rd secure bfsi conclave - donutsdocshare01.docshare.tips › files › 28516 › 285163725.pdf ·...

13rd SECURE BFSI CONCLAVE 2015 - Special Issue

APRIL 10, 2015 SWI Security Report Vol 4 Issue - 12

April 10th, 2015, Sofitel, Bandra Kurla Complex, Mumbai

3rdSECURE BFSI

CONCLAVE

Special Issue on the occasion of

• •

C

M

Y

CM

MY

CY

CMY

K

NEC_Neoface Watch-May edition_FAp.pdf 1 3/17/15 11:12 AM

• •

C

M

Y

CM

MY

CY

CMY

K


• •

C

M

Y

CM

MY

CY

CMY

K


Introduction: Pg 5

Key Speakers: Pg 6-18

Bank Security:Securing Banks in the 21st Century Pg 21-25

10 Best Practices for Cyber Security in 2015 Pg 29-30

Tackling the Cyber Threat- Way Forward Pg 51-52

Technology News Segment : G20 Summit in Queensland Secured by Teleste’s Video Surveillance Solutions Pg 31

Videonetics bags ‘Best R&D effort of the year’ award by SECONA in association with Pg 32-33Secutech India

News Briefs: Pg 36-48 Cyber SecurityFraudsCity Security and Police ModernisationSmart Cities

Lead Writer: Pathikrit PayneContributors: Shelly Bhasin, Shivani LalCopyright © Security Watch India 2015 Security Watch India (SWI) is a non-partisan, not-for-profit organization that addresses issues in the space of the relatively new homeland security sector. SWI works towards a secure tomorrow by enhancing security awareness and consciousness in Indian industry and civil society. SWI also guides and facilitates potential investors interested in the Indian homeland security business. Security Watch India is not responsible for the facts, views or opinion expressed by the author(s) in this report. Republication or re-dissemination of the contents of this document are expressly prohibited without the written consent of Security Watch India. You can avail these reports for a year by joining Security Watch Indian Membership program or independent annual subscription for just Rs. 2500 (50USD).The subscription will afford you latest and most relevant information on Indian Homeland Security situation that will help you make right decisions for your business.

For advertisement related queries please contact:Write for more information please contactAmit Siddhartha E: [email protected] Mob: +91 9953685326Aniket Gupta E: [email protected] Mob: +919811319236

www.securitywatchindia.org.in

CONTENTS

4 3rd SECURE BFSI CONCLAVE 2015 - Special Issue


3rdSECURE BFSI

CONCLAVE Organised By:

Exhibitors

Associate Sponsors:

Lead Sponsor:

Knowledge PartnerCyber Security PartnerLanyard Sponsor:


Following the overwhelming success of previous events, Security Watch India is proud to present 3rd Secure BFSI Conclave on 10 April 2015 at Hotel Sofitel, BKC, Mumbai. PwC is the knowledge partner for the event. The key themes of the event are Cyber/Information security and Fraud Risk Management.

Secure BFSI Conclave will traverse yet another milestone in presenting quality content, ensuring high level of deliberations matching the expectations and aspiration of security and privacy professionals. While doing so it will also host a comprehensive exhibition, showcasing cutting edge technologies and service innovations.

The one day conclave will bring together cyber/information security and fraud prevention experts from across the financial sector to discuss security vulnerabilities as well as bring forward effective strategies and solutions to effectively mitigate them. For more details please visit www.banksecurityindia.com

The event offers a unique one day, interactive thought leader forum full of relevant topics gleaned from extensive research, market intelligence and feedback from industry leaders, influencers and senior executives. In addition to expert panels, case studies and keynote addresses, the conference will integrate new session formats that encourage audience participation, including: Unconference

Some of the discussions points include:

• CriticalSecuritySolutionsforregulationsandeffectivecyberdefense

• Next-Gensolutionsonregulationforaneffectiveanddynamicinformationtechnologyframework

• UsingAnalyticsforAdvanceSecurity

• Utilisingsoftwareandtechnologyforincreasedcybersecuritydefence

• Rethinkingfundamentalsofexistingcybersecurityapproach

• LeveragingActionableSecurityIntelligencetoDefendAgainstTargetedAttacks

• Insight,Investigation&Analysis-SecuringthePerimeters

• AuthenticationTechnologyToDriveInnovationinIdentityManagement

Some of the key speakers at the event include:

INTRODUCTION


Mr. Agnelo DsouzaChief Information Security Officer, Kotak Mahindra Bank

AgneloD’souzaisaPostGraduateinBusinessAdministration.HehastwentyyearsofindustryexperiencehavingworkedwithIndianExpressNewspapers,GlobalTeleSystemsand3iInfotechpriorto joiningKotakMahindraBank.At Kotak, he has worked in ITsecurity Operations before taking on the role of Chief Information Security Officer. He is responsible for formulating the

Information Security strategy and driving its implementation at the Bank. Agnelo has built a robust Information Security framework and received several industry accolades.

Mr. Ambarish DeshpandeManaging Director – INDIA & SAARC, Blue Coat Systems India

AmbarishistheManagingDirector–IndiaSalesatBlueCoatSystemInc,andhas been with the company for the past three years. He brings with him 19 years of experience in building teams, driving market expansion and putting successful channel strategies in place.

Prior to Blue Coat, Ambarish was the director of alliance, channels and mid-market South Asia at McAfee. Prior to McAfee, he spent seven years in Symantec. He also had working stints with IronPort, Samsonite and JVC among others.

AmbarishisagraduateoftheUniversityofMumbai.HeobtainedhispostgraduateinmanagementfromNMIMSinMumbai.

Mrs. Ashalatha GovindGeneral Manager & Group CISO, State Bank of India

MsAshalathaGovind is currentlyGeneralManager&GroupCISO inStateBankGroup.ShejoinedSBIasaprobationaryofficer.SheisanMBAgraduatewith additional qualifications of CISA, CIA(Certified Internal Auditor), Oracle certifiedDBA,CFP,CAIIBetc.

She has handled various assignments in the Bank like Branch Management, Credit management, NPAmanagementetc.ShehasalsobeenafacultymemberintheBank’sstafflearningcentre.She

KEY SPEAKERS


joined the IT department (handling the CBS System development) in the year 2003 from where she wasalsodeputedtothe‘BankofChina’forgivingatrainingonCBS.

Thereafter,shehadastintinI&MAdepttasaCreditAuditoronmobiledutycoveringlargedomesticand international branches. She has also participated in various panel discussions including one on CTSsystemconductedbyNPCI.

Some of her papers are published in the IBA journal.

Mr. Dilip PanjwaniAVP Information Security, DBS Bank

Dilip isahardcore ITprofessionalwith12+yearsof variedexperience intheIT&ISdomains.ACertifiedInformationSystemsSecurityProfessional(CISSP), BS7799 - Lead ISMS Auditor and hands-on manager with expertise and proven record of developing and implementing Information Technology Systems and Information Security controls based on global best practices

that improve and contribute to the organization’s efficiency & data security. Dilip’s experienceencompasses various industry verticals, both in Indian corporate as well as multinationals.

DilipPanjwanicurrentlyistheAVP–ITandCISOforDBSBankLtd(Indiaregion).Heisaccountableand responsible for strategy, risk management, information security program management and identitymanagement implementation forDBSBank.Headditionally is also responsible forSelfService Banking (SSB) and ATM Management from IT implementation and compliance perspective.

PriortojoiningDBSBank,DiliphasworkedatKotakMahindraBankLtdasInformationSecurityComplianceandGovernanceOfficerwherehewasresponsibleforsecurityoperations,newprojectsevaluation,securitycomplianceandgovernanceacrossthebank.Additionally,Dilipalsomanagedbusiness process security risk assessment, controls implementation and Information Security Awareness and Training across the entire Kotak group of companies.

Mr. G K GuptaVP & Head - Fraud Management Distribution Assurance, Max Life Insurance

A Risk and Audit professional with 22 years of Banking and Insurance sector experience in Max Life Insurance, American Express and Deutsche Bank.Head of FraudRiskManagement andDistribution Assurance. Experiencedin Risk and Assurance Audits, Regulatory Compliance. Enterprise Risk Management, Operations Risk Management, Continuous Controls Monitoring,

DataForensics,AutomationandSystemDevelopmentProjects,FinancialControls,OperationsandControls, Business Excellence and Quality Management.

SPEAKERS


Mr. K. S. NarayananHead – Operational Risk Management & Chief Information Security Officer, ING Vysya Bank

K.S.Narayananhas19yearsofindustryexperiencehavingworkedinITServicesandBankingindustry.PriortojoiningINGVysyaBankin2008,hehasworkedatHCLandTechMahindrainavarietyofrolesinITServicedelivery,NetworkSecurity,Information Security, Business Continuity Management and Risk Management.

AtINGVysyaBank,NarayananistheHeadofOperationalRiskManagement&CISO.HeisresponsiblefordrivingOperationalRiskGovernance&Management,CyberSecurity,DataGovernance,FraudRisk, Information Security strategy, Business Continuity and its implementation across the Bank.

NarayananholdsBachelorsofScienceinPhysics,MasterinFinancialManagement(MFM)fromK.J. Somaiya Institute of Management, Mumbai. He holds the following professional qualifications: CISA-Certified Information Systems Auditor, Certified Information Security Manager (CISM), CISSP, andSANSCertifiedIncidentHandler(GCIH).

Mr. Makesh ChandramohanHead – Information Security & Business Continuity, Birla Sun Life Insurance Company Limited

Makesh Chandramohan is an experienced and qualified information security professional with more than 13 Yrs of professional experience across various industry verticals likeBFSI, ITES,Telecom&manufacturing.He is currently heading the

information Security and Business Continuity function at Birla Sun Life Insurance and he was instrumental in setting up IS functions in various large financial services organization. By qualification he holds a Master ofComputerApplication(MCA),CISA(CertifiedInformationSystemsAuditor)&CISM(CertifiedInformationSecurityManager)fromISACA(USA).Heisaneminentspeakerandparticipateinvariousforums.

Mr. Mannan GodilChief Information Security Officer - Information Security Group

Heading Information Security Group, Mannan drives Information Security,Business Continuity, Technology Risk Management and Access Management forEdelweissFinancialServicesLtd.EdelweissisidentifiedasamongstIndia’sleading diversified financial services organization with business straddling across Credit, Capital Markets, Asset Management, Housing finance and Insurance.

SPEAKERS


With 15+ years of overall experience, Mannan has served the domestic as well as International business in the field of Information Security. He is a Certified Chief Information Security Officer (EC Council), Certified Information Systems Auditor, Certified in Risk and Information Systems Control and a Certified Ethical Hacker. Mannan’saccoladesincluderecognitionasamongstTop100CISOsforriskmanagementpracticesbyCISOPlatform,andbeingawardedwiththetitle‘InfoSecMaestros’byInfoSecuritygroup.Hehas also been awarded with the Risk Titan award by Edelweiss.

Mr. Menny BarzilayChief Security Evangelist, Uniken

Menny Barzilay is a cybersecurity strategist and esteemed public speaker. PriortojoiningUniken,MennyhasservedasaCISOintheIsraeliDefenceForces, Barzilay (Capt. (Res)) and head of the IT Audit department at Bank Hapoalim Group (Based in Israel). An evangelist of innovation, he meetsand advises many startups and entrepreneurs from around the world. In

addition, he lectures and serves as the host and panelist at cyber security conventions, conferences and professional work groups worldwide and his publications are featured in renowned computer magazines.

