RBI Issues New Directions to Banks, NBFCs on IT Governance and Cyber Security To Safeguard Interests of Customers

The guidelines have directed all regulated entities to keep a close watch on: ‘Cyber events’ defined as any observable occurrence in an information system. Cyber events sometimes provide indication that a cyber incident is occurring.

Reserve Bank of India (File Photo)

Mumbai, November 8: The RBI has issued a new comprehensive Master Direction to banks and NBFCs on Information Technology Governance, Risk, Controls and Assurance Practices which spells out the role of Directors of these regulated entities to discharge their duties in order to safeguard the interests of customers.

These directions incorporate, consolidate and update the guidelines, instructions and circulars on IT Governance issued earlier and will come into effect from April 1, 2024. Reserve Bank of India Issues Draft Directions on Cyber Resilience, Digital Payment Security Controls.

The guidelines have directed all regulated entities to keep a close watch on: ‘Cyber events’ defined as any observable occurrence in an information system. Cyber events sometimes provide indication that a cyber incident is occurring. Cyber security’ -- Preservation of confidentiality, integrity and availability of information through the cyber medium. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.

‘Cyber incident’ -- which is a cyber event that adversely affects the cyber security of an information asset whether resulting from malicious activity or not. ‘Cyber-attack’ -- Malicious attempts to exploit vulnerabilities through the cyber medium to damage, disrupt or gain unauthorised access to assets. RBI Imposes Rs 5.39 Crore Penalty on Paytm Payments Bank Over Non-Compliance of Guidelines Related to KYC, Cybersecurity.

‘De-militarized Zone’ or ‘DMZ’ is a perimeter network segment that is logically between internal and external networks. ‘Information Asset’ -- Any piece of data, device or other component of the environment that supports information-related activities. Information Assets include information system, data, hardware and software.

Foreign banks operating in India have also been asked to follow the guidelines and to hold discussions with the RBI in case they have to seek an exemption in the case of any particular norm.

(The above story first appeared on LatestLY on Nov 08, 2023 01:18 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).

Share Now

Share Now