The Reserve Bank of India has advised banks to create a cyber security policy to handle internet-based threats. The regulator said in a notification in view of the low barriers to entry, evolving nature, growing scale/velocity, motivation and resourcefulness of cyber-threats to the banking system, it is essential to enhance the resilience of the banking system by improving the current defences in addressing cyber risks. It said the cyber security policy should be separate from the broader IT policy so that it can highlight the risks from cyber threats and the measures to address them. RBI also said the number, frequency and impact of cyber incidents/attacks have increased manifold in the recent past, more so in the case of financial sector. Hence a Cyber Crisis Management Plan (CCMP) should be immediately evolved and should be part of the overall board approved strategy, it said.