Mr. Michael kehoeIBM WW i2 EIA Sales Leader, IBM Analytics Group IBM

Michael kehoe is the IBM WW i2 EIA (Enterprise Insights Analyses) Sales Leader for the Commercial sector. His responsibilities are to work with clients and deliver solutions that solve their challenges caused by their overwhelming data. Currently he is working with WW clients in developing the next generation Security Operation Centers (SOC). Understanding your adversaries, their

threats and their methods to actively prepare to detect and defend against them.

Previously Mike was a senior global products manager for Smarter Cities, where he lead the delivery of product based solutions for world cities. His areas of expertise include industrial control, business intelligence, enterprise process design, business strategy, and technical opportunity realization.

MikehasahonoursdegreeinElectronic/ElectricalEngineeringfromTrinityUniversityDublinandholdsaMasterofBusinessAdministration(MBA)degreefromtheOpenUniversity.HehaswrittenPapers, redguides and has spoken around the world on what “becoming smarter” can achieve and is consideredtobeoneofIBM’sforemostforwardthinkersonthissubject.

SPEAKERS


Mr. Mohan V TanksaleChief Executive, Indian Banks’ Association

Mr.MohanVTanksaleistheChiefExecutiveofIndianBanks’Association.

Prior to this,Mr.Tanksalewas theChairman&ManagingDirector,CentralBankofIndiaandbeforethatExecutiveDirectorofPunjabNationalBank.Mr.TanksalestartedhiscareerasanofficerinUnionBankofIndiaatGwaliorin

1974.

Mr. Tanksale, a seasoned Banker having rich experience in Banking is backed by professional credentialslikeAssociateMemberofInstituteofCost&WorkAccountantsofIndia(ICWA),CompanySecretary (Inter)of the Institute of Company Secretaries of India, CAIIB, a Bachelor degree of Science and a master degree in English literature.

Mr. Pinaq DudhwalaChief Manager - Financial Crime Prevention Group, ICICI Bank Ltd.

Mr.PinaqDudhwalaisworkingasChiefManager,FinancialCrimePreventionGroup,inICICIBankLtd.Inthisrole,heisresponsibleforfraudpreventionanddetectionforCards,PaymentproductsandDigitalChannels.Hemanagesstrategy related to prevention and detection, vulnerability risk assessment of product,processandrelatedpolicyformation.Mr.Dudhwalastintwith ICICI

bank is more than a decade.

InICICIbank,Mr.DudhwalaheadedvariousrolesinFraudriskmanagementwhichencompassesapplication and vendor screening, investigation in different segment of products like Cards, Payment Product, Retail Asset, Mortgages, Small Medium Enterprise, Rural and Priority Sector lending. Prior totakingFraudriskmanagementprofile,Mr.Dudhwalahasworkedinbusinessfunctionandwasresponsible to deliver top lines target and set up distribution channels. He has also worked with GeneralElectricCountrywideConsumerFinancialServicesforastintof3yearsinsalesandbusinessmanagement role.

He is also an active core committee member of India Payment Risk Council (IPRC) and represent on behalf of IPRC in various industry forums that work to combat card and payment fraud. He is a regular speaker at academic university, industry forum and contributes actively to the industry. He holds post-graduation Business Management and is an Associate Certified Fraud Examiner. He is also a Certified Anti Money Laundering Expert.

SPEAKERS


Mr. Ravikiran S. MankikarChief General Manager - Information Technology Department, The Shamrao Vithal Co- operative Bank Limited

RavikiranMankikarispresentlyworkingasChiefGeneralManager–InformationTechnology at the Shamrao Vithal Co-operative Bank, Mumbai.

He has a rich experience in the field of banking and implementation of technological projects. He is driving the IT initiatives at the SVC Bank. Implementation of in-house developed‘Genius’Bankingapplications.

Earlier to this he has had stints with the technology departments of the IndusInd Bank and the Janakalyan Sahakari Bank. WHe has had experience in setting up Tier 3 Standard compliant data centre for the Bank and the Bank getting certified for ISO 27001 (Information Security) and ISO 22301 (Business Continuity) practices.

A graduate in commerce, he has a Diploma in Systems Analysis. Recently he has acquiredinternational certifications of BS7799 & Quality Management Systems. He is also a CertifiedInformationSystemsAuditor(CISA)andCertifiedintheGovernanceofEnterpriseIT(CGEIT)andCertified Information System Banker (CeISB). He is the only awardee from the Co-operative Banking sectoroftheC.H.BhabhaScholarship&ResearchAwardforhisdissertation“Impact&Implicationsof Computerisation in Banks” conferred by the Indian Banks Association in 1997.

HehasbaggedvariousITawardsincludingtheCTOoftheYear&CIOGoldAward,CIO100,BestCIOoftheYearandtheOutstandingAchieveroftheYearAward,etc.HeisactivelyinvolvedwithISACA–MumbaiChapter, has worked on the Managing Committee of the Chapter and has been the President of the Chapter.

He is on the Executive Managing Committee of the Computer Society of India, and having also served on the ManagingCommitteeoftheComputerSocietyOfIndia–MumbaiChapterincapacityofTreasurerandSecretary.

He is also a regular speaker at various forums on Core Banking, Information Security and Information SystemsGovernance.

Mr. Richard J.D. CollardWW Business Development - i2 Advanced Visual Analysis & SME Fraud, AML & Risk, IBM

Richard Collard draws on a business-based career, with 2 of the major global fraud analytics organisations - specialising in the provision of detection solutions and consulting for credit and debit card issuers and for AML. Prior to joining IBM through its acquisitionof ILOG,Richardworked todevelop

a radical, new approach to rules-based fraud detection through the automated generation of rules using genetic algorithms and evolutionary computing techniques.

SPEAKERS


His approach to financial crime management is, therefore, holistic and non-prescriptive - he espouses thebeliefthatthereisnosuchthingasa‘one-size-fits-allsolution’.ThisfitsextremelywellwiththecomponentisednatureofIBM’sapproachtothechallengesthattheFSSindustryfacesin2015andbeyond-especiallywiththefast-evolvingthreatsincyber-space.IBM’sabilitytodrawon‘best-of-breed’component sensures that an institution is not tied to a specific specialisation or paradigm - a key benefit when considering the specific nature of fraud and financial crimes within any single geography.

He has worked on major operational reviews for card issuers in South Africa and Switzerland generating significant $ savings and operational efficiencies and has been instrumental in the recent adoption of Business Rules Management Systems (BRMS) technology as a major component of a hosted fraud detection capability at MasterCard. Current projects include driving a major transformational project withoneofthemajorUKbanks’AMLgrouptoensureeffectiveresolutionofentitiesacrossbusinessunits and geos using a combination of paradigms and technologies.

Richard’sabilitytodrawonglobalexperienceallowssignificantknowledgetransferofglobalbestpractice.

His approach is consultative and respectfulof geography and culture which ensures that the thought-leadership that he provides is positively received - traits which have earned him significant respect through his engagements.

He has a Bachelors degree in French and Economics and has published work by IBM.

Mr. Saleem JavedTechnical Director, Skybox Security

Responsible for the technical leadership in Asia-Pacific markets, Saleem Javed has more than 15 years of Information Security experience. Prior to joining Skybox Security, Saleem Javed was a Security Architect at Hewlett-Packard SingaporePte.Ltd.Previously,heheldmanagement&consultingpositionsatCitibank,Verisign,WiproTechnologies,GeneralMotors,Datacraft.Heisa

CISSP,CISM,CRISCandholdsaBachelor’sdegreeinEngineeringforElectronics&Communication.

Mr. Sameer RatolikarSVP & Chief Information Security Officer, HDFC Bank

Sameer Ratolikar, presently working as SVP & Chief Information SecurityOfficer, HDFCBank. Before this he was CISOwith AXIS Bank. Previouslyhe was working with Bank Of India as CISO and CTO, and Ministry of IT on deputationtogovernmentofGujaratasPrincipalSystemsAnalyst(Security&networks).Hehas20yearsofexperienceinITandInformationSecurity

domain. He holds certificates such as CISA, ISO 27001LA, CEH, BS25999 LA, COBIT. ITIL v3, MCSE,CCNA,Cyberlaw.

SPEAKERS


SameerisPioneerinIndianbankingindustryforachievingISO27001,PCI-DSSandBS25999certificationfortheBank;toestablishZACHMANframeworkandSABSAbasedInformationsecurityarchitecture.Hehasimplementedhugesecurityprojectslike2FA,Dataleakageprevention,Identity&Accessmanagement,GRC,SOC,PCI-DSS,ISO27001,BusinessContinuityacrossmajorBUsoftheBank.Sameerisalsoonthe panel of Regulators and IBA on developing “Security Standard for Indian banks”.

Heisalsoauthoredabook“InformationSecurity-Demystified”forbank’susersandemployees.Heisalsoan active Information Security, Privacy and Cyber Crime speaker in various national and international.

Mr. Shailesh VermaSVP & Head Debt Management and FCU Retail Lending & Payments, Axis Bank Ltd.

Shailesh Verma joined Axis Bank in 2008 and currently heads the Consumer Lending and Agriculture Debt Management and Fraud Control Unit. Hehasbeen instrumental in settingupandenhancing theDebtManagementFramework for the bank.

TodaytheAxisBankDebtManagementteamisrenownedforitsDebtManagementpractices.Itsstrengthis underscored by one of the lowest debt numbers on a portfolio growing at a scorching rate since the last 3 years. The Axis Fraud Control Team has also been recognized at various industry forums for scoring many Firsts in India. They have won the Best Acquiring Bank Award in South Asia at the Visa International Forum.

Shaileshisspearheadingapath-breakingprojectforusingIT&ITEnabledServicesfordevelopingacompleteautomatedecosystemforFraudManagement&DebtControl.

Shailesh is also the current Chairperson of India Payments Risk Council an interbank initiative to fight Fraud across the payments industry in India. Before joining Axis, Shailesh worked with Standard Chartered Bank in India handling various functions, the last ones being the Country Head –IndiaforFraudControlPracticesUnit.

ShaileshholdsaMastersDegreeinBusinessAdministration.

Ms. Shraddha TickooTechnology Specialist, Trend Micro

Shraddha Tickoo works as a Technology Specialist for Strategic Security products offered by Trend Micro. She works closely with the Sales, Marketing, and Presales Teams to provide Consultancy and best practices for implementing these products. She also works with Enterprise customers and helps them in deploying security solutions in the best possible manner.

SPEAKERS


Prior to her current assignment, Shraddha has worked for Reliance Communications and been a part ofvarioussecurityimplementationprojects.SheholdsBachelor’sinComputerSciencedegreeandcarries with her extensive knowledge of IT Security challenges and solutions.

Mr. Siddharth Vishwanath Partner, Cyber Security Services, PwC

Siddharth is a Chartered Accountant and an MBA from Indian School of Business. HeisaPartnerwithPwC’sCyberSecurityPactise.Hehasmorethanfifteenyearsof experience spanning across business and technology risk. Siddharth has led several projects across strategy, IT Risk, Vulnerability Management, ISMS, BCP and Information Secuirty awareness programs for Banks and Telcos.

Siddharth is a keen speaker at academic institutes and other forums. He has authored reports on topics such as Insider Threat, Risks in Social Media, Managing risks i an interconnected world.

Mr. Sivarama Krishnan Partner and Cyber Security Leader, PwC

Sivarama Krishnan is a Partner and Cyber Security Leader, India at PricewaterhouseCoopers Pvt. Ltd. with more than 18 years of experience and has special focus on Financial Services, Telecommunications, Technology, and E-Governanceareas.Headvisesorganizations in theareas includingCyberSecurity, Information Security, Business Strategy, Regulatory Compliance,

RiskManagement,ProcessImprovement,e-Governance,ITStrategy,ERPandApplicationSelection,Project and Program Management, Vendor Evaluation and Bid Process Management.

