With the advent of niche Fintech capabilities and rise of digital platforms of payments and transactions, two things have been clearly established – firstly, India is headed towards a technologically driven and influenced modes of operations in the Banking, Financial Services and Insurance (BFSI) sector and secondly this would warrant a robust roadmap of which Cyber Security would be an indispensable part, says Rama Vedashree, Chief Executive Officer, Data Security Council of India (DSCI), in an interaction with Rakesh Roy of Elets Network (ENN).
What was the objective behind the formation of Data Security Council of India?
When India became the hub of global information technology and business process outsourcing, recording a fast-paced growth to $100 billion in 2011-12, it was felt that to maintain its leadership position in this field certain enablers are necessary. Most notable among them was the requirement to strengthen the data protection environment so that global customers’ offshoring to India could repose trust.
To promote India as a trusted sourcing destination, NASSCOM established Data Security Council of India as a self-regulatory organisation to scale up security and privacy based practices in the country.
The primary objectives of DSCI were to become a focal point for public advocacy on cyber security and privacy issues globally, and to build credibility and relationship with influencers in India and across the world.
DSCI priorities and charter, since its inception, has included best practices development, outreach, capacity building, privacy certification and Law enforcement capability building.
How unique is “Digital Payment Suraksha”, an initiative of DSCI?
Given the recent momentum on digital payments and government’s drive for a ‘Less Cash Economy’, enterprises and consumers are coming together to help India leapfrog into a digital economy. Multitude of players in the ecosystem are contributing to provision the infrastructure platform, services, applications to enable digital payments.
While Government, financial services and digital payments sector are undertaking several initiatives to drive digital payments, DSCI in association with Ministry of Information Technology (MeitY) and Google India introduced an initiative- ‘Digital Payment Suraksha’ Awareness Campaign in the country to educate end users, micro small and medium businesses and merchants on security best practices, dos and don’ts while making digital transactions.
This initiative has two-pronged approaches mutually complementing each other (i) Digital Payment Security Awareness Campaign: To spread awareness around security aspect of digital payments in the society, penetrating it to communities such as traders, micro and small businesses and citizens at large. (ii) Digital Payment Security Alliance: To bring all influential stakeholders on a common platform and progress together in building up a sustainable ecosystem of digital payment security in the country.
The campaign is being supported by various institutions and enterprises spearheading Financial Inclusion and Digital Payments. The partners include NABARD’s FI Division, NPCI, State Government Including Government of Telangana, Airtel Payments Bank, Axis Bank, Master Card, PayPal, PayTM Payments Bank and Visa.
How important are data and cyber security in the BFSI domain? What measures do you recommend to safeguard these?
The swift technological progress precipitated by the digitisation crusade is heavily and deeply impacting different sectors and stakeholders. BFSI sector is no different, especially with digital inclusion becoming the order of the day. With the advent of niche Fintech capabilities and rise of digital means and platforms of payments and transactions, two things have clearly been established- firstly, the society is headed towards technologically driven and influenced modes of operations in the BFSI sector and secondly this would warrant a robust roadmap of which Cyber Security would be an indispensable part.
Unfortunately, amidst this technological flux and potential of digital, is the steadfast challenge of ensuring Safety and Security for the BFSI sector. The financial sector has been witnessing targeted malware attacks, which are increasingly becoming more advanced and innovative.
It is imperative for the BFSI sector to keep working towards upgradation of its cyber security and privacy agenda in order to safeguard the sensitive ecosystem against the malicious elements that are continually looking at ways and means of intruding into the systems and inflicting damage of varying nature.
Banking industry, in particular, should have focused attention to ransomware preparedness at an individual organisation level and at industry level.
What changes do you oversee in the Information Technology (IT) landscape with the onset of cloud computing in the BFSI sector?
Let me elucidate the aspect of technological innovation that has been going on in this domain for some time now and which one needs to understand in order to appreciate the associated cyber security risks and concerns. Banking is a regulated industry which, in India, has shown the lead in adopting Information Technology to service consumers and for internal operational efficiency. Traditionally, banking sector has been conservative in adopting emerging technologies. However, currently we are witnessing focus on adopting these technologies and charting out a path for digital transformation.
Cloud technology is one of the options. As IT infrastructure contributes to a significant part of the operational costs of banks, Cloud Technology provides cost benefits, scalability and many more benefits to the banks. Banks have started adopting Cloud Technology to derive the benefits. Cloud is a key platform for mid-sized players in banking sector to accelerate IT adoption, particularly in co-operative and rural banking.
What are the future plans of DSCI pertaining to data and its security?
DSCI has been deeply engaged with India’s BSFI sector and has been working in tandem with the stakeholders from technology side, business side, regulatory side as well as policy side to anticipate the threat landscape and make actionable recommendations to both Government as well as Industry to better protect the critical infrastructure of Financial Systems and Processes in the country.
Recently, DSCI, in conjunction with the players from the Digital Payments industry and government, launched the Digital Payment Suraksha campaign which is aimed at making a robust, safe and secured Digital Payments ecosystem in the country. We also recently submitted a Cyber Security roadmap for India’s Digital Economy to the Department of Science and Technology. This roadmap entails a thorough study of Cyber Security landscape of five key technological areas, one of them being Financial Systems and finally proposes a set of concrete recommendations to the – policymakers. We shall continue to step up our efforts of engagement with this critical domain and come up with impactful thought leadership for different sets of stake owners in the BFSI domain.