Banks in India are not spending fully on procurement of IT security systems: RBI DG

and also monitor them for their continued availability and stability," he added.

According to data provided by Union Minister of State for Finance Bhagwat Karad in the Parliament last year India’s banks reported 248 successful data breaches by hackers and miscreants between June 2018 and March 2022. The number of frauds in the banking sector during the first half of the current financial year has increased substantially to 14,483 cases, although the amount involved is only 14.9% of the previous year's amount, according to a RBI report, as reported by PTI.

Additionally, in FY2023, the total number of fraud cases in the banking system were 13,530. Of this almost 49% or 6,659 cases were in the digital payment – card/internet – category.

So the questions comes how can banks and financial institutions stay safe from the threat that cyber attacks pose.

Swaminathan added that the only way for banks to stay secure is to invest in IT and IT security tools.

"Cyberthreat is real, banks need to build superior skill sets, domain expertise and put them in top of priority in order to insure the institutions is kept out of the harms way," said Swaminathan.

Further talking about the need to having robust disaster recovery and integrated Business Continuity Plan testing.

"Banks and other ecosystem participants must have robust Disaster Recovery (DR) and Business Continuity Plans (BCP) in place and test them periodically.

Further, IT infrastructure and channels have to be protected from the emerging cyber threats to ensure operational resilience," said Swaminathan.

Cybercrimes in digital banking not only harm customers but also inflict significant losses on banks during data recovery. The impact spans infrastructure, data, reputation, and finances, with banks often facing substantial costs to restore compromised information and systems. Robust cybersecurity is imperative to mitigate these widespread consequences. This is where a robust DR and BCP system comes in importance.

Business continuity planning is the process for any bank to ensure the maintenance and recovery of operations and customer services when confronted with adverse events. Meanwhile a DR is designed to outline what needs to be done immediately after a disaster to begin to recover from the event.

Notably, the importance to guard to guard against cyber risks was highlighted by State Bank of India (SBI) Chairman Dinesh Kumar Khara on Wednesday (December 27) at the conclave.

Speaking to CNBC-TV18's Shereen Bhan, Khara emphasised the need for entities, whether banking or non-banking, to guard against cyber risks.

Additionally, the RBI in November, introduced a comprehensive master direction on information technology (IT) governance, risk, controls, and assurance practices for banks and NBFCs.

Emphasizing strategic alignment, risk management, resource management, performance management, and business continuity/disaster recovery management, these directives, known as the Reserve Bank of India (Information Technology Governance, Risk, Controls, and Assurance Practices) Directions, 2023, are slated to be enforced from April 1, 2024.