By Brijesh Miglani, Security Consultant, Forcepoint
The RBI Cybersecurity Policy for Urban Cooperative Banks is a great step forward by RBI to strengthen the cybersecurity infrastructure of urban cooperative banks (UCBs) and will help enhance the security posture of UCBs in having mature cyber security practices against emerging cybersecurity threats. The most significant part of the new Technology Vision document is the fact that UCBs will now have to appoint Chief Information Security Officers (CISOs) and that boards will become responsible for cybersecurity.
The Cyber Security Framework for UCBs talks about setting up of a Cyber Security Operation Center (C-SOC). The SOC provides a setup for multiple technologies for better incident management, predictive and behavior analysis, and automation to help banks detect attacks at an early stage. This will help protect UCBs from cybersecurity breaches, particularly given that UCBs hold multiple data related to personally identifiable information (PII) and payment card industry (PCI).
To address these real-world hacks and breaches, UCBs should adopt a behaviour-based data protection approach that focuses on data and user behavior analytics. The risk-adaptive protection analyses human behaviour to look for indicators of behaviours to identify risk. By focusing on individual users’ interaction with data, security teams can better understand, organize, manage and mitigate risk as it occurs. The ultimate goal is to prevent the accidental or malicious use of organisations’ data, while combatting threats from phishing attacks, compromised credentials and other potential vulnerabilities.