SivahasadvisedanumberofIndian,MNCandGovernmentclientsonCybersecurity,Informationsecurity, business strategy, business continuity, IT strategy, regulatory compliance, risk management, process improvement, program management. Siva is a known authority in the cyber security domain in India, speaking and publishing frequently on a number of security issues at various prestigious national and international forums.

SivahasadvisedtheGovtofIndiaontheInformationTechnologyAct2000,heisontheStrategyCouncil of DSCI,NASSCOM, and on the board of several prestigious educational institutionspioneering security education in India. Siva has an MBA from the Indian School of Business (ISB), Hyderabad and is a qualified Chartered Accountant.

SPEAKERS


.

Mr. Sourabh ChatterjeeVice President Technology & Head -Applications, ICICI Lombard General Insurance Company

Sourabh Chatterjee, in his current portfolio at ICICI Lombard, is managing the end to end application portfolio for core policy administration systems, centralised rules management, claims, reinsurance, accounting, money management and reporting. In addition, I have the accountability for systems

and processes related to partner tie-ups, L1 support for all applications across the company, document management and workflow management systems across the company, reporting to the COO and Head of Ops and Technology with a dotted line to business heads for Retail Sales, Corporate Sales, Underwriting and Finance. Total team size managed including vendors is220+FTE’s.

HehasworkedindiverseenvironmentsinUnisysandhasmanagedtheoverallrelationshipanddeliveryfora USD50M+ Fortune 100 Life Insurance carrier inUSMidwest. Accountable for both revenue growth and profitability and single point ownership for all deliveries across Business and Process Consulting, Application development and maintenance and Infrastructure in a managed services model. Managed the account of 450+FTE’sspreadacrossIndiaandUSinvariouslocationsandhavingvariedskillsetsacrossvarioushorizontaland vertical business units within Infosys.

He has a 15+ years of Information Technology expertise, executing large/ complex multi million dollar IT programs with Fortune 500 clients across the globe. Currently accountable for a large portfolio of core Insurance applications, Partner Tie-ups and Allied ecosystem of apps including document management, workflowmanagement,centralisedrulesmanagementetcforIndia’slargestGeneralInsurancecompany.

Mr. Subhash SubramaniamChief Information Security Officer, ICICI Bank

Subhash has a total of 20 years of experience in diverse areas. He started his career withNationalStockExchange(NSE)andworkedtherefor3years(partofcoreteamwhichbuilt&rolledoutIndia’sfirstelectronicexchangetradingplatform).In1997,quitNSEandsetupatechnologystartupspecializinginwebapplications,e-commerce portals and eLearning solutions. He expanded the operations with

developmentcentersinMumbai&Puneandclientsspreadacrosstheworld.

After achieving scale, sold off the business to strategic investors and divested stake and joined ICICI Bank in 2004 and have been with the Bank for over 10 years with rich banking experience in diverseroles–TreasuryOperations,Technology,RiskManagementandInformationSecurity.HeiscurrentlydesignatedastheChiefInformationSecurityOfficer(CISO)forICICIGroup–responsiblefor ICICIBankandall itsGroupcompanies in Indiaand internationally.SubhashholdsBachelorinComputerSciencefromFergussonCollege,UniversityofPuneandMBA(Finance)fromNMIMS(BombayUniversity).

SPEAKERS


Mr. Sundareshwar Krishnamurthy Associate Director, Cyber Security Services, PwC

Sundar is an Associate Director with PwC’s Cyber practice. He hasmorethan 12 years of experience in advising clients to build and sustain robust Security programs. He focuses on Banking and Telecom sector. He is currently workingwithoneofthenewbanksthat’sbeingsetuptodefineandimplementtheir Security program. Over the last decade, he has advised several public

and private sector banks adhere to security conditions of regulatory requirements, Technology risk management, business continuity and disaster recovery, Information security policies and processes, Online banking security, IT strategy, application selection and bid management.

Mr. S.V. Sunder KrishnanExecutive Vice President and Chief Risk Officer, Reliance Life Insurance

• Enterprise Risk Management (ERM) and oversight of Internal Audit, BCP, Information Security, Legal, Secretarial, Claims and Compliance functions.

• Implemented risk based strategy in all the above functions with the use of technology.

• First Insurance Company in India to rate the Enterprise Wide Risk ManagementandSolvency–throughBrickWorksRatingAgency–gotaratingofAAA

• Investment Risk Management - Mid-Office Operations, Market Risk Management, Credit Risk Management, Asset Liability Management and Operations Risk Management

• ApartoftheStandingCommitteeonAccountingandInvestments–IRDAI

• Review of dealing room operations and institute controls to check insider trading

• Coordinate Asset Liability Management and ERM (Control Committee) executive level meetings

• Coordination and reporting to the Board Risk Management Committee, Board Asset Liability ManagementCommitteeandBoardAudit&ComplianceCommittee

• WontheBestInnovationGroupQualityawardforPostIssuanceRiskVerification

Experience of Three decades in various Organizations listed below

Background as a senior and middle level manager with iexposure to Bank businesses and operations in more than 12 countries

• Partofallthecoregroups–ManagingCommittee,ControlCommittee,BoardMeetings,ProductCommittee, InvestmentCommitteeand the like. IT consulting& strategy, IT security and ITAudits for banks in India and abroad

• Marketing of Assurance, IT security and consulting services during the managerial tenure in Ernst&Youngfortheyears1993–97andduringconsultancyassignments2002-03.

Worked for various organizations such as:

DSP Merrill Lynch for the Year 2005-06 as Senior Vice President - Corporate Audit Services for the

SPEAKERS


entireDSPMerrillLynchGroupofCompanies,MemberofRiskandAuditCommittees.Thisentailedreview of business and operations of the investment banking company, Broking Company and the Asset Management Company

ING Vysya for the years 2003-05 as Senior Vice President and Senior Audit Manager - Corporate Audit Services and a permanent invitee to various IT committees, Member of IT steering Committees, Risk and Audit Committees. This entailed review of business and operations of the Banking Company, Insurance Company and the Asset Management Company

Credit Lyonnais as Vice President – Audit, Compliance and Integrated Risk Management and a member of the weekly Managing Committee for the years 2000-02. A Member of Weekly Management Committeeresponsibleforrunningofthebank.CoordinateConcurrentAuditofInvestments–whichentails review all the investment transactions.

Standard Chartered as Senior IT auditor responsible for IT audits, payments audit for 12 countries in Middle East and South Asia regions for the years 1998-2000, Handled two projects: Credit cards at DubaiandCarLoansinMumbai.

Bank Internasional Indonesia as Head of Audit and Compliance and a part of the weekly Management committee of the Bank, Member of weekly management committee responsible for running of the bank. ALCO committee and Coordinate concurrent audit of investments

Ernst & Young – Audit Manager – Managing a number of Financial Services assignments

Delloitte - Statutory audit of NOCIL, PIL, Tandon Group of companies in SEEPZ

Professional Experience and Qualifications:

Was a President of ISACA Mumbai Chapter for the year 2007-08 and was a member of Board of Advisors to Bombay Chartered Accountants Society for Internal Audit Studies for the year 2005-06. WasaMemberofBoardofStudies–NMISforMBA–ActuaryduringtheyearFY-11.

Am the Chairman of ISACA India Growth Task Force–ISACA International for the last two financial years.

Qualifications:

Bachelor in Commerce and Economics, Chartered Accountant, Certified Information Systems Auditor (CISA), Inter Company Secretary and Check Point Certified Security Administrator (CCSA); EnterpriseWideRiskManagementProgramfromAIM–AsianInstituteofManagement–Manila

Mr. Vaibhav KhandelwalBusiness Head - India / South Asia, IBM Trusteer

VaibhavKhandelwalhasbeenworkingatintersectionofBanking&Technologyfor over 10 years. He has worked in Microfinance in SriLanka, been a Trade FinanceBankerwithABNAMROBankinSingaporeandwithIBMconsultedlarge global banks in Europe and Africa on the channel transformation and customer engagement initiatives. Vaibhav is currently India and South

Asia Head for IBM Trusteer - a cloud service that is enhancing consumer banking experience by protecting banks and their customers from cyberfraud. He is passionate about new technologies that aremakingbankingmorecredible,accessibleandefficient.VaibhavhasaPostGraduateDiplomain Management for Executives from IIM Ahmedabad.

SPEAKERS


Mr. Vishal SalviPartner, Cyber Security Services, PwC

Vishal Salvi is Partner for Cyber security in Price waterhouse Coopers Pvt. Ltd.Vishalhas21yearsifindustryexperienceITServiceDeliveryandCyberSecurity and has worked in Crompton Greaves, Development Credit Bank,GlobalTrustBank,StandardCharteredBankandHDFCBank.Hehasbeenperforming leadership roles in Cyber Security across these organisations for

past14years.HislastrolewasofbeingtheChiefInformationSecurityOfficerofHDFCBankforeight years.

Vishal has extensive management and domain experience in driving the Information Security program inallkeyaspectsi.e.Policy,Standards,Procedures,Awareness,Identity&AccessManagement,IT-GRC,NetworkSecurity, IncidentResponse,SecurityMonitoring,Malwareprotection,Securityconfiguration,Compliance,On-lineBankingandecommerce,Cryptography,DataProtection,ThirdParty Management, Business Continuity Planning. Vishal has extensively travelled and well know leader in information security industry within India as well as globally.

Vishal has rich experience in delivering simultaneous large scale, mission critical projects on time and under budget.

Mr. Deepak BhatiaHead Enterprise Sales Indian Subcontinent, Nuance

DeepakBhatiaheadsSalesforNuanceintheIndianSubcontinent,responsiblefor its Enterprise business. In this role, Deepak leads Sales Performance,Partner Management and Solution Marketing. Deepak’s key focus is oncontinuingNuance’sstrongmomentumintheEnterpriseAccounts,assisting

themtoimprovetheircustomer’sexperience,andatthesametime,increasesafety,securityandreduce operational cost.

Prior to joining Nuance, Deepak has been in various strategic and customer facing roles, withexperiences at Nokia, Siemens, Aspect Communications where he managed high-profile BFSI,telecommunications accounts, and channel partners across India and Middle East.

DeepakholdsaBachelorofTechnologyDegree(ElectronicsandCommunications)fromUPTUandhasstudiedGeneralManagementfromIIMLucknow.

SPEAKERS


My voice is my password.Voice Biometrics authenticates your customers through natural voice patterns, not robotic PINs, passwords, and questions. It’s a level up in security. It’s a brand new user experience. By giving them the freedom to speak, you let the customers be themselves.

Simpler authentication.With much less pain and effort for the customer, they feel more in control. And a happier customer is a more valuable customer.

Wipe out fraud.Knowledge-based security is nearing obsolescence. Voice Biometrics is the chance to start again from scratch. It’s not a patch. It’s not a reboot.

Almost-instant ROI.Whether it’s shorter call times, increased functionality, or the ability to do amazing new things with your mobile apps, Voice Biometrics can deliver from day one.

What customers are saying about Nuance Voice Biometrics.

“The ultimate security measure is something you are. Voice is actually the most secure form

Paul Heller, CIO, Vanguard.

spoken passphrase login through this technology is a logical next step.”

Voice Biometrics by the numbers.

Nuance Brochure May.indd 1 15/05/2014 8:29:58 AM

49% of users say authentication is time-consuming.

Knowledge-Based Authentication

85% of users are frustrated with existing authentication.

67% of mobile users reset passwords at least once a month.

Voice Biometrics Authentication

$15Maverage savings over a

three-year period.

90% of users prefer

Voice Biometricsover the status quo.

80% faster authentication

in 5 seconds.

