Chief Information Security Officers (CISO) Forum
IDRBT formed the Chief Information Security Officers (CISO) Forum in the year 2010 with a view to provide a platform for CISOs of all banks to discuss common security concerns in the Indian Banking and Financial Sector and collaboratively provide solutions. The mission of the CISO Forum is to:
- provide a platform for learning about the latest security technologies
- share day-to-day problems in implementing security in banks
- continuously upgrade the security posture of banks.
Over time, the CISO Forum has emerged as the preferred platform to collaboratively discuss and provide solutions for Information Security concerns in the Indian Banking and Financial Sector, which contributes to enhanced Information Security in Banks. The CISO Forum is an active body for learning and doing in the area of Information Security in Banks and is serving as an effective platform for the CISOs of banks to discuss and resolve information security related issues.
The CISO Forum meets once every three months and the latest meeting of the CISO Forum was held on March 13-14, 2023 at the Institute. Inaugurating the meeting, Prof. D. Janakiram, Director, IDRBT, focused attention on Google Hacking, Vulnerability Analysis of pages in Google’s Database, Extended Detection Response, Log Analysis, AI Endpoints, Threat Vectors, and Managed XDR. He differentiated between Zero Trust and Smart trust and emphasised the significance of smart cybersecurity concepts.
Thereafter, various developments in the field of cyber security were deliberated upon. Shri. Shailendra Trivedi, Chief General Manager, Department of Information Technology, Reserve Bank of India, spoke on IT & Security – Cooperation or Chain of Command. Shri. Dharshan Shanthamurthy, CEO and Shri. Renju Varghese, Vice President, SISA, presented case studies on recent cyber frauds. Shri Ganapathy Rao Krovi from TUV SUD dwelt upon the ISO 27001:2022 standard and Shri A. Shivaprakash, Ernst & Young, presented a comparison of security perspectives between various public cloud service providers. Prof. B. M. Mehtre, IDRBT, spoke on “Dark Web Monitoring,” and Dr. Dipanjan Roy, IDRBT, presented a summary on the Cyber Drill conducted in February 2023.
The CISOs also shared their experiences and expertise on a range of topics, including on developing a security strategy for the new financial year, implementing preventive measures for DDoS attacks, creating security checklists for cloud, API, and open-source software. Over 30 CISOs from various banks participated.
The CISO Forum, functions under the aegis of the Institute’s Centre for Cyber Security and Data Privacy and is coordinated by Dr. B.M. Mehtre, Dr. Rajarshi Pal, and Dr. Dipanjan Roy, Faculty, IDRBT.
UCB CISO Forum
The Institute formed a CISO Forum exclusively for Urban Cooperative Banks (UCB) in the year 2021 and the first meet of the Forum was held on May 06, 2021.
The latest meeting of the Forum meet was held on March 16-17, 2023. Prof. D. Janakiram, Director, IDRBT, in his inaugural speech, emphasised the importance of maintaining cybersecurity hygiene, patch management, and port scanning on infrastructure, as well as using automation in security tools to improve attack detection and response times.
Thereafter, Shri Ganapathi Rao Krovi from TUV SUD highlighted the significance of the revised ISO/IEC 27001:2022 for organisations, as well as its key modifications and transitions. He also explained the structure and requirements of the revised standard regarding information security posture and security management systems. Shri Shavya Mehtha, Global Insurance Brokers Pvt Ltd., presented on cyber insurance and discussed different market trends in BFSI for cyber insurance.
Shri Sunil Soni, Senior Domain Expert, IDRBT, presented on the Master Direction on Outsourcing of IT Services and provided examples of major cyber-attacks. Shri Srinidhi Venugopal, Imperva, spoke on Database Activity Monitoring emphasising the importance of data-centric compliance and protection. Shri Grish Kalvi, Infrasoft, explained about the enhanced security features of CBS 3.8 and addressed queries on technological problems faced by different UCBs while using their CBS application.
Dr. Rajarshi Pal, IDRBT, presented OWSAP’s top 10 web application vulnerabilities and discussed bad password management, mobile malware, problems in biometrics, improper session termination/session fixation attacks, and mitigation of session fixation attacks. Shri V A Prasanth, Senior Domain Expert, IDRBT, spoke on fraud risk management, discussing the psychology of frauds and the mitigation framework.
Dr. Dipanjan Roy, IDRBT, presented the summary of the 31st Cyber Drill conducted in February 2023, which saw the participation of 59 banks. Around 45 CISOs from various UCBs took part in the meeting.
The UCB CISO Forum is coordinated by Dr. Dipanjan Roy, Faculty, IDRBT.