Financial-sector regulators of India have been active in the cyber security space despite lacking an overarching framework in place, a report by consulting firm Deloitte on Cyber Regulation in Asia Pacific, said.
“India is making leaps and bounds on the digital bandwagon. While businesses are quickening their adoption of digital and other emerging technologies, criminals and organised crime are not far behind,” Shree Parthasarathy, partner – Risk Advisory Services, Deloitte Touche Tohmatsu India, said.
Tohmatsu pointed out the recent outburst of WannaCry (ransomware attack) was a stimulating event for the country.
“While not many incidents were registered, it is hard to believe that India Inc was not affected,” he said, adding, “We need to pace up the implementation of security measures, before it is too late and before citizens start losing trust the system.”
The report stated that financial regulators (including the Reserve Bank of India), Insurance Regulatory Development Authority (IRDAI) and Sebi have all worked out measures.
Last year, it put out comprehensive guidelines regarding cyber for financial institutions.
In 2011, the RBI released a complete set of guidelines on information security, electronic banking, technology risk management and cyber frauds.
In the insurance sector, IRDAI in April this year issued a cyber security framework for the sector and stated that all insurers must implement it by March 2018.
Sebi is also preparing to set up a cyber security lab for the securities market during 2017 to 2018.