Nuance CommunicationsDeepak Bhatia | [email protected] | +91 99111 81052

My voice is my password.Voice Biometrics authenticates your customers through natural voice patterns, not robotic PINs, passwords, and questions. It’s a level up in security. It’s a brand new user experience. By giving them the freedom to speak, you let the customers be themselves.

Simpler authentication.With much less pain and effort for the customer, they feel more in control. And a happier customer is a more valuable customer.

Wipe out fraud.Knowledge-based security is nearing obsolescence. Voice Biometrics is the chance to start again from scratch. It’s not a patch. It’s not a reboot.

Almost-instant ROI.Whether it’s shorter call times, increased functionality, or the ability to do amazing new things with your mobile apps, Voice Biometrics can deliver from day one.

What customers are saying about Nuance Voice Biometrics.

“The ultimate security measure is something you are. Voice is actually the most secure form

Paul Heller, CIO, Vanguard.

spoken passphrase login through this technology is a logical next step.”

Voice Biometrics by the numbers.


49% of users say authentication is time-consuming.

Knowledge-Based Authentication

85% of users are frustrated with existing authentication.

67% of mobile users reset passwords at least once a month.

Voice Biometrics Authentication

$15Maverage savings over a

three-year period.

90% of users prefer

Voice Biometricsover the status quo.

80% faster authentication

in 5 seconds.

next step.”


The last one year had witnessed many positives as well as several new challenges have come up for the world and for India in particular. World over, the security scenario is no better than it was a year back. The constant threats of terror attacks have not subsided and on the

contrary the spate of terror attacks and their dimensions continue to expand. In the last one year the scenario in Middle East, one of the most prominent regions for financial activities, witnessed a massive deterioration of with the civil wars in Syria and Iraq reaching an even worse situation. The meteoric rise of the dreaded terror group ISIS and its stealing of more than $400 million from the Central Bank of Mosul in Iraq vindicated not just the vulnerability of financial institutions in war prone regions but also how major heist in banking institutions have always been a major source of funding the nefarious activities of terror groups. That particular heist perhaps played a key role in making ISIS one of the richest terror organisations of the world. This apart, some shocking new trends of terror attacks could also be witnessed with terrorists now attacking soft targets such as schools,shoppingmallsanduniversities.Needlesstosay,banksacrosstheworldandespeciallyinIndia continue to be extremely vulnerable and prone to terror attacks.

Back in India, the last one year witnessed a certain amount of political stability in the country with theinstallationofNarendraModiledNDAGovernment.WhileIndiahasnotwitnessedanymajorterror attack over the last one year, the threat of something sinister remains clear and present. The multidimensionalthreatthatIndiafacestodayhaveseriousramificationssofarassecurityofIndia’s

Securing Banks in the 21st Century

— Pathikrit Payne

Indian Banking Sector is at a cusp of fundamental and tectonic shifts. It is time to

make sure that this very key critical infrastructure remains protected from all kinds

of physical security threats and not just cyber threats

BANK SECURITY


critical economic infrastructures are concerned. This multidimensional threat comes essentially from cross border non state actors like the Islamic terror groups that operate in India including the likes of LeT and JeM. This also includes several home-grown terror groups which allegedly have funding and training from outside especially from Pakistan and this list contains names like Indian MujahideenandSIMI.ThenthereisthisenormousandeverincreasingthreattoIndia’seconomicinfrastructure that emanates from the Maoists who have continued with their mayhem and have time and again been responsible for several major attacks on economic infrastructures including derailing of trains, destruction of telecom towers and power transmission systems as well as looting ofbanks.Thisapart,threattoIndia’soveralleconomicandphysicalsecurityisalsofromorganisedcrime syndicates involved in dealing with counterfeit currencies, extortion and kidnapping business as well as cyber terror groups who operate in a virtual world and have time and again proved their ability to create mayhem with the global financial system. Overall, as it stands today, the physical infrastructures of India’s financial sector face all these threatsmuch in the sameway as othercritical infrastructures face.

The Indian Banking Sector- Poised for the Next Big Leap

The Indian economy is rightly poised today to reach greater heights over the next one decade. The story of the rise of Asia has just started. India along with several other major Asian players like China has both demand and demography on their side to continue with the economic growth story. India is already a $2 trillion economy and is expected to emerge as one of the fastest growing economies among emerging economies in the times to come.

Further, the shift in the global economic theatre towards Asia would mean massive rise in the opportunities for the banking industry as well and needless to say Indian Banking sector is going to reap major benefits out of it. Already the steps taken by the incumbent government towards financial inclusion and alsoby initiating theprocess of openingMUDRABank for reaching out to a largesection of micro units in India are positive steps. Today the Indian banking system handles more than $1.5trillionofassetsandisperhapsthemostprominentbackboneofIndia’seconomicgrowth.

The resilience of Indian Banking industry is known world over. Be it the economic meltdown of the Southeast Asian economies in the late nineties or the subprime lending crisis in the American and European banking sector in 2008, on both occasions, Indian banking sector have been able to successfully meander through the crises without succumbing to them. The Indian stock markets too have made giant strides and are considered to be some of the most sophisticated in the world. Further, the Indian financial systems have made giant leaps in terms of technological adaption as well. One would have to give credit to it for its successful transformation from archetypal ledger book banking to net banking and mobile banking. There is also no doubt that the banking sector itself played a critical role in financing the growth of the Indian economy. With asset size of over $1.5 trillion and with more than 1 lakh ATMs, the Indian Banking Sector is poised to be the fifth largestintheworldintermsofassetsizeasperKPMGandthirdlargestintheworldby2025asperBostonConsultingGroup.Itsassetsizetooisexpectedtogrowto$28.5trillionThus,thereisno doubt about one thing that today, the Indian Banking and Financial Services sector is one of the most critical economic infrastructures of the country.

Threat to Critical Financial Infrastructures – A Global Phenomenon Now

World over, just as threat to critical infrastructures is a key area of concern for security establishments, so is the case of security of financial institutions. A case in point would be the 9/11 terror attack itself wherein the perpetrators targeted the twin towers of World Trade Centre whose destruction had amassivefinancialimpactonthelocalNewYorkeconomyaswellasthefinancialsectorofUS.A

BANK SECURITY


reportpreparedbytheFiscalPolicyInstitutefortheNewYorkCityCentralLaborCouncilandtheConsortium for Worker Education, immediately in the aftermath of the 9/11 disaster had stated that theimmediateimpactofthe9/11attackontheNewYorkCityeconomywasestimatedtobe$16.9billion and it was also expected to have massive job impact in the securities, retail and restaurant business.AsperInstituteforAnalysisofGlobalSecurity,‘Countingthevalueofliveslostaswellas property damage and lost production of goods and services, losses already exceed $100 billion. Includingthelossinstockmarketwealth--themarket’sownestimatearisingfromexpectationsoflower corporate profits and higher discount rates for economic volatility -- the price tag approaches $2trillion.’Thisitselfisavindicationofthefactthatradicalextremistgroupsnowseektocreatenotjust physical mayhem but also financial mayhem whose impact would be long term. There is thus the need for caution and preventive measures as threat to banking sector can have cataclysmic impact.

The Indian Scenario- No Different and No Better

The issues of terror threats to economic infrastructures are no different for India as it is for the rest of the world. From the time of the 1993 Mumbai serial blasts, terror organisations of various shades have systematically targeted economic infrastructures in India. The Bombay Stock Exchange was a prime target of the 1993 Mumbai blast and so were the Air India headquarters and prime hotels of the city. In 2006 terrorists had targeted the Mumbai suburban rails. The Maoists have likewise beenresponsibleformorethanathousandattacksonIndia’seconomicinfrastructuresincludingrailwaysandtelecomtowersaswellasattacksonfactories.India’smajoroilrefineries,powerplantsand dams constantly remain under the threat of terror attacks. The 26/11 terror attack was a wake-up call for India. It was a clear signal that terror groups targeting India would no more be merely attacking military installations and government buildings but would also not spare economic installationsandinfrastructuresintheprivatesector.TheGovernmentwokeuptotherealityandamended the CISF Act to also provide security to select vital installations in the private sector. This was followed by providing CISF cover to the Jamnagar refinery of Reliance Industries and Infosys facility inBangalore.SecurityofAirportswasrigorously improved.HoweverIndia’sprivatesectorindustry is huge and a mere CISF with force strength of 1, 45,000 is not enough to provide security to all. Some of the states have too started making their own industrial security forces on the lines of CISF to provide security to vital economic installations. But is this enough? Will merely a few battalions in each state be good enough to secure hundreds of thousands of industrial units across India?HasenoughbeendonetosecureIndia’sbankingsector?

Physical Security in Indian Financial Institutions

Banking in this era is increasingly getting technology intensive. And thus, like many other sectors, security of the banking sector essentially means in terms of both physical security as well as security in the virtual world. While the Indian Banking Sector have made reasonable strides in terms of making the Indian Banking System secure in the cyber world, the same perhaps cannot be stated in terms of physical security of the banks. Sadly, in spite of the enormity of potential panic, physical secrutiy in Bank branches remain rudimentary. There is perhaps no clear cut policy so far as physical securityofbanksinIndiaisconcerned.Unlikeinmanyofthewesterncountries,onecanonlyfindan odd or a couple of private security personnel who are either unarmed or at best armed with a single or a double barrel shot gun, and needless to say this is not good enough to thwart any major terror attack in banks.

Also, it is a reality that Banks are extremely reluctant to make customers go through even the basic security check before allowing them to enter bank premises, for fear of making customers feel uncomfortable and or subsequently losing the customers to rivals. Today, given the enormity of threats to such critical hubs of commercial activities and public gathering, there is a strong need

BANK SECURITY


to create an institutional mechanism whereby it would be mandatory on the part of Banks to have a basic first line of defence in each branch to thwart any terror attack or any attempt of heist and hostage taking situation.

The unfortunate part of the whole saga is the fact that in India, security is still considered as a governmental responsibility and physical security of banks in terms of having security personnel is at best a tokenism here. Most banks unfortunately still consider expenditure on deployment of professionally trained security manpower as an avoidable expenditure. Further, in the absence of any clear cut mandate or directive from the financial regulatory authorities like the Reserve Bank ofIndia,banksstilldon’ttakephysicalsecurityasseriouslyasitideallyshouldhavebeen.IdeallythereshouldbeclearcutguidelinesfromReserveBankofIndiaandtheUnionMinistryofHomeAffairs on this issue.

Time to be Cautious--Bank Heist May Fund Terror Acts too....

Bank heist is not an uncommon phenomenon in India. Every year it is for sure a considerable amount of money is lost in theft and heist. In fact a few recent incidents have vindicated that there is often a clear linkage between bank heists and terror attacks. In fact it was reported in 2012 how Indian MujahideenandotherterrorgroupslikeHarkatUlJihadhadbeenresortingtobankrobberiesforthepurpose of funding acts of terror. Thus the reason for making sure that physical security of banks across the length and breadth of India is not just for making sure that financial assets of depositors are kept safe but also to ensure that such thefts do not end up in funding horrendous terror attacks in India. The Maoists too have often resorted to robbing banks for the purpose of funding their own version of Maoist terror.

26/11- If it can happen in hotels, it can happen in Banks too....

If a terror attack could have happened in some of the most iconic hotels of India, if terror attacks had happened in the past on critical financial institutions like the Bombay Stock Exchange, can

BANK SECURITY


it ever be ruled out that perpetrators may target any major financial institution to create massive panicacrossIndia’seconomy?Aterrorattackofaproportionof26/11,ifithadhappenedonanyhead office of any major bank or a series of banks, would have created massive ripples across the economy, the effect of which would have been too enormous for the nation to bear. And thus, it is of paramount importance that physical security of banks is given importance on a priority basis and on a war footing.

