The Reserve Bank on Thursday came out with a five-pillared strategic approach 'GUARD' to deal with cybersecurity threats being faced by urban cooperative banks (UCBs).
The number, frequency and impact of cyber incidents and attacks have increased manifold in the recent past, more so in the case of the financial sector, including UCBs, RBI said in its document 'Technology Vision for Cyber Security for Urban Cooperative Banks 2020-2023'.
It has, therefore, become essential to enhance the security posture of UCBs to prevent, detect, respond to and recover from cyber-attacks, the central bank said.
The five-pillared strategic approach 'GUARD' comprises Governance Oversight, Utile Technology Investment, Appropriate Regulation and Supervision, Robust Collaboration and Developing necessary IT and cybersecurity skills set.
The technology vision document, which was formalised after obtaining inputs from various stakeholders, is aimed at enhancing the cybersecurity posture of UCBs against evolving IT and cyber threat environment, the RBI said.
The 12 specific action points suggested in the document include -- more board oversight over cybersecurity; enabling UCBs to better manage and secure their IT assets; and setting up offsite supervisory mechanism framework on cybersecurity-related controls.
It also includes developing a forum for UCBs so help them share best practices and discuss practical issues and challenges; and creating a framework for providing awareness/ training.
"The implementation of the approach outlined in this Technology Vision document will strengthen the cyber resilience of the Urban Co-operative Banks," the RBI said.
Observing that the cybersecurity landscape will continue to evolve with wider adoption of digital banking channels, necessitating the UCBs to manage the associated risks effectively, the RBI said "active collaboration within UCBs and their stakeholders would be necessary for sharing and coordinating various measures taken on cybersecurity aspects." Use of information technology by banks has grown rapidly and is now an important part of the operational strategy of banks.
In October 2018, the RBI had issued a circular prescribing basic cybersecurity controls for all the UCBs.