Latest news with #ContinuousAssessment-BasedRedTeaming
Time of India
5 days ago
- Business
- Time of India
Cyber risks in financial sector: RBI calls for AI-aware defence and zero-trust approach, warns of systemic threat from vendor lock-ins
The (RBI) has called for financial institutions to adopt risk-based supervision, zero-trust cybersecurity frameworks and AI-aware defence strategies to counter the rising threat of cyberattacks and financial frauds in the digital ecosystem. Tired of too many ads? go ad free now In its bi-annual Financial Stability Report (FSR) released Monday, the RBI warned that the increasing use of digital financial services, cloud infrastructure and interlinked platforms across sectors has greatly widened the attack surface for cybercriminals. It also flagged a growing risk of social engineering and phishing scams being powered by generative AI tools such as deepfakes. 'The expanding scale of digital financial services, cloud-based infrastructure and interconnected systems across sectors has exponentially increased the cyberattack surface,' the RBI said in the report, PTI reported. The central bank stressed that given the systemic interdependence between financial institutions and technology service providers, building cyber resilience is critical to maintaining public trust, systemic stability, and ensuring uninterrupted operations. It further warned that overreliance on a few major cloud and IT vendors has led to vendor lock-ins and concentration risks, making the ecosystem more fragile. 'Cybersecurity resilience will depend on the Security Operations Center (SOC) efficacy, risk-based supervision, zero-trust approaches and AI-aware defence strategies,' the RBI said. To mitigate such threats, the RBI recommended: Graded monitoring mechanisms Use of behavioural analytics for threat detection Simulation-based resilience drills like Continuous Assessment-Based Red Teaming (CART) Uniform incident reporting frameworks The FSR also highlighted that the rise in digital transactions, though beneficial, has been accompanied by a surge in financial frauds. The report represents the collective assessment of the Sub-Committee of the Financial Stability and Development Council (FSDC) on risks to financial stability. It said regulators are increasingly aligned with efforts to secure the digital ecosystem by focusing on digital fraud prevention, secure lending, and mutual fund reforms.
Time of India
5 days ago
- Business
- Time of India
Adopt risk-based supervision, zero-trust approach to curb cyberfrauds: RBI
The Reserve Bank on Monday made a case for adopting risk-based supervision , zero-trust approaches and AI-aware defense strategies to tackle online frauds and boost cybersecurity resilience in the financial sector. The central bank flagged that phishing and social engineering attacks are evolving through generative AI-powered methods, such as deepfakes and contextual frauds. "The expanding scale of digital financial services, cloud-based infrastructure and interconnected systems across sectors has exponentially increased the cyberattack surface," said the RBI's bi-annual the Financial Stability Report (FSR). by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like The Simple Morning Habit for a Flatter Belly After 50! Lulutox Undo It further said given the systemic interconnectedness of financial entities and technology service providers, ensuring cyber resilience is critical to maintaining trust, stability and business continuity. As organisations increasingly depend on third party service providers for their business operations, vulnerabilities in the supply chain could pose systemic risk. Live Events Furthermore, the RBI said the overreliance on a few major IT and cloud service providers has created dependency and vendor lock-in problems leading to concentration risks. Vulnerability in one system can quickly propagate across networks, affecting multiple entities, the report said. "In this context, cybersecurity resilience will depend on the Security Operations Center (SOC) efficacy, risk-based supervision, zero-trust approaches and AI-aware defence strategies," it said. Graded monitoring mechanisms, the use of behavioral analytics for threat detection, hands-on training, continuous learning and simulation-based exercises such as through Continuous Assessment-Based Red Teaming (CART), scenario-based resilience drills and uniform incident reporting frameworks are vital for enhancing the resilience of the digital ecosystem, it said. The Financial Stability Report (FSR) reflects the collective assessment of the Sub-Committee of the Financial Stability and Development Council (FSDC) on the resilience of the Indian financial system and risks to financial stability. The RBI also said regulators are aligned with these efforts, focusing on digital fraud prevention, secure digital lending, and mutual fund reforms. The FSDC and its sub-committee continues to play a vital role in building a resilient and secure financial system. The report further said the rapid growth of digital transactions, though instrumental in enhancing convenience and efficiency, has been accompanied by a significant rise in financial frauds.