Need for a more concerted effort to Secure Indian Banks

It would perhaps need nothing less than strong directive from the government along with perhaps promulgation of a new law through a statutory act for taking physical security of banking sector to an altogether new and the much desired level. Much like Ministry of Railways have its own Railway Protection Force or RPF to secure the railways infrastructure, much like CISF is there to secure industrial infrastructure, there is a pertinent need for the Ministry of Finance or the Ministry of Home AffairstosetupaBankingSectorSecurityForcetosecureIndia’sbankinginfrastructure.Nomatterhow strong the vault in the bank branch is, if the banks keep lacking capable security manpower to thwart attempts of robberies, bank related crimes can never be contained.

Reforming Physical Security of Indian Banks

Apart from investments in technical surveillance in bank perimeters, there should be nothing less than a minimum of two or three armed security personnel or even more in every bank branch depending upon the size of the branch or the kind of risk that it faces. But here the definition of armed security personnel needs some drastic reengineering. The era of the hired unskilled, ubiquitous and often rustic guy with a single barrel who is even scared to frisk the person entering the branch lest it antagonises both the customer and the branch manager, needs to be replaced by a professionally trained security personnel preferably with defence background and adept at close quarter combat. He should be carrying nothing less than a .32 calibre or a .38 calibre revolver or an equivalent of a pistol. For a country where several thousand Army personnel retire every year after their completion of 20 years of service, it would never be a problem to find adequate number of already trained personnel who can be reemployed in the Financial Sector Security Force. Besides the armed personnel, there should also be unarmed personnel in each branch who would be engaged in surveillance. There should be a well laid Standard Operation Procedure for the personnel in case of any eventuality. Further there should be Quick Reaction Teams on operational readiness for effective response during emergency situations. Just as it is a norm in airports, frisking should be made mandatory for bank branches as well and not complying with basic security measures should be penalised.

The Way Ahead- Make Customer Security Part of Overall Customer Service

CompromisingonthephysicalsecurityofIndia’sfinancialsectormaybecomeselfdefeatinginthelong run. It has to be understood that the life of a customer when he enters the banking premise has to be protected and that too has to be become a critical part of the overall customer service. A terror attack or a bomb blast inside a bank premise would jeopardise the lives of customers as much as it did in 26/11 attack. If the Shopping Malls, Multiplexes and even Hotels can have frisking and scanning of bags, then there is no reason to believe that the same cannot be applied to Indian Banks. It has to be understood that the world is going through some tough times and under such situations it becomes imperative to take decisive preventive actions for making sure that no untoward incident happens.

BANK SECURITY


Security Policy Management Automated.

Orchestrated.Simplified.

Easily provision application connectivity

Process firewall changes 4x faster

Avoid risky misconfigurations

Demonstrate compliance in minutes


2014 © McAfee Inc. McAfee is a part of Intel Security. McAfee and the M-shield are trademarks or registered trademarks of McAfee, Inc. The Intel logo is the trademark of Intel Corporation in the U.S. and/or other countries.

THE FUTURE OF TECHNOLOGY IS MORE SECURE

THAN EVER.In today’s world, connected devices are advancing healthcare,

transforming business, and evolving social connections in unprecedented ways. That’s why security must be ubiquitous—always on and on every device.

That’s why Intel Security was formed. We’re combining the experience and expertise of McAfee with the performance, innovation, and trust of Intel to deliver secure computing

to consumers and businesses worldwide. We want everyone to have the confidence to use technology to its full potential so they achieve their full potential.

The future ahead is ripe with possibilities. Join us on this exciting journey.

www.intelsecuritygroup.com

SECURITYEMPOWERSFINANCIAL

INSTITUTIONSUnlock the

Business Value ofSafe, Optimized Data


SECURITYEMPOWERSFINANCIAL

INSTITUTIONSUnlock the

Business Value ofSafe, Optimized Data

10 Best Practices for Cyber Security in 2015Everyone wishes their organization could be more secure. With the number of hackers,

malware and other threats to cyber security out there, one can always find a new

security practice to enact.

1. Monitor Applications with Access to Data

Applications are great. They give your business the tools it needs to function and be productive. But they also put your sensitive data at risk. When IT security attempts to protect critical information, it usually involves putting up firewalls and building your infrastructure around the data you want to protect. Then you give applications access to this data. When hackers look tostealyourdata,theywon’ttrytohammertheirwaythroughyourfirewall,they’lllookfortheleast secure system with access to the data they need.

2. Create Specific Access Controls

Once your IT network is secure, you need to be very careful about who you give the keys to. Ideally,itshouldn’tbeanyone.Bycreatingspecificaccesscontrolsforallofyourusersyoucanlimittheiraccesstoonlythesystemstheyneedfortheirtasksandlimityoursensitivedata’sexposure.

3. Collect Detailed Logs

Foracompleterecordofwhatgoesoninyoursystems–bothforsecurityandtroubleshootingpurposes–youshouldcollectdetailed logsandreportdata.This isespecially thecase forapplicationsthatdon’thaveinternallogging.Byaddingtoolsthatcanlogtheactivitiesoftheseapplications you will be able to plug any security holes those applications may create.

10 Best Practices for Cyber Security

in 2015

BANK SECURITY


4. Maintain Security Patches

When cyber-criminals are constantly inventing new techniques and looking for new vulnerabilities, an optimized security network is only optimized for so long. To keep your network protected, make sure your software and hardware security is up to date with any new antimalware signatures or patches.

5. Beware of Social Engineering

All of the technical IT security you implement can’t take theplace of common sense andhuman error. Social engineering tactics have been used successfully for decades to gain login information and access to encrypted files. Attempts can come from phone, email or other communication with your users.

6. Educate and Train Your Users

Nomatterhowgifted,youruserswillalwaysbeyourweakestlinkwhenitcomestoinformationsecurity.Thatdoesn’tmeanyoucan’tlimitthisriskthroughregularlyeducatingyourusersoncyber security best practices. This training should include how to recognize a phishing email, how to create strong passwords, avoiding dangerous applications, taking information out of the company, and any other relevant user security risks.

7. Outline Clear Use Policies for New Employees and Vendors

To strengthen and clarify the education you give your users, you should clearly outline the requirements and expectations your company has in regards to IT security when you first hire them. Make sure employment contracts and SLAs have sections that clearly define these security requirements.

8. User Activity Monitoring

Trust but verify. While well trained users can be your security front line, you still need technology asyourlastlineofdefense.Useractivitymonitoringallowsyoutomonitoruserstoverifythattheir actions meet good security practices. If a malicious outsider gains access to their log-in information–orifaninsiderchoosestotakeadvantageoftheirsystemaccess–youwillbeimmediately notified of the suspicious activity.

9. Create a Data Breach Response Plan

Nomatterhowwellyoufollowthesebestpractices,youmightgetbreached.Infact,nearlyhalf of organizations suffered a security incident in the past year. If you do, having a response plan laid out ahead of time will allow you to close any vulnerabilities and limit the damage the breach can do.

10. Maintain Compliance

RegulationslikeHIPAA,PCIDSSandISOofferstandardsforhowyourbusinessshouldconductits security. More than a hassle which you need to prepare audit logs for, compliance can help guide your business.

BANK SECURITY


G20 Summit in Queensland Secured by Teleste’s Video Surveillance Solutions

Teleste, an international technology group specialised in broadband video and data communication systems and services, today announced a deployment of its video surveillance solutions to Australian Federal Police and Queensland State Police. The deployment includes hardware and software to enforcesecurityoperationsrelatedtoG20leader’ssummitinAustralia,15-16November2014.Theequipment will be delivered and integrated by Optical Solutions Australia.

The deployment of the solution is in progress, and based upon the TelesteVMXvideomanagementplatformbeingusedasanumbrellasystemforCCTVresourcesduringthesummit.TheVMXplatformwill be used to interconnect in excess of 700 cameras, operating on a number of different video management platforms, sourced from more than 10 separate sites within the State of Queensland. TheG20summitwillgathertogethertheworld’stopleadersandmajorgovernments,andprovidingadequate and appropriate security for the circumstances at the time is a major task for security authorities.

Teleste’s video surveillance solution are worldwide appreciated for fulfilling high technical requirements and providing uncompromising reliability. Teleste’s solution also makes it possible to efficiently integrate separate security systems and operate them under a single umbrella. Teleste also has a global track record of successfully deploying video surveillance systems with similar complexitytotheG20securitysystem.

Teleste provides video surveillance applications, systems and services for security professionals in e.g. public sector, traffic and transportation, military and border control, industry, as well as police, fire and rescue service. Our segmented approach makes it possible to efficiently solve versatile customer challenges in demanding security segments. Teleste’s intelligent video management system fullfils the latest requirements and OCC standards for large scale systems integrations.

About Teleste

Teleste is an international technology company that develops and offers video and broadband technologies and related services. Our supply of technology contributes to the convenience and safety of daily living. Our core business is video - image and data processing, transfer and management. Our customer base consists of cable and telecom operators, as well as public sector organizations. Our business is divided into two divisions, which are Video and Broadband Solutions andNetworkServices.Inbothareas,werankamongtheworld’sleadingcompaniesandtechnologicalforerunners. Video and Broadband Solutions focuses on access networks and product solutions in videosurveillanceapplications.NetworkServicesofferscomprehensiveservicesfornetworkdesign,construction and maintenance. In 2013, Teleste’snetsalestotalledaboutUSD250million,andthecompany employed more than 1,300 people. Teleste runs a worldwide network of offices and more than90%ofitssalesaregeneratedoutsideFinland.ThecompanyislistedontheNASDAQOMXHelsinki Ltd. For more information see http://www.teleste.com and follow @telestecorp on Twitter. SOURCE Teleste Corporation

Technology News Segment


Videonetics bags ‘Best R&D effort of the year’ award by SECONA in association with Secutech India

• VideoneticschosenamidstiffcompetitionfromSecurity,Surveillance&Safetybiggies• Shield2015awardsheldatMumbaiduringSecutechIndiaexhibition• 500+delegatesfromSecurity&safetyindustryattendthemeet

Mumbai: Amid stiff competition from numerous companies in the Electronic Security, Surveillance &SafetyIndustry,Videonetics has been chosen for the prestigious ‘Best R&D effort of the year’ award at the SECONA Shield Awards 2015. SECONA, thefirstSecurityConsultants’AssociationfromIndia,inassociationwithSecutech,India’smostsuccessfulinternationalexhibition&conferenceonSecurity&Safety,proudlypresented India’sfirst annualawards, for recognizingexcellence in the IndianElectronicSecurity&SafetyIndustry–theSHIELD Awards.

The awards were presented at a glittering ceremony on 13th March 2015, during the Secutech exhibition, in front of about 500 to 600 decision makers, influencers and stakeholders in the Indian Security&Safetyindustry.

Acknowledging the award, Dr Tinku Acharya, Founder & Managing Director of Videonetics, said: “Being named a winner in the ‘Best R & D of the year’ category, is a great honor for us. It shows off the dynamic team culture that has propelled us to where we are now. We take great pride in having a company culture that cultivates innovation, teamwork and success. Many thanks to SECONA for recognizing the R&D effort of an Indian enterprise like Videonetics. This recognition will further encourage Team Videonetics to build Indian Intellectual property and promote ‘Make in India’ in the global market and also to put its effort in bringing out new world class technology to make world a safer & smarter place to live. We thank all our clients for giving us an opportunity to work with them and achieve their security goals”.

