India is moving closer to establishing a national cybersecurity strategy for the financial sector, with a focus on artificial intelligence (AI), emerging technologies and strengthening resilience against evolving cyber threats.
According to a report by Moneycontrol, the proposed framework is expected to include more than 50 recommendations and will aim to bring greater clarity to the roles of regulators, financial institutions and government agencies involved in cybersecurity management.
The government is looking to address gaps in the current fragmented cyber governance structure by introducing common standards for reporting cyber incidents, minimum resilience requirements and measures to manage risks arising from shared digital infrastructure and third-party service providers.
The initiative is being led by a large inter-ministerial group (IMG) created to develop a coordinated approach towards financial sector cybersecurity.
The group has formed five specialised sub-groups to examine key areas, including regulatory concerns, third-party risks, consumer protection, inter-sectoral dependencies and emerging technologies such as AI.
According to the report, discussions are underway at a detailed level, with the sub-groups expected to submit their recommendations before the broader IMG finalises the strategy.
While institutions such as the Reserve Bank of India (RBI) and the Securities and Exchange Board of India (SEBI) already have cybersecurity guidelines for regulated entities, the proposed strategy aims to identify areas requiring a unified sector-wide approach.
One of the key objectives is to ensure faster and more coordinated responses during cyber incidents affecting multiple stakeholders.
For instance, if a digital payment platform used by several banks faces a cyberattack, clear accountability and response mechanisms would help prevent delays caused by overlapping responsibilities.
The increasing use of AI in financial services has added urgency to the initiative. While AI is being adopted for applications such as fraud detection, automation and customer support, authorities are also concerned about emerging threats, including AI-powered fraud, deepfakes and sophisticated cyber scams.
The government has already begun examining AI-related risks in the banking sector.
In April, Finance Minister Nirmala Sitharaman held discussions with bank executives on challenges emerging from advanced AI models and described the issue as a new and evolving concern.
Following the discussions, the RBI directed banks and other regulated entities to conduct board-approved assessments of AI-related risks and prepare time-bound action plans.
Financial institutions have also been asked to strengthen cybersecurity frameworks, conduct AI-based threat assessments and identify vulnerabilities, which are expected to form a crucial part of the upcoming national cybersecurity strategy.
