Banks need to hire experienced chief risk officers to deal with cyber attacks: Report

PTI, Dec 6, 2020, 2:43 PM IST

Credit: iStock Photo

New Delhi: The banking industry needs to upgrade its IT infrastructure and appoint experienced chief risk officers to effectively deal with incidence of cybercrimes, says a report by Deloitte India.

Observing that banks are the most targeted sector, the report said that nearly 22 per cent of cybersecurity attacks which took place in India in 2018-19 were on the banking industry.

“…these (cyber) attacks are becoming complex day by day. To address these challenges, banks need to appoint experienced Chief Risk Officers who can take the responsibility of skilling the employees and lead investment in military-grade cybersecurity solutions to detect the most advanced attacks,” said the Deloitte report on “Digitizing the post COVID world: The ‘3I’ approach”.

Banking sector, the report added, has been fast to adapt to the changing demands by accelerating efforts toward contactless business operations and speeding up digital transition to enable employees to work from home post the lockdown.

As a result of the technology integration, the sector has been facing several challenges with respect to ensuring data security, the report said.

It noted that the year 2020 has been quite challenging for Indian banks when it comes to cybersecurity.

After the onset of the COVID-19 crisis, banking operations were disrupted severely as banks struggled to provide uninterrupted services to their clients during various stages of lockdowns.

In the following months, they accelerated their digital transition efforts (such as digital banking and remote access to employees) to ensure contactless business operations.

“With a surge in digitisation, banks also witnessed a spike in cyber attacks as cybercriminals found new opportunities and vulnerabilities,” it said.

Munjal Kamdar, Partner, Deloitte India said banks will likely adopt technologies such as mobile, cloud, remote access out of the need to sustain business during the pandemic and thrive thereafter.

For bank executives, the focus will be on achieving business goals even as they recalibrate strategies to address the ever-evolving cyber risks. Such transformative digitisation will also result in an increased attack surface, he said.

The challenges that they face include dealing with increased sophistication of cybercrimes, safeguarding and efficiently using data through a sound data sharing mechanism, appropriate data lifecycle management, and rules for ethical ownership of data, Kamdar said.

The report said rising cyber threats after COVID-19 pose serious concerns for Indian banks and the Reserve Bank of India (RBI).

“What makes the challenge acute is that different banks are currently at varying stages of digital transformation and cybersecurity maturity levels determined by their past investments, budget allocation, and size in terms of customer outreach and service offerings,” it said.

Banks will have to prioritise and invest in cyber defence to create an agile and resilient infrastructure of the future, the Deloitte India report said.