RBI Cyber Security Framework in India

Home » Home – India » RBI Cyber Security Framework in India

What is RBI Cyber Security Framework?

The “Cyber Security Framework in Banks” circular from RBI sets the guidelines for Banks in India for developing and implementing next-generation cyber defence capabilities. The framework would direct the execution of progressively more robust security measures based on the nature, scale and variety of bank digital product offerings.

Take a leap in developing and implementing next-generation cyber defence of your banking infrastructure!

The RBI cyber security framework addresses three core areas: (1) Establish Cyber Security Baseline and Resilience (2) Operate Cyber Security Operations Centre (C-SOC) (3) Cyber Security Incident Reporting (CSIR).

RBI Cyber Security Framework – Overview

Cyber Security Policy

Define and adopt a comprehensive cyber security policy in developing and establishing the cyber security framework.

Cyber Security Strategy

Create the cyber security strategy aligned to Bank’s security policies, business objectives and goals.

Cyber Security Organization

Establish a cyber security function and define the roles and responsibilities for implementing, managing, and improving cyber defence.

Cyber Risk / Gap Assessment

Conduct Gap Assessment based on the Cyber Security Framework requirements. Evaluate cyber security risks of the organization.

Security Testing

Conduct security testing exercises like penetration testing of the systems, applications, and network to uncover the vulnerabilities, adjoining mitigation plans.

Network and Database Security

Inspect and improve the network and database security configurations. Solidify the systems to minimize the attack vectors.

Physical & Environmental Security

Ensure implementation of physical and environmental controls to provide adequate security for the information assets.

Third Party Risk Management

Identify the critical third parties like vendors, and assess the risks introduced by such relationships.

Cyber Security Awareness

Educate employees, contractors, and customers about cyber security to reduce human mistakes.

Cyber Crisis Management Plan

Establish a crisis management plan in line with the guidelines from CERT-IN, RBI CSF, and the national cyber crisis management plan.

Cyber Security Operation Centre

Establish a security operations center for proactive monitoring using sophisticated tools providing detection and quick response.

Incident Response & Management

Define the incident response and management process and establish reporting process to notify RBI of cyber security incidents.

Would you like to speak to a Security Analyst?

Establish Cyber Security Baseline

Establish Cyber Security Operation Centre (C-SOC)

C-SOC Functional Requirements

Define the functional requirements of the security operations centre.

Governance Requirements

Define the governance structure of the CSOC and management framework

Integration Requirements

Integrate the CSOC with security solutions to generate alerts.

People Requirements

Ensure the right skillsets are available within the CSOC operations.

Process Requirements

Define the CSOC processes, playbooks, and operation manuals. Develop the IR process and playbooks to meet the RBI CSF CSOC requirements.

Technology Requirements

Deploy the CSOC technologies such as SIEM integrated with threat intelligence feeds/services.

Cyber Security Incident Reporting (CSIR)

Template for reporting Cyber Incidents

An incident report template provides a snapshot of the occurred incident. It can be brief or detailed, leaning on the nature of the incident.

Cyber Security Incident Reporting (CSIR) Form

Incident Response templates, guides and resources enable organizations with the mastery to produce a robust incident management and response program.

Would you like to speak to a Security Analyst?

NEWS & EVENTS

Related Insights

Read all articles

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_V0CDDJSLJR	2 years	This cookie is installed by Google Analytics.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

sales@valuementor.com

RBI Cyber Security Framework in India

What is RBI Cyber Security Framework?

Take a leap in developing and implementing next-generation cyber defence of your banking infrastructure!

RBI Cyber Security Framework – Overview

Cyber Security Policy

Cyber Security Strategy

Cyber Security Organization

Cyber Risk / Gap Assessment

Security Testing

Network and Database Security

Physical & Environmental Security

Third Party Risk Management

Cyber Security Awareness

Cyber Crisis Management Plan

Cyber Security Operation Centre

Incident Response & Management

Would you like to speak to a Security Analyst?

Establish Cyber Security Baseline

Establish Cyber Security Operation Centre (C-SOC)

C-SOC Functional Requirements

Governance Requirements

Integration Requirements

People Requirements

Process Requirements

Technology Requirements

Cyber Security Incident Reporting (CSIR)

Template for reporting Cyber Incidents

Cyber Security Incident Reporting (CSIR) Form

Would you like to speak to a Security Analyst?

Related Insights

Best practices for working with ISO 27001 consultants

Creating a Mobile App Security Testing Strategy in 2023

Impact of RBI cyber security framework on Fintech

ValueMentor

Company

Services

Global Services

Stay Connected