With growing dependence on Information Technology, RBI Deputy Governor H R Khan has said there is need to ensure better compliance with regulations to prevent data theft and check financial fraud.
“Banks face a difficult challenge in the area of security management. With a growing population of internal and external users accessing an increasing number of applications, the need has grown exponentially for banks to always deploy the latest security tools that can help them secure their digital assets, prevent data theft and ensure better compliance with regulations,” he said.
“In addition, security management is ever changing. The security measures must be highly responsive, quickly
deployable and adaptable to new threats and emerging risks,” he said in his address at the seminar at the Institute for Development and Research in Banking Technology (IDRBT), Hyderabad on July 28.
Moreover, he said it should be capable of satisfying a new generation of customers who want more personal and customized experiences that match their lifestyles.
He noted that banks in near future will, whether through conviction or compulsion, have to transform into technology firms.
“While leveraging the ubiquitous power of technology the focus has to be on what I can call five P’s. They are Products (in terms of offerings), Processes (that ensure efficiency of operations), People (both customers and staff that take to technology engagement with maximum ease without losing sight of security needs), Productivity (by enhancing margins) and Prudence (by building more robust risk management system and regulatory compliance culture),” he said.
For this, Khan said, appropriate IT governance and strategy driven by boards of banks is of paramount importance.
Observing that the human factor continues to be the single most important security management challenge, which also needs to be addressed effectively, he said the core mitigant in this regard is imparting customer education and awareness.
In recent times, SMAC (Social, Mobile, Analytics and Cloud) is the concept which is driving innovation worldwide, making the security even bigger challenge, he said.
Besides, he said other related developments like virtualisation, big data, mobile and working from home as well as globalisation of markets and other demographic changes with their concomitant security implications have all added to the significance of IT security.
In this age, banks cannot afford to leave IT security to chance and assume that its vulnerability will not be known to outsiders, the so called ‘security through obscurity’, he said.
While banks should be conscious of the external threat, the internal threats from within the organization should also be given due attention, he added.