Skip to main content

RBI Cyber Security Framework(RBI-CSF)

RBI Cyber Security Framework(RBI-CSF)

History

RBI stands for Reserve Bank of India, a India's central bank and regulatory body establish in 1 April 1935 in accordance with Reserve Bank of India Act 1934.

Purpose & Objective

RBI's basic function as a reserve bank is to "to regulate the issue of Bank notes and keeping of reserves with a view to securing monetary stability in India and generally to operate the currency and credit system of the country to its advantage; to have a modern monetary policy framework to meet the challenge of an increasingly complex economy, to maintain price stability while keeping in mind the objective of growth."

The primary objectives of RBI are to undertake initiatives to:
  1. Define the  framework and guidelines and act as monitoring regulatory body for financial sectors  consisting of commercial banks, financial institutions and non- banking financial companies (NBFC),  Urban co-operative bank (UCB) etc.
  2. Fortifying the role of statutory auditors in the banking system.
There many other major functions carried out just to name couple of:
  1. Foreign exchange management
  2. Currency Issuer
  3. Monetary Authority
  4. Providing banking solutions
  5. Chief banker to all banks etc. 

Cyber Security Frame work

To mitigate the increasing cyber threats and security concerns, a working group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds was constituted to examine various issues arising out of Information Technology in banks and they made recommendation in nine broad areas, notification no. DBS.CO.ITC.BC.No. 6/31.02.008/2010-11.

These areas are:
  1. IT Governance,
  2. Information Security,
  3. IS Audit, 
  4. IT Operations,
  5. IT Services Outsourcing, 
  6. Cyber Fraud, 
  7. Business Continuity Planning, 
  8. Customer Awareness programmes and 
  9. Legal aspects.
Since then, the use of technology by banks has gained further momentum. On the other hand, the number, frequency and impact of cyber incidents / attacks have increased manifold underlining the urgent need to put in place a robust cyber security/resilience framework at banks and to ensure adequate cyber-security preparedness among banks on a continuous basis. 
It was essential to enhance the resilience of the banking system by improving the current defences in addressing cyber risks. These would include, but not limited to, putting in place an adaptive Incident Response, Management and Recovery framework to deal with adverse incidents/disruptions, RBI released a Cyber Security Framework for Banks on June 2, 2016, circular no. DBS.CO/CSITE/BC.11/33.01.001/2015-16.

This circular from RBI sets the guidelines for Banks in India towards developing and implementing next generation cyber defense capabilities.
The RBI cyber security framework addresses three core areas:
  1. Establish Cyber Security Baseline and Resilience
  2. Operate Cyber Security Operations Centre (C-SOC)
  3. Cyber Security Incident Reporting (CSIR).

Control Areas of RBI CSF

  1. Cyber Security PolicyDefine and adopt a comprehensive cyber security policy in developing and establishing the cyber security framework.
  2. Cyber Security StrategyDevelop the cyber security strategy that supports the Bank’s security policy, business goals and objectives
  3. Cyber Security OrganizationEstablish a cyber security function and define the roles and responsibilities for implementing, managing and improving the cyber defense.
  4. Cyber Risk / Gap Assessment: Perform Gap Assessment against the Cyber Security Framework requirements. Assess cyber security risks of the organization
  5. Security TestingPerform security testing / penetration testing of the systems, applications and network to identify the vulnerabilities and mitigate them
  6. Network and Database Security: Review and enhance the network and database security configurations. Harden the systems to minimize the attack vectors
  7. Physical & Environmental SecurityEnsure that the physical and environmental controls are implemented to provide adequate security for the information assets
  8. Third Party Risk Management: Identify the critical 3rd parties such as vendors and assess the risks introduced by such relation ships.
  9. Cyber Security Awareness: Educate employees, contractors and customers about cyber security so that human mistakes can be avoided
  10. Cyber Crisis Management Plan: Establish a crisis management plan in line with the guidelines from CERT-IN, RBI CSF and national cyber crisis management plan
  11. Cyber Security Operation Centre: Establish a security operations centre for proactive monitoring using sophisticated tools for detection and quick response.
  12. Incident Response & Management: Define the incident response and management process and establish reporting process to notify RBI on cyber security incidents
  13. Annex 1: Baseline cyber security and resilience requirements
  14. Annex 2: Cyber security operation centre
  15. Annex 3: Cyber security incident reporting

References:

  1. https://rbidocs.rbi.org.in/rdocs/notification/PDFs/NT41893F697BC1D57443BB76AFC7AB56272EB.PDF
  2. https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=6366&Mode=0
  3. https://www.idrbt.ac.in/assets/publications/Best%20Practices/CSCL_Final.pdf




Labels:

Comments

Post a Comment

Popular posts from this blog

MTBF MTTR MTTD

Post a Comment
Read more

Juniper SRX : Proxy ARP on Juniper SRX

Proxy ARP ( Address Resolution Protocol ) is a technique by which a intermediate network device like router replies to ARP request for a given IP address that is not part of local network.  The router acts as a proxy for the destination device to which the host wants to communicate and provides its own MAC address as the reply. Note: Proxy ARP can help devices on a network reach remote subnets without the need to configure routing or a default gateway. Disadvantages of Proxy ARP Proxy ARP can lead to security and performance issues on the network.  It poses a security risk by making the network vulnerable to ARP spoofinf attack. In attacks, malicious devices can impersonate proxies. Intercept or modify traffic between devices. It may introduce inconsistency into the network’s topology. Addressing scheme by concealing device locations and identities. Let see when and how proxy ARP is configured in Juniper by answering below questions which often comes to our mind ...
Post a Comment
Read more