ApplicationsreceivedintheSECONAShieldAwards2015werejudgedbyaprestigiouspanelofjuryconsisting of eminent personalities from the field of security, safety and governance-

• Mr.JayantKumarBanthia,IASRetd.,formerChiefSecretary,Maharashtra• Mr.D.Sivanandhan,IPSRetd.,formerCPMumbai&formerDGP,Maharashtra,&Chairman SECONA• Mr.K.L.Prasad,IPS,CommissionerofPolice,NaviMumbai• Mr.VijayMukhi,RenownedCyberExpert&President,FIST• Mr.SushilJiwarajka,Chairman,ArtheonGroupofCompanies• Mr.M.V.Deshmukh,Director,MaharashtraFireServices

TECHNOLOGY NEWS SEGMENT


About Videonetics

Videonetics is an Indian Company with world class technology in Intelligent Security and Surveillance industry with its deployment in India, USA, and Middle East. Headquartered in Kolkata, thecompany offers complete software solution including its unique and versatile Intelligent VMS (Video Management Software) embedded with Intelligent Video Analytics applications to the IP Video SecurityandSurveillancemarket,aswellas IntelligentTrafficManagementSystem,ANPR,RedLightViolationDetectionetc.

Videonetics was founded byDr TinkuAcharya,who co-architect of the firstwebcam applicationfromIntel,anIEEEFellowandrenowneddomainexpertwhoholdsover150US,Europeanandinternational patents, author of many books on technology.

Videonetics controls 70% of the market share in verticals like aviation, where they manage security and surveillance for 73 airports across India. Videonetics has also installed its smart surveillance systems at 5 major railway stations on the South-Eastern Railway network. It was also entrusted with the pivotal task of putting in place a wide city surveillance network in the Alipore safe city inKolkata.Italsoexecutedthesetting-upofanIntelligentTraffic&LawEnforcementregulationsystem across Kerala- Trivandrum. Kochi, Calicut and Bhubaneshwar in Orissa. Videonetics has also installed Intelligent Video Surveillance cameras at Allahabad City, Chandigarh High Court, Anna Centenary Library, Indian Oil Corporation, AP Transco (Transmission Corporation of Andhra Pradesh),ITCMunger-Bihar,ExideIndustries–Haldia,Welspun–Gujarat,InfinityITPark,SaltLake-Kolkata,CapitalPlazaMallandMushriffMallinAbuDhabiUAE.VideoneticsITMS&SafeCitySolution is also under deployment at Indore, the commercial capital of Madhya Pradesh.

TECHNOLOGY NEWS SEGMENT


iVIS

Inte

rnat

iona

l Pvt

. Ltd


Find

out

how

we

can

help

you

sec

ure

your

dat

a to

day.

Vis

it us

at

http

://w

inm

agic

.com

/pro

duct

s/co

ntac

t-sa

les.

Reco

gnis

ed In

nova

tion

Lead

er in

Da

ta E

ncry

ptio

n an

d Ke

y M

anag

emen

t

+44

(0)

148

3 24

3511

|

sal

es@

win

mag

ic.c

om

|

ww

w.w

inm

agic

.com

Win

Mag

ic’s

awar

d w

inni

ng d

ata

secu

rity

solu

tion,

Sec

ureD

oc, h

as

help

ed o

rgan

isat

ions

wor

ldw

ide:

Secu

re C

onfi

dent

ial D

ata

Prot

ectio

n fo

r al

l sen

sitiv

e in

form

atio

n st

ored

on

desk

tops

, lap

tops

, m

obile

dev

ices

, rem

ovab

le m

edia

, ser

vers

and

Sel

f Enc

rypt

ing

Driv

es

Impr

ove

Use

r Ex

peri

ence

Sea

mle

ssly

sec

ure

criti

cal d

ata

with

vi

rtua

lly n

o im

pact

for

end-

user

s

Red

uce

IT C

osts

Sim

plify

eve

ryda

y ta

sks

for

IT A

dmin

s

Ach

ieve

Reg

ulat

ory

Com

plia

nce

Adhe

re t

o lo

cal a

nd g

loba

l pr

ivac

y la

ws

Enjo

y P

eace

of

Min

dEn

sure

you

r da

ta is

saf

e in

the

eve

nt o

f a d

ata

brea

ch

Isn’

t yo

ur o

rgan

isat

ion’

s co

nfid

entia

l dat

a w

orth

pro

tect

ing?


CYBER SECURITYBanking passwords stealing virus prowling in Indian cyberspace

Cyber security sleuths have alerted e-banking users in the country against the infectious and destructive activity of a “worm” virus, which attacks and steals personal login secrets and passwords of an individual.

The virus, of the deadly Trojan variant, has been identified and named as ‘Cridex’ and is considered notorious as it can assume as many as six aliases to perpetrate its activities.

“It has been observed that the new variants of Cridex malware are spreading widely. Cridex is an information stealing e-banking Trojan that propagates via removable drives and targets users of online banking/social media for stealing user name, passwords among others,” the Computer Emergency

Response Team of India (CERT-In) said in its latest advisory to e-banking users in the country.

The virus spreads by simultaneously opening a backdoor for downloading a number of malicious files once it enters a user’s personal Internet working stream.

Like the other major banking Trojans, the malware performs web injects into the HTML pages of financial institutions contained in the configuration file. The malware routes the users to fake banking sites for divulging user information and subsequently connects to the bank site from the victim IP address by bypassing IP reputation blocking,” the agency said in its alert.

Some of the identified aliases of this banking virus are ‘Geodo’, ‘Dapato’, ‘W32/Kryptik.BVB’, ‘Worm.Win32.Cridex’, ‘PWS:Win32/Zbot’ and ‘Trojan.Gen.2’ and can be noticed by these names when they appear online.

The agency said, once activated, the virus targets and steals login credentials of various banks and social networking sites like Facebook, Twitter and Instagram among others.

The anti-sabotage cyber agency has also recommended some counter-measures for the users to deploy in their personal computers and Internet-enabled devices from where they perform their e-operations and online banking jobs.

“Enable firewall at desktop and gateway level, keep up-to-date patches and fixes on the operating system and application software as well as anti-virus and anti-spyware signatures at entry points,” it said.

It also suggested users to update and install the latest updates and softwares to protect computer from viruses, Trojans, guard against social engineering attacks, usage of strong passwords, limiting user privileges, exercising caution while opening attachments to emails received from known or unknown sources and avoiding downloading of pirated software.

Bengaluru, India’s tech capital, has no cyber crime police stationBengaluru city, for all its claims to being India’s Silicon Valley, lacks a basic yet essential feature to back that up: A cyber-crime police station.

Bengaluru has a cyber-crime cell at the CID headquarters on Palace Road, but that’s the head office with jurisdiction across Karnataka. It doesn’t take routine cyber-crime complaints, its powers having been heavily diluted as its officers struggle to cope with a deluge of cases.

According to Bengaluru Police Commissioner MN Reddi, office space for a cyber-crime police station has been allotted in the new commissioner’s building, and all the required technology and equipment have been installed, but the department is still searching for a suitable official to handle cyber-crime cases.

NEWS BRIEFS


Gulshan Rai becomes first chief of cyber security

The Indian government has created a cyber-security chief’s position under the Prime Minister’s Office and has appointed GulshanRai, said a top official in the IT ministry.

Rai, who has been heading the computer emergency response team at the department of electronics and information technology (DeitY), will now take charge as special secretary for cyber security.Rai has been working since 1998 in the area

of evolving legal framework to address issues arising out of cyberspace. He is also expected to head the national cyber coordination centre (NCCC) that the government is also setting up with a budget of Rs 1,000 crore. He was for a long time tipped to become the first national cyber security coordinator. Rai couldn’t be reached for comments. DeitY has already posted a vacancy for the post of director general for Indian computer emergency response team.

Cyber security is fast becoming a nightmare for the government even as its Digital India initiative will increase the relevance of the internet and expose the country to large cyber-attacks.Reported attacks on Indian websites have increased nearly five times in the past four years. Until mid-2014, more than 60,000 incidents were recorded, according to the Indian Computer Emergency Response Team.

Experts believe that a special secretary for cyber security under the PMO will help India secure its digital assets in a better way.

Gujarat police to get anti-cyber crime cellGujarat police will soon get a ‘Cyber SurakshaKavach’, a special cell for prevention, control and detection of the cyber-related crime in the state.Police officers will be trained under the aegis of the cell, which will help them solve cyber-related cases more efficiently.

A ‘Digital Skills Academy’ will be also initiated, which will be governed by the state HomeDepartment.The cell will provide training and certification course to the police officers for the first time in India and the course will be completed in three years.

Police and experts in the field of cyber security will work together in this cell, which will be headed by an ADG-rank officer. The first-of-its-kind of body will take assistance from Gujarat forensic Science University (GFSU).

NASSCOM task force to work on cyber securityA task force of NASSCOM (National Association of Software and Services Companies) will work exclusively on cyber security so that the Indian cyberspace is firewalled from attacks. Nasscom president R. Chandrashekar said the task force would be constituted in a month.

The move comes in the wake of Prime Minister NarendraModi expressing concern over the country’s cyber security at an event held by NASSCOM.He said Centres of Excellence, specialising in Internet of Things (IOT), would come up in five

cities across the country. Each centre, to be set up in collaboration with the government, is expected to work on solutions on problems using IOT in various sectors like healthcare, agriculture and others.

NASSCOM will also undertake a global campaign to attract overseas business and create awareness on Indian IT capabilities.

NEWS BRIEFS


Powergrid to develop Grid Security Export System

Grid Security Expert System (GSES) is proposed to be developed by POWERGRID and it involves installation of knowledge based Supervisory Control and Data Acquisition (SCADA) system, numerical relays and Remote Terminal units upto 132 kV stations and the reliable Optical fibre Ground wire (OPGW) communication system at an estimated cost of around Rupees 1200 crores. The objective of the GSES is implementation of the Automatic Defense mechanism to facilitate reliable and secure grid operation. This was stated by Sh. PiyushGoyal, Minister of state for Power, Coal & New and Renewable Energy (IC) in a written reply to a question in the Rajya Sabha.

The Minister further stated that CERT-In (Computer Emergency Response Team-India), Department of Information Technology, Ministry of Communication and Information Technology, Government of India has prepared a Crisis Management Plan (CMP) for countering cyber-attacks and cyber terrorism for preventing the large scale disruption in the functioning of critical information systems of Government, public and private sector resources and services. The Crisis Management Plan (CMP) for Countering Cyber Attacks and Cyber Terrorism outlines a framework for dealing with cyber related incidents for rapid identification, swift response and remedial actions to mitigate and recover from cyber related incidents impacting critical national processes.

In December 2010, Ministry of Power had constituted CERTs (Computer Emergency Response Teams) for power sector i.e.; CERT-Thermal (nodal agency- National Thermal Power Corporation (NTPC)), CERT-Hydro (nodal agency- National Hydroelectric Power Corporation (NHPC)) and CERT-Transmission (nodal agency- Power Grid Corporation of India Limited (PGCIL) to take necessary action to prevent cyber-attacks in their domains. The State Power Utilities have also been advised to prepare their own sectorial Crisis Management Plan (CMP) and align themselves with the Nodal Agencies i.e. NTPC, NHPC & PGCIL and CERT-In for the necessary actions.

Now M-Tech Course in Cyber SecurityPaladion Networks, Asia’s largest information security provider, is partnering with Karnataka’s leading engineering college MS Ramaiah University of Applied Sciences to launch an M Tech program in Cyber security and Information Assurance.

The two year course, co-designed by Paladion, offers a leading edge curriculum that covers security intelligence and analytics; governance, risk and compliance; security operation centre and much more. The program also offers a nine month internship with Paladion, which may involve being placed in its global client locations. Bright young graduates in B Tech or BE

with a CGPA of 7 or above can apply for the course. An aptitude test and interview will be part of the selection process.

India will require five lakh cyber security professionals by the end of 2015 to support its fast growing internet economy as per an estimate by the Indian Union Ministry of Information Technology.

