At CISO Platform Annual Summit 2017, we had a panel discussion on the topic of Security Strategy for BFSI in 2018: Handling Changes in Threat and Regulatory Landscape, including industry stalwart like Parag Deodhar (Chief Information Security Officer-Asia Japan & Business Services, AXA Group), Satyanandan Atyam (Associate Vice President, Chief Information Security Officer, Data Privacy Officer, Bharti AXA General Insurance), Prasad Sathye (CIO, Navanagar Cooperative Urban Bank), Sanjay Tiwari (CISO, Suryoday Small Finance Bank), and Prasanna Lohar (HEAD TECHNOLOGY, DCB Bank).
Key Learning - Security Strategy for BFSI in 2018: Handling Changes in Threat and Regulatory Landscape
- RBI has made compliance and reporting more stringent. Regulators will be tightening further with IRDA,SEBI following footsteps of RBI.(RBI is more lethal with ReBIT)
- Regulators have come together and are conducting awareness sessions for CISO’s on Cyber resilience and Cyber Crisis Drills.
- Regulators have come together and are conducting awareness sessions for CISO’s on Cyber resilience and Cyber Crisis Drills.
- Privacy and UIDAI are important aspects moving ahead
- The Data Privacy Bill is being discussed and is on the anvil to be released for the body corporates to protect the Personal Data
- The Data Privacy Bill is being discussed and is on the anvil to be released for the body corporates to protect the Personal Data
- Ransomware and Phishing attacks will be biggest threat
- The Threat landscape has changed and the investment around Network Perimeter for Protection solutions would not be relevant. Perpetrator is able to penetrate through the network through Phishing attacks , social engineering circumventing the Network Perimeter controls.
- The Threat landscape has changed and the investment around Network Perimeter for Protection solutions would not be relevant. Perpetrator is able to penetrate through the network through Phishing attacks , social engineering circumventing the Network Perimeter controls.
- Social engineering and phishing will be exploited much more.
- To avoid more awareness is to be created
- Make top management and board members risk owners
- Targeted attack and detection is one of the important aspects to be addressed by the compliance
- With increasing number of smaller banks entering the digital banking space, lower level of cyber security preparedness and controls could pose a systemic threat. This will involve more regulatory controls to mitigate the risks.
(Use FireCompass discovery and comparison tool to shorten your vendor assessment cycle by months. Sign Up for FREE)
Comments