.
SEBI plans to expand the scope for cyber security initiatives for MIIs and also look into the operational modalities of implementation. It is also looking to put in further data privacy requirements.
The regulator has proposed to use data analytics to understand and handle technological challenges, as well as to introduce measures to better manage announcements of price sensitive information by listed companies.