Cyber security center in Himachal Pradesh soonThe Himachal Police is set to crackdown on increasing cyber-crime by bringing best technical support under one roof at the center for cyber security after the success of the Crime and Criminal Tracking Network System (CCTNS) pilot project.The CCTNS was aimed at creating country-wide network to facilitate tracking of criminals.

The center for cyber security for investigation and innovation will be set up at the state Police Headquarters in Shimla. Best technical support from the entire state will be brought under

NEWS BRIEFS


one roof to develop synergy and keep constant vigil on cyber space.Expected to become functional within a year, the center would enable the police to put a tab on the mischievous elements in the virtual world invading private cyber space of individuals, government agencies, industrial houses and banks by indulging in hacking, phishing, cyber terror, cash cards electronic thefts, industrial spying, web defacements, stocking and publication of obscene contents.

A cyber lab being developed at a cost of Rs 50 lakh would also be part of the “centre for cyber security”. Voice analysis and digital forensic, which would come up at the Forensic Lab in Junga would go a long way in speedy investigations and analysis of samples of computer files, voice recording and digital data being sent outside the state.

Maharashtra Govt to set up labs for speedy probe of cyber crimesTo aid investigation of cyber-crimes, the Maharashtra government has decided to set up forensic laboratories in each city of the state. The government will also create cyber-crime cells across the state, besides setting up a regional office of the Computer Emergency Response Team (CERT) in Mumbai.

The state police, in association with National Association of Software and Services Companies (Nasscom), have set up a laboratory in Mumbai to trace cyber offences. The government will soon seek Nasscom’s participation for the establishment

of such labs all over the state. Besides, a special force of 1,000 personnel will be dedicated to handle cyber-crimes, including online banking frauds, illegal money transfer especially through credit cards, cyber terrorism and social media harassment. The cyber force will even scan suspicious online posts for intelligence inputs.

The cyber force will undergo training in partnership with industry experts and agencies, including Nasscom and the Centre for Development of Advanced Computing.The government has requested the Centre to make necessary amendments in the Information and Technology Act, to enable police officials in the rank of deputy commissioner of police to investigate cases of cyber-crime. Also the Reserve Bank of India had agreed to depute a senior official with the state government to help disposal of seized assets by police in various cases.

FRAUDSRBI mandates 100% provisioning for fraud casesAlarmed by the growing number of fraud cases in the banking system, the Reserve Bank of India (RBI) has told lenders to make 100 per cent provisioning for such accounts if a wrongdoing is detected.

The entire amount due to the bank (irrespective of the amount of security held against such assets) or for which the bank is liable (including cases of deposit accounts), is to be provided for over a period not exceeding four quarters, commencing with the quarter in which the fraud has been detected, the

central bank directed.

If a delay in reporting the fraud, the entire provisioning is required to be made at once. “In addition, RBI may also initiate appropriate supervisory action where there has been a delay by the bank in reporting a fraud or provisioning,” the notification added.

Based on the Indian Penal Code provisions, RBI norms classify fraud in seven categories -- misappropriation and criminal breach of trust, fraudulent encashment through forged instruments/manipulation of books of account or through fictitious accounts and conversion of property, unauthorised credit facilities extended for reward or for illegal gratification, negligence and cash shortages, cheating and forgery, and irregularities in foreign exchange transactions.

NEWS BRIEFS


RBI to soon issue norms for Central Fraud RegistryReserve Bank of India (RBI) has almost finalised the structure of the Central Fraud Registry and will soon come up with guidelines to enable quick sharing of information about unscrupulous borrowers and help banks fight bad loans.

RBI Deputy Governor S SMundra mentioned to press that the proposed institution, which will enable quick sharing of information on entities found to be defrauding banks, would work under the supervision of RBI.

Currently, banks are advertising the list of wilfuldefaulterson their website and newspapers individually. With setting up of this registry, list of all unscrupulous borrowers will be available on a single platform.

Thus, banks can take advantage of the registry at the time of sanctioning loan by checking the credentials of a borrower from the registry.

“It is important for the system to weed out the unethical elements at the earliest opportunity to ensure the credibility and the efficiency of the credit system in the country,” he said.

“Efforts also need to be made to alienate the wilful defaulters and fraudsters and debar them from accessing the banking system for further finance,” he added.

As per RBI data, the gross NPAs (non-performing assets) of the PSU banks stood at Rs 2,60,531 crore, as on December 2014.

The top 30 defaulters are sitting on bad loans of Rs 95,122 crore, which is more than one-third of the entire non-performing assets (NPAs) of public sector banks as on December 2014.

The total number of borrowers having defaulted on Rs 10 crore and above at the end of September 2014, stood at 2,897 with outstanding amount of Rs 1.60 lakh crore.

RBI has issued instructions including designing framework for revitalising distress assets to improve the health of the financial sector, to reduce the NPAs, improve asset quality of the banks and to prevent slippages.

As per the framework, each bank has a Board approved loans recovery policy and it requires a robust mechanism for early detection of signs of distress including prompt restructuring in the case of all viable accounts.

It has been stipulated to review NPA accounts of Rs 1 crore and above by Board and top 300 NPA accounts by the management of the Board.

Frauds worth Rs 11,022 crore detected in PSU banks during April-DecemberPSU banks have reported over 2,100 fraud cases involving a sum of Rs 11,022 crore in the first nine months of the ongoing fiscal, with PNB reporting the maximum number of such instances.

An analysis of the data available with the Reserve Bank shows fraud cases, involving amount of Rs 1 lakh and above, in 26 state-owned banks during April-December 2014 has already surpassed the 2013-14 figure.

In 2013-14 fiscal, there were 2,593 such cases involving an amount of Rs 7,542 crore. The figure has shot up to Rs 11,022 crore from 2,166 cases in the nine-month period ending December 2014.

Delhi-based Punjab National Bank (PNB) had 123 cases of fraud totallingRs 2,036 crore, followed by Central Bank of India with 147 cases involving an amount of Rs 1,783 crore.

NEWS BRIEFS


Although the number of such fraud cases is the highest in country’s largest lender State Bank of India (SBI) at 474, the total amount involved was less at Rs 1,327 crore.

Syndicate Bank reported 114 cases of frauds with total amount of Rs 749 crore involved, followed by Oriental Bank of Commerce (OBC) at 86 cases involving Rs 719 crore.

PSU banks report fraud cases of Rs one lakh and above to banking regulator RBI.

As per the data, Bank of Baroda (BoB) reported fraud worth Rs 597 crore, followed by IDBI Bank (Rs 507 crore), UCO Bank (Rs 424 crore) and United Bank of India (Rs 376 crore).

India needs statute protecting common citizen against cyber frauds: RBIThe Reserve Bank of India (RBI) executive director G Padmanabhan has called for the need for a statute protecting a common citizen against cyber fraud or cyber-crime.

Cyber-attack is generally met with panic. A policy that clearly states the roles and responsibilities of each stake holder and the response that is required for each scenario will ensure that panic is replaced with decisive action said Padmanabhan.

According to Padmanabhan the biggest challenge in making the financial sector cyber resilient is to first acknowledge the complexities and interdependencies and then to proactively address failures, adopt effective resilience techniques, and resolve problems through cooperation.

Padmanabhan’s comments come at a time when the country is moving towards digital banking in a big way. RBI and government have been consistently making efforts over several years to encourage electronic banking and electronic financial transactions to bring the economy out of cash based system.There is also a need for the support of the insurance sector too in a bid to implement customer protection effectively he added.

Team to monitor Aadhaar databaseThe Indian government has put in place a dedicated fraud investigation and analytics team to monitor the database of Aadhaar, the unique identity project. This is to ensure compliance with various fraud detection rules in addition to the need for a periodic analysis of the database of the Unique Identification Authority of India (UIDAI) to detect any fraudulent patterns, said Rao Inderjit Singh, minister of state for planning, in a written reply in the Rajya Sabha.

India launched the Aadhaar scheme in 2009 to give every one of its residents a unique identity number. According to

the government data, by 2014 end, more than 700 million people were issued Aadhaar numbers. The data collected during enrolment process is immediately encrypted and transmitted to the Central Identities Data Repository (CIDR) of UIDAI for processing.

The methodology for generation of the unique identity number involves using certain basic demographic (name, age, gender and address) and biometric information (10 finger prints, two iris images) with a photograph to uniquely identify a resident after a process of biometric de-duplication that ensures uniqueness of a record to a high degree of accuracy, exceeding 99%. After a series of validation and quality checks, the residents’ biometrics are matched against the existing database of UIDAI to determine if the resident has previously enrolled.

NEWS BRIEFS


City Security and Police ModernisationModern & tech-savvy cops: Government plans smart police stationA modern reception to receive visitors, gym for police personnel, lock-ups with CCTV cover and malkhana or records rooms with modern storage system and deep freezers for forensic samples.

This is home ministry’s conception of a smart police station, as per a draft prepared after Prime Minister NarendraModi pitched for smart policing in December last year.

Efforts have been made to make these police stations gender sensitive, modern, smart and techno-savvysays the 34-page concept paper prepared by the home ministry, which has come up with new standards for a modern police station

There should be a separate investigation room with workstations as per the paper, a malkhana with modern storage system as developed by CBI and NIA and deep freeze facilities so as to keep biological, viscera and DNA samples preserved at low temperatures.

The ministry has also asked for a briefing room with the facilities of TVs, digital maps, projections and video conferencing. “All the lockups should be monitored through CCTV cameras which should be operational 24X7 as is being done in police stations in some south Indian states,” the paper says.

Besides, the ministry has asked for a recreation room or gym in each police station for cops, as it is required for unwinding stress and boosting up health and morale.

Karnataka budget: Stress on internal security, modernization sidelinedWith an increase of 10 per cent in the budgetary allocation for the home department, a major push has been given to addressing major needs in the state’s law and order situation. The budget allocation for the sector may have increased from Rs. 3,941crores to Rs. 4,372 crores to address issues like terrorism, women’s safety and surveillance, there is limited scope for police modernization and investment in futuristic technology.

Among the major projects announced, a sum of Rs.50 crores has been allocated for a central command centre to coordinate anti-terror activities in the state. The ongoing surveillance improvement program in the city, following the Church Street blast case, is expected to get a boost with the government announcing Rs.8 crores for the installation of surveillance cameras.

Also to improve the investigations in to the crime against women cases, 6 special units with 15 personnel, headed by an SP rank officer will be established.

In other good news for Bengaluru, the B-TRAC project for finding a permanent solution to the city’s traffic woes has been extended for three more years. However, no specific amount has been earmarked for the project. Projects similar to B-TRAC will also be launched in Belgavi (Bel-trac), and Hubli-Dharwad (H-trac) for planning traffic infrastructure developments in the districts.

The CM also announced the establishment of a new jail in the outskirts of Bengaluru to solve the problem of overcrowding in the city’s central jail.

NEWS BRIEFS


Police chiefs sound alarm in wake of cuts to modernisation budget

Directors-General of Police from several states have warned Home Minister Rajnath Singh that the government’s decision to slash central funding for state police forces could hit their combat capability in insurgency and terrorism-hit states. Police chiefs have also warned that the cuts will hit plans to modernise the forensics and investigative skills of their forces.

The cuts to the centre’sModernisation of Police Fund (MPF), will slash about Rs 800 crore from funding for key police infrastructure—construction and upgrading of police stations, police housing, forensic science laboratories and training facilities. The cuts to the MPF were announced in the Union Budget as part of an effort contain the fiscal deficit. Now, state governments will be expected to provide their own funds for these elements of police modernisation, through the additional 10% share of central tax revenue they were granted by the Fourteenth Finance Commission.

