Regulation & Response In Banks

12746725055?profile=RESIZE_710xBanks face multiple guidelines from various authorities on cybersecurity incident reporting. Consistent, documented procedures (SOPs) are essential for effective response, regardless of timing or personnel involved.

Action Plan:

  1. Understand the Line of Business
  2. Identify Relevant Regulators and Authorities
  3. Identify Incident Reporting Guidelines
  4. Identify Organizational Policies and Top Management Expectations

Documentation and Review:
Compile findings into a document with reporting templates and contact details. Review with stakeholders and the Information Security Committee.

Practice:
Conduct tabletop exercises with dummy contacts and role plays to ensure preparedness.

Scope and Applicability

The plan covers the entire organization, including all locations (data centers, on-premises, co-located, or cloud), internal and external applications, IT service providers, and business service providers.

Reporting Obligations

Mandatory Reporting:
Incidents must be reported to authorities such as RBI, CERT-In, IDRBT, IB-CART, Cybercrime/Police, SEBI, IRDA, Data Protection Board of India, NPCI, Visa/MasterCard, SWIFT, and NCIIPC.

Discretionary Reporting:
Incidents may also be reported to cyber insurers, first responders, forensic investigators, crisis management teams, the board, customers, key partners/stakeholders, media, and international bodies.

Importance of Third-Party Reporting

Third-parties and service providers must report incidents within six hours to allow bank officials to analyze and report to regulators within the stipulated time. This requires revisiting agreements to include regulatory requirements and penalties for non-compliance.

Examples:

  • Data compromise at an analytics firm.
  • Ransomware attack at a software and support vendor.
E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform