The extent of data privacy norms in India is way less stringent versus those of the GDPR. Besides, the predomination for banks of public-sector that builds the impression of an implicit sovereign guarantee against the failure of such banks. This reduces the threat of reputation loss of public-sector banks because of cyber attacks.
In August 2018, When Cosmos Bank went through from cyber attack, resulting in approx. Rs 100 crore being siphoned off. In most developed countries similar attacks are rare. Such incidents need an outsized range of accounts to transfer the stolen money. Therefore, In most countries, direct money siphoning from banks through cyber-attacks are small-scale frauds through phishing attacks and stealing of payment cards or data.
Indian banks don’t have a lot of selection regarding a significant revamp of cybersecurity. Cyber attacks are global in nature and, with better cyber-risk preparation in OECD countries, hackers are increasingly specializing in vulnerabilities in emerging-market countries. this may produce existentialist issues for Indian banks. for instance, the money siphoned removed from Cosmos Bank is fourteen times the bank’s FY18 profit.
During 2008-17, banks in India faced 1,30,000 reported cases of cyber fraud involving an estimated Rs 700 crore. this is often comparable to simply 0.006% of the outstanding deposits of Indian banks. in contrast, a severe cyber attack may result in bank failure even once no money is lost directly.
In 2016, the rbi has asked banks to put in place board-approved, strong cyber-risk management systems. The regulator has additionally set norms that put losses because of cyber attacks nearly solely on banks. most significantly, the draft Personal Data Protection Bill, 2018, has projected that for breach of personal data protection, banks would face penalties the same as those under the GDPR.
As several of the ‘old’ private sector banks seem to be better prepared than their larger peers. Indian banks appear to focus a lot of on identification and prevention of cyber-attacks than breach detection, crisis management within the immediate aftermath of detection and corrective measures thenceforth. Quick breach detection and appropriate corrective actions decide the impact of such incidents on banks. Therefore, It is time that Indian banks get up to harsh cyber realities.
#CyberSecurity #cosmosbank #Cybersecuritybanks