SMART CITIESTask forces for Smart Cities set upCity-wise task forces have been set up by Urban Development Minister Venkaiah Naidu for drawing up concrete action plans for development of Ajmer, Allahabad and Visakhapatnam as Smart Cities.

The Task Force will have representatives of the ministries of Urban Development and External Affairs, respective state governments and cities and the United States Trade Development Agency (USTDA), said a senior Urban Development Ministry official.

Setting up of these Task Forces is in pursuance of the decision taken at a recent meeting between Naidu and the US Secretary of Commerce Penny Pritzker.

The Task Force on Ajmer comprises Divisional Commissioner, Ajmer (Chairman), Secretaries of Town and Country Planning and Municipal Affairs in Rajasthan government, District Collector of Ajmer, Administrator of Urban Improvement Trust, Ajmer, Municipal Commissioner of Ajmer, Mayor of Ajmer besides Joint Secretary of Union Urban Development Ministry, and representatives of Ministry of External Affairs and USTDA.

Allahabad Task Force comprises Divisional Commissioner (Chairman), Secretaries of Town and Country Planning and Municipal Affairs in UP government, District Magistrate, Vice-Chairman, Allahabad Development Authority, Mayor of the city besides Additional Secretary (Urban Development), Government of India and representatives of Ministry of External Affairs and USTDA.

The Task Force for Visakhapatnam will be headed by Secretary (Town and Country Planning) in Andhra government, Secretary (Municipal Affairs), District Collector, Municipal Commissioner, Vice-Chairman, Visakhapatnam Urban Development Authority, Mayor of the city, Joint Secretary (Urban Development), GOI and representatives of Ministry of External Affairs, Indian Navy and USTDA.

NBCC, DDA sign MoU for first smart sub-city in East DelhiThe National Buildings Construction Corporation Ltd. (NBCC) and Delhi Development Authority (DDA) have signed anMoU for the first smart sub-city to come up at Karkardooma in East Delhi.

As per the MoU between NBCC and DDA, the project, which will be spread over an area of 30 hectares, will be completed in phases and the first phase of construction will be completed within a period of 36 months. As per the MOU, NBCC will manage the project and a joint team of VC, DDA and CMD of NBCC will monitor its progress.

NEWS BRIEFS


The finalization of designs etc will be done by a Committee represented by both the Organisations and experts. NBCC shall be paid project management charges @10 percent of the final project cost (i.e. only the cost of construction and development without including the cost component of land) for coordination, supervision and monitoring of the project as per approved detailed project report.

NBCC with prior written permission of the DDA may undertake marketing of the built-up space at such terms and conditions which may be mutually agreed from time to time.

NBCC in consultation with DDA will finalize disposal methodology, phasing of disposal, period of disposal, rates thereof and other terms and conditions for

disposal of the built-up space. NBCC shall be entitled to disposal fee @ one percent of disposal Price of such properties. However, DDA would retain authority for pricing and disposal of the property.

It may be recalled that “East Delhi Hub” at Karkardooma project is the first TOD project which will be taken up and since this will be a unique mix of small size town homes, apartments, studios, residents for senior citizens including commercial, recreational etc. with world class facility etc, it is slated to change and shape the lifestyles of Delhiites as there will be more emphasis on quality living with less use of personal transport and more of pedestrian commuting.

An MOU with NBCC has already been signed outlining the details of the responsibilities of NBCC and deliverables to DDA. It has been agreed by both parties that the project should be designed in such a manner that it has the advanced technology features.

Fuji Electric eyes smart city, energy management projectsJapanese energy efficiency solutions provider Fuji Electric is in the process of identifying smart city projects in India and Andhra Pradesh, in particular, to offer their solutions.

Kazuhiko Hanaoka, General Manager, Fuji Electric, Power & Social Infrastructure Group, said that the company has been deployed in a number of smart community projects across various parts of the world including Japan, has begun a pilot project in AP.

In India, the company has worked on Smart Grid in Panipat, Water Recycling System in Maharashtra,

Energy Management System in Andhra Pradesh. “The challenges faced by power distribution companies in India, such as outage management, peak load management and the need to deploy smart metres, could be handled in a holistic way addressing the overall energy management efficiently,” he said.

Referring to the projects under way in AP, he said it involves setting up of monitoring equipment, following this up with the energy management system. “The renewable energy sector, which is posed to grow in the country, would give us opportunities to provide integration services,” he said.

Once the energy efficiency management is taken care off, the next important solution that would be useful for electric utilities is the demand supply forecast and management. This enables utilities to better manage generation demand based on the requirement and supply needs that too location-wise.

NEWS BRIEFS


Gujarat to adopt Bengaluru model for city roadsGujarat government will adopt the Automated Traffic Enforcement (ATE) system used by Bengaluru city police.The system which aims to improve the traffic management and punish traffic law violators in major cities of the state will be launched in Ahmedabad and Jamnagar on a pilot basis. The government has allocated Rs 6 crore for the pilot project.

Under the ATE system in Bengaluru city, constables note down the numbers of the offending vehicle and pass the information to the Automation Enforcement Centre equipped with

computers, software and vehicle database. Enforcement surveillance cameras keep watch on the motorists crossing the stop line, breaking lane discipline, and violating other traffic rules.

The offender is issued computerized challans generated under the section 133 of M V Act and it is sent to the offender by post.The traffic police also use smart phones to impose fine on the offender.

This type of system helps in on-the-spot fine collection and receipt generation. Cases booked are stored in the server and repeated offenders are identified. For those who cannot pay the fine on the spot, notices are issued to them and the details are put up on the server. The registration database from the transport department is linked to the automated centre so it helps in taking action like cancelling licence of the repeated offender.

ISB to develop Smart City Index for Indian cities Indian School of Business (ISB) having campuses in Mohali and Hyderabad, is working on a plan to develop a Smart City Index for Indian cities.

An initiative of the Punj Lloyd Institute of Infrastructure Management at ISB, the index would be rooted in the Indian context though it has been modelled after some of the best international indices, ISB said today.

The project has been conceived in such a way that it will allow comparisons among cities and rank them based on how they perform. It can assess improvements over the time and also serve as the measure of a city’s livability and smartness, it explained.

A smart city is defined as one that is socially, environmentally and financially sustainable and which strives to minimise waste of resources, like energy and water, in meeting the needs of its residents.

Such a city also values its citizens’ views and adopts a practice of citizen consultation in almost everything it does and will deploy technology extensively to improve the delivery of services.

It is projected that will account for nearly 75 per cent of the GDP in the next 15 years. It is for this reason that the government has decided on developing 100 smart cities in the country. The Smart City Index will support this initiative of the government, the B-school explained.

Kandla, JNPT to be ‘smart port cities’At least two smart cities are expected to come up in the Special Economic Zones in two major ports in the country in the coming five years. Under the ambitious Sagarmala project, Ministry of Shipping will build at least two smart cities in the SEZs in Kandla and Jawaharlal Nehru Port Trust.

“In the first phase, we plan to come up with at least two smart

NEWS BRIEFS


cities in ports of Kandla and JNPT, complete with affordable housing and other necessary infrastructure, wind and solar power generators for electricity generation,” said Nitin Gadkari, Minister of Shipping, after the Cabinet gave an ‘in-principle’ nod to the project, aimed at port-led development in coastal States.

“We are confident that the Sagarmala project will bring down cost of export-import, boost coastal traffic, improve trade and will provide infrastructure by way of roads and rail to transfer goods from one port to another,” he said.

Giving the example of high costs involved in transferring a shipment by road from Mumbai to Aurangabad vis-à-vis by ship from Mumbai to Delhi, Gadkari said, “Not only is mobility by road expensive and time consuming, but is also environment unfriendly and comes with an added risk of accidents.”

The port-led development is expected to lift India’s GDP growth by 2 per cent, Gadkari said. Terming the decision as “revolutionary” Gadkari said, “An allocation of Rs4,000 crore has been made for SEZ at JNPT. Our second SEZ is proposed at Kandla port, for which we have two lakh acres of land in its possession.” Gadkari said a National Perspective Plan (NPP) for the coastline will be prepared within six months which will identify geographical regions to be created as SEZs.

The Cabinet also nodded the creation of a Special Purpose Vehicle by the Ministry of Shipping, which will be funded by 12 major ports and Rail Vikas Nigam Limited. The SPV, which will improve the last mile connectivity to ports and modernise evacuation infrastructure will aim at reducing time and costs involved in cargo transfer. Gadkari further said that parliamentary nod is also being sought on the Bill to convert 101 rivers into National Waterways in the ongoing Budget Session.

24 year-old wins Indias first Smart City ContestShubhojitMallick was adjudged as the winner of the ‘Dalmia Bharat Smart City Contest’ which was conducted in collaboration with Ashoka University and NASA Research Park based Singularity University. ShubhojitMallick won the contest for his innovative project in Bangalore that captures pollutants from automobiles using Nanocylinders to reduce pollution. The contest was conducted over two months and received several entries from across India and Asia.

A first of its kind, the contest enabled Indian students to participate in the annual Global Impact Competition (GIC) of Singularity University that is conducted across various countries. The winner received a fellowship worth USD 30,000 and will also attend the Graduate Studies Program (GSP) at Singularity University, US.

Singularity University has been conducting the GIC for two years across markets with a different focus and theme for every geography. In India, the contest was launched on January 2, 2015, opening a platform for Indian students to develop innovative ideas that are focused on helping further India’s dream of building 100 smart cities in the next 3-5 years. The winner will also represent India amongst other students from all over the world at Singularity University.

CII inks pacts for smart city initiativeIndustry body CII has signed agreements with Hitachi India Ltd and Siemens Ltd to set up a National Mission that will help realise government’s vision of creating 100 Smart Cities in the country. Under the pact, CII will establish a National Mission for Smart Cities -- a platform comprising industry leaders and experts to provide “policy advocacy and thought leadership” to government and other stakeholders.

The forum will engage with central & state governments as well as other public authorities to promote the Smart City initiative, CII said. CII said it also hopes to finalise a similar agreement

with US-based Cisco Systems by the end of the month.

NEWS BRIEFS


The idea is to help form consortiums to enable Smart Cities happen, working with the state governments to see how we can bring expertise and knowledge from these countries to India to enable the vision of creating a 100 Smart Cities.

Industry partners will support the Mission by generating ideas promoting Smart City concepts amongst stakeholders. They will also prepare and undertake demonstration projects, prepare prototypes to showcase best practices in various fields related to Smart City development.

Sri City starts centre for smart citiesA new centre for smart cities has been started at the Indian Institute of Information Technology (IIIT), at Sri City in Andhra Pradesh.

M Venkaiah Naidu, Union Minister for Urban Development, Housing and Urban Poverty Alleviation inaugurated the centre in the presence of Srini Raju, Chairman, Sri City Foundation and Member Secretary, IIIT and others dignitaries.

The Centre is expected to help Sri City in managing the water and power resources efficiently, besides balancing its

ecosystem.Naidu said it was among the first of such initiatives by an academic institution.

RavindraSannareddy, chief of Sri City said,” Centre for Smart Cities’ of IIIT would enable R&D of such technologies for building smart cities and smart villages, and aid in achieving the goals announced by central and state governments.”

Haryana plans services data hub in first step to build smart citiesThe state government is planning to launch a separate company to maintain and manage its geo-spatial data. For this, a centralized databank will be created that will source information from 19-odd government departments. The policies of this company, as well as its formation, are being deliberated upon by the department of town and country planning (DTCP), which aims to centralize geo-spatial data and enable other government agencies impart smoother citizen services.

The need for creation of ‘Haryana Urban Geo-Spatial Applications Limited’ (HUGSA), for preparedness in urban e-governance and development of smart cities, was discussed