Chief Information Security Officers (CISO) Forum

IDRBT formed the Chief Information Security Officers (CISO) Forum in the year 2010 with a view to provide a platform for CISOs of all banks to discuss common security concerns in the Indian Banking and Financial Sector and collaboratively provide solutions. The mission of the CISO Forum is to:

  • provide a platform for learning about the latest security technologies
  • share day-to-day problems in implementing security in banks
  • continuously upgrade the security posture of banks.

Over time, the CISO Forum has emerged as the preferred platform to collaboratively discuss and provide solutions for Information Security concerns in the Indian Banking and Financial Sector, which contributes to enhanced Information Security in Banks. The CISO Forum is an active body for learning and doing in the area of Information Security in Banks and is serving as an effective platform for the CISOs of banks to discuss and resolve information security related issues.

The CISO Forum meets once every three months and the latest meeting of the CISO Forum was held on December 12-13, 2022 at Bank of Baroda, Mumbai. Prof. D. Janakiram, Director, IDRBT, & Shri Joydeep Dutta Roy, Executive Director, Bank of Baroda, jointly inaugurated the meeting.

Speaking on the occasion, Prof. D. Janakiram focused attention on the ever-increasing attack surfaces and the critical need to work towards providing a cyber-safe environment for the Indian Banking and Financial Sector. As a part of the Institute’s contribution toward these efforts, he launched an unique Online Certificate Course in Ethical Hacking,  offered by IDRBT, exclusively for the Indian Banking and Financial Sector. This course covers the concepts of Cyber Security, Networking, Application Vulnerabilities, System Vulnerabilities, Vulnerability Assessment and Penetration Testing, and will provide bankers with hands-on experience in various facets of ethical hacking. Shri Joydeep Dutta Roy stressed on the importance of collaboration between IDRBT and banks to speed up innovation in banking and security technologies.

Shri. A. G. Giridharan, General Manager, Reserve Bank of India, presented on Master Direction for IT Governance and Shri. Navin Kumar Singh, Director General, National Critical Information Infrastructure Protection Centre (NCIIPC), explained their role in Securing CIIs of the country. He emphasized on developing cyber security capability maturity model and conforming assessment of systems for the protection of CIIs. Further, he dwelt upon the worldwide cyber attack incidents that happened in the last two years, including ransomware, data breaches, supply-chain, DDoS etc.  Shri. Ameen Nurul, Scientist-E, CERT-in, spoke on CERT-in directions for the Banking and Financial Sector.

Dr. Dipanjan Roy, IDRBT, presented the summary of the cyber drill conducted in November 2022. Therafter, top performing banks’ CISOs explained their strategies for the recent cyber drill. Dr. Rajarshi Pal, IDRBT, dwelt upon different Supply Chain related Attacks and corresponding combat strategies. Smt. Deepa Ojha, Data Security Council of India, interacted with CISOs and discussed on Data Privacy and Protection draft bill. Over 55 CISOs from vaious banks participated.

The CISO Forum, functions under the aegis of the Institute’s Centre for Cyber Security and Data Privacy and is coordinated by Dr. B.M. Mehtre, Dr. Rajarshi Pal, and Dr. Dipanjan Roy, Faculty, IDRBT.

UCB CISO Forum

The Institute formed a CISO Forum exclusively for Urban Cooperative Banks (UCB) in the year 2021 and the first meet of the Forum was held on May 06, 2021.

The latest meeting of the Forum was held on December 05-06, 2022. Inaugurating the meeting, Prof. D. Janakiram, Director, IDRBT, highlighted the latest cyber attacks and stressed on the need to adhere to the four “AAAA” layers, i.e., Awareness, Alertness, Attention, and Agility.

Thereafter, Shri Ashutosh Bahuguna, Scientist-E, CERT-in, dwelt upon different security solutions followed by banks and also suggested that UCBs should have an incident response plan, highlighting the five vital pillars for cyber defence that CERT-in follows, i.e., reactive, proactive, monitoring, cyber security assurance, and international cooperation. Dr. Rajarshi Pal, Faculty IDRBT, spoke on cybersecurity security breaches and defense strategies and Dr. Dipanjan Roy, Faculty, IDRBT, presented the details of the IB-Cart & the summary of 3Oth Cyber Drill.

Shri G. Naga Mohan, Ex CISO, Bank of India, presented a case study of a cooperative bank in which the payment system was attacked, and suggested having 2-factor authentication for all important servers. Sangram Gayal, PWC, presented the SOC overview and mentioned the cyber threats that are evolving in cyberspace. He spoke on the nation-state attacker and supply chain attacks. Over 45 CISOs from various UCBs took part in the forum.

The UCB CISO Forum is coordinated by Dr. Dipanjan Roy, Faculty, IDRBT.