Chief Information Security Officers (CISO) Forum

IDRBT formed the Chief Information Security Officers (CISO) Forum in the year 2010 with a view to provide a platform for CISOs of all banks to discuss common security concerns in the Indian Banking and Financial Sector and collaboratively provide solutions. The mission of the CISO Forum is to:

  • provide a platform for learning about the latest security technologies
  • share day-to-day problems in implementing security in banks
  • continuously upgrade the security posture of banks.

Over time, the CISO Forum has emerged as the preferred platform to collaboratively discuss and provide solutions for Information Security concerns in the Indian Banking and Financial Sector, which contributes to enhanced Information Security in Banks. The CISO Forum is an active body for learning and doing in the area of Information Security in Banks and is serving as an effective platform for the CISOs of banks to discuss and resolve information security related issues.

The 42nd meeting of the CISO Forum was held at IDRBT on September 11-12, 2023. Inaugurating the meeting, Prof. D. Janakiram, Director, IDRBT, emphasised the criticality of cybersecurity for the financial sector and dwelt upon the potential synergy between AI and blockchain, focusing on AI’s role in enhancing blockchain through data analysis and smart contract automation. He stressed on the CISO’s responsibility for secure AI implementation, ethical blockchain data usage, and deep learning of cyber threats to safeguard banks and financial institutions.

Shri. M K Chaitanya and Smt. Jyotsna, CDAC, spoke on “CDAC Security Solutions based on Mobile and Blockchain Technologies.” They showcased various Android platform-based security applications, including Vishleshak, tailored for mobile app security and threat assessment; Parikshan, an automated security assessment and penetration testing tool for Android applications; Mkavach-2, a comprehensive mobile device security solution targeting emerging threats in Android-based devices; and Prabandh.

Thereafter, the CISOs visited the Telangana Public Centre of Excellence in Cyber Security, where various real-life cases of cyber fraud in the banking sector were demonstrated.

Shri. Karmedra Kohli (CEO) and Shri. Seemanta Patnaik (CEO) from SecurEyes provided a comprehensive overview of SecurEyes Risk Management, underscoring its critical role in fortifying an organization’s defenses against cyber threats. Additionally, they demonstrated how a hacker can gain remote access to a mobile device using an untrusted charging cable.

Dr. Rajarshi Pal, Faculty, IDRBT, outlined significant updates in the Data Protection Act affecting Chief Information Security Officers (CISOs). He stressed the importance of robust security practices to protect digital personal data. Dr. Dipanjan Roy, Faculty, IDRBT, presented a summary of the 33rd Cyber Security Drill conducted in August 2023, highlighting key learnings, challenges, and best practices identified during the drill.

Following these presentations, CISOs shared their insights and experiences regarding cyber-attacks and security tools. Around 40 CISOs participated.

The CISO Forum, functions under the aegis of the Institute’s Centre for Cyber Security and Data Privacy and is coordinated by Dr. B.M. Mehtre, Dr. Rajarshi Pal, and Dr. Dipanjan Roy, Faculty, IDRBT.

UCB CISO Forum

The Institute formed a CISO Forum exclusively for Urban Cooperative Banks (UCB) in the year 2021 and the first meet of the Forum was held on May 06, 2021.

The latest meeting of the UCB CISO Forum was held on December 11-12, 2023. Inaugurating the meeting, Prof. D. Janakiram, Director, IDRBT, focused on the significance of customer segmentation for banks, infrastructure for IT and Cyber Security, the importance of cloud technology in banking environments, and the benefits of Generative Artificial Intelligence.

Thereafter, Prof. V. N. Sastry, IDRBT, provided a comprehensive overview of mobile security, covering vulnerabilities, potential threats, security goals, entities within the mobile ecosystem, and presented a use case of mobile payments. Prof. B. M. Mehtre, IDRBT, provided insights into security policy and dwelt upon recent cyber-attacks on banks, offering an overview of the cybersecurity landscape and its challenges.

Shri Sarath CK, RBI, spoke on Master Direction on Outsourcing of IT services, focusing on Level-III and Level-IV categorisation and various associated activities covering guidelines, roles, and risk management frameworks. Dr. Dipanjan Roy, Faculty, IDRBT, presented a report on the 34th Cyber Drill conducted in November 2023.

Shri Anil Sangvekar and Bhuvanesh Pimple from IFTAS spoke on Community Cloud Services, Shri. Naveen and Ms. Ihita from CloudSEK on Dark Web Monitoring, Shri. V. Narsimha Murthy, former CISO, Andhra Bank, on Cyber Security Audit and Dr. Sriram B. from DSCI on Digital Personal Data Protection. Around 20 CISOs from various UCBs participated.

The UCB CISO Forum is coordinated by Dr. Dipanjan Roy, Faculty, IDRBT.