To meet the growing needs of customers, banks are increasingly adopting Information Technology (IT) solutions, to carry out daily operations. Thus making them attractive targets for escalating cyber attacks. To ensure that Indian banks function in a cyber-resilient environment, the Reserve Bank of India (RBI) issues regular guidelines. Hence, in one of its recent circulars, in addition to distinguishing cybersecurity from information security, the RBI advises banks to establish mechanisms for:
- Continuous surveillance to protect personal data
- A focused approach towards cybersecurity
- Board/ Top Management to be aware of the bank’s threat quotient
- Board/ Top Management to proactively monitor, share, and mitigate threats
The RBI guidelines advocate the following measures to help banks improve their overall security posture:
1. Provision for continuous surveillance
Cyber attacks are not preceded by warnings or timelines. Hence, the RBI recommends that banks set up continuous surveillance to stay abreast of emerging cyber threats.
XVigil helps you anticipate and mitigate threats
XVigil, CloudSEK’s digital risk monitoring platform, offers continuous monitoring across the surface and the dark web. Specifically focusing on: mentions of the bank, its brand, and its infrastructure.
2. Ensure protection of customer data
Financial institutions depend on technology to function smoothly. It also helps them deliver cutting-edge digital products to address their customers’ needs. However, in the process, banks collect customers’ personal and sensitive information.
Banks should take appropriate steps to ensure uncompromised confidentiality, integrity, and availability of this data. Moreover, as custodians of such information, it is incumbent on banks to preserve data, in transit and in storage, within their environment or that of third party vendors. To this end, banks should establish suitable systems and processes, across the data/ information lifecycle.
XVigil detects data leaks
XVigil proactively monitors the web for data leaks. Subsequently, it alerts banks to leaks involving their customers’ information, credit card details, or debit card details. The platform also reports 3rd party data leaks that could affect banks and their customers.
3. Report cybersecurity incidents to RBI
Banks also need to notify the RBI of all unusual cybersecurity activities and incidents, irrespective of the success or failure of the attempts.
XVigil generates reports to notify the RBI
XVigil prepares reports, listing major incidents that may be submitted to the RBI, adhering to compliance standards.
4. Manage inventory of IT assets
Banks need to maintain an up-to-date inventory of assets including their infrastructure and business applications.
XVigil scans your assets every day
XVigil performs daily asset scans, to track all internet-facing assets, including domains, sub-domains, IPs, WebApps, etc.
5. Prevent execution of unauthorized software
Banks should maintain an updated, and preferably centralized, inventory of authorized/ unauthorized software.
XVigil monitors for Shadow IT threats
XVigil runs infrastructure scans every day and alerts banks to any threats. As a result, it keeps Shadow IT threats in check.
6. Secure configuration
Banks must document and apply baseline security requirements/ configurations to all categories of devices.
XVigil detects misconfigured assets
XVigil detects and reports misconfiguration of internet-facing assets, in addition to the Open Web Application Security Project (OWASP) top 10 vulnerabilities.
7. Vendor risk management
Banks are accountable for appropriate management of security risks pertaining to outsourced and partner arrangements.
XVigil detects third-party leaks
XVigil monitors and reports on any third-party sources that leak sensitive information, thus fulfilling the RBI’s requirement to manage vendor risk.
8. Advanced real-time threat defence and management
The RBI advocates for banks to:
- Build a robust defence system against the installation, spread, and execution of malicious code, at multiple points in the enterprise
- Consider whitelisting of internet websites/ systems
- Consider implementing secure web gateways with capabilities to deep scan network packets. Hence securing (HTTPS, etc.) traffic passing through the web/ internet gateway.
XVigil provides real-time alerts
XVigil monitors and provides real-time alerts, on threats that impact banks’ brand or infrastructure, from various sources across the surface web and the dark web. In addition, the platform scans open ports, misconfigured SSLs, leaky S3 buckets, and XSS vulnerabilities.
Banks have been advised to subscribe to anti-phishing/ anti-rogue apps or services from external service providers. Since, this will help them identify and take down phishing websites/ rogue applications.
XVigil detects and initiates takedowns
XVigil detects phishing/ rogue apps, fake domains, and fake social media accounts. CloudSEK also offers takedown of such phishing websites/rouge applications.
10. Data leak prevention strategy
Banks should develop a comprehensive data loss/ leakage prevention strategy to safeguard sensitive, proprietary, and confidential business and customer data.
XVigil monitors data leaks
XVigil scans for data leaks, including third-party leaks, and additionally gives banks timely and actionable threat intelligence.
11. Vulnerability Assessment, Penetration Test, and Red Team Exercises
Banks should conduct periodic vulnerability assessment and pen-testing exercises on all the critical systems, particularly the internet-facing ones.
XVigil runs periodic tests
XVigil runs basic level vulnerability assessments, as well as pen-testing exercises, every day. And subsequently alerts banks to open ports, misconfigured SSLs, leaky S3 buckets, and XSS vulnerabilities.
Banks must make arrangements for forensic investigation unless they have support.
CloudSEK offers forensic services and support
CloudSEK offers forensic services, together with unlimited support.
13. External Integration
While delivering services to customers, several stakeholders are involved directly or otherwise. Their experience is indispensable. Besides, their integration with multiple tools would give organizations a view of the entire security landscape. Thus, encouraging better decision making.
XVigil can be integrated with ease
XVigil can be easily integrated with multiple SIEMS, SOAR and other platforms. Thus giving banks a single view of their entire security landscape.