India Insights with Geetha Nandikotkur

Governance & Risk Management , Incident & Breach Response , Professional Certifications & Continuous Training

Rajan's Lasting Cybersecurity Impressions

Security Leaders Believe RBI Governor Set Tone and Vision for Banking Security
Rajan's Lasting Cybersecurity Impressions
Raghuram Rajan, outgoing governor, The Reserve Bank of India

Reserve Bank of India Governor Dr. Raghuram Rajan's decision to step down at the end of his term in September has sent ripples across the banking sector and the security fraternity. Although India's regulatory body has witnessed many heads roll, this is the first time in the history of Indian banking that the security industry has reacted to the change at the top.

See Also: 2022 Unit 42 Ransomware Threat Report

As Rajan decides to get back to his passion - teaching - security leaders say that what Rajan had started will remain exclusively his legacy. He's one of the few top executives who had a practical vision for cybersecurity in the banking space.

The legacy of his (Rajan's) contribution will be visible when we will have most of Indian banking on digital devices with adequate cybersecurity and required controls mandated by the RBI 

Under his regime, RBI directed banks to address risks arising out of growing incidents of cybercrime related to financial transactions (see: RBI Plans Cybersecurity Arm for Banks).

In a note to bank chief executives, Rajan said, "Banks should immediately put in place a cybersecurity policy elucidating the strategy containing an appropriate approach to combat cyber-threats, given the level of complexity of business and acceptable levels of risk."

Rajan's Drive for Cybersecurity

What needs to be acknowledged is that Rajan realized that the Indian banking system understands too little of IT, and there are various ways of penetrating cyber defences, including through people rather than processes or networks.

He believed it's critical to judge the security preparedness of banks, as well as assess their effectiveness of technology adoption, in the wake of serious data thefts from central banks.

Some of his key accomplishments for the security industry include:

Clearly, Rajan's not oblivious to the risks the new initiatives would bring in, as he cautioned: "Along the UPI payment chain, transactions can go wrong. There's a need for a system handling customer complaints, grievance redressal and protection from security breaches and fraudulent transactions."

L. S. Subramanian, cybersecurity consultant for BFSI and founder of NISE, says: "Rajan will be remembered for granting licences to payment banks which operate digitally and also to small banks. The legacy of his contribution will be visible when we will have most of Indian banking on digital devices with adequate cybersecurity and required controls mandated by the RBI."

Lasting Impressions

The security fraternity to some extent is surprised over his close involvement with every security project associated with the banking industry.

For instance, Dr. A. Rajendran, CTO, National Payments Corporation of India, says, "I remember having a long discussion with the RBI governor twice during the course of product development on the UPI project to seek his insights. Security was his prime concern and he suggested ensuring and enabling customers to perform a secured transaction: such was his involvement."

Subramanian says Rajan has established the foundation for secure and trusted digital banking in India and has set the tone and vision for secure digital banking in India.

Practitioners hope that once RBI's cybersecurity policy comes into effect, the industry can see customers witnessing secure banking and CISOs breathing a sigh of relief.

To that extent, Rajan has formed a panel headed by Meena Hemachandran, executive director at RBI, to examine the cybersecurity aspects of banks in the wake of various threats and guide RBI on how to improve IT security.

Do you expect the new incoming RBI's head to carry out Rajan's legacy in establishing a cybersecure ecosystem? Are banks all set to assure their customers a cyber-safe transaction?

About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.