Indian banking data security report released
Data Security Council of India (DSCI), a Nasscom initiative, on Friday announced the release of “DSCI-KPMG Survey on State of Data Security and Privacy in the Indian Banking Industry”. The survey report, released by G. Gopalakrishna, executive director, Reserve Bank of India, at an event held at ITC Grand Central, Mumbai, aims to establish a ground for dealing with the security and privacy concerns and offers insight to Banking industry in better equipping themselves for data protection.
Banks are in the forefront of using cutting edge IT, information security technology, and processes that are similar to those in the IT/BPO sector. It is crucial to understand how the technologies are helping banks meet customer service expectations, and how are they using technologies and processes to meet the challenges of cyber crime.
It is with this view that DSCI, in association with KPMG, and under the aegis of CERT-In (DIT), surveyed 20 banks and interviewed CISOs and equivalents across the industry. The findings, in the form of DSCI-KPMG Survey Report, highlight trends and insights into the state of data security and privacy in the industry.
The need for such a survey and the understanding of security issues at the banks was highlighted with the enthusiastic response which the survey received from the public, private and international Banks. G. Gopalakrishna, executive director, Reserve Bank of India complemented DSCI and KPMG for carrying out the survey to assess the state of data security and privacy in the Indian banking industry and gain insights into the data protection concerns of the industry. Encouraging this initiative, he recommended that such surveys should be conducted periodically to cover the changing trends in the banking industry.
Some of the key findings of the Survey Report include:
– Customer awareness on information security along with insecure customer end points is one of the most significant challenges faced by the banks
– External threats and the increasing usage of online & mobile channels along with regulatory requirements are driving banks in India to invest in information security
– Managing security is more challenging in online banking and phone (IVR) banking as compared to other service delivery channels
– Banks drive inputs from international standards such as ISO 27001 to establish their security function
– Absence of collaboration and synergy between Security and Fraud Management functions leaves a significant gap in banks’ effort to curb financial frauds
DSCI annually conducts a security survey of various Indian industry verticals. As Banks are a primary user of IT, DSCI decided to conduct a security survey of the banking sector.
On the findings of the survey, Dr. Kamlesh Bajaj, CEO, DSCI said, “It is interesting to note that with increased digitization of customer information, increased levels of customer awareness on privacy and notification of IT (Amendment) Act, 2008, privacy has emerged as an important focus area for the banks in India though it is yet to be factored in the banking ecosystem through implementation of a comprehensive privacy program.”
Kumar R. Parakala, Head of IT Advisory, EMA & India, KPMG , said, “Banking and Information Technology can hardly be separated. This is one such industry, which not only depends on the technology, but where technology has contributed to its immense development and proliferation. The unique aspect about information security in banking industry is that the security posture of a bank does not depend solely on the safeguards and practices implemented by the bank, it is equally dependent on the awareness of the users using the banking channel and the quality of end-user terminals.”
The event, to mark the release of the survey report, featured senior banking executives in the panel discussions on the findings of the survey, the need for data security and privacy protection as a customer objective and also as a requisite under the IT (Amendment) Act, 2008 and recently released RBI Guidelines for Electronic Banking. For the banking industry, the DSCI-KPMG Survey Report establishes comprehensive understanding on the role of data protection and offers compelling insights on how the industry can strengthen its position.
Indian banking data security report released
Data Security Council of India (DSCI), a Nasscom initiative, on Friday announced the release of “DSCI-KPMG Survey on State of […]
IFSEC Insider
IFSEC Insider | Security and Fire News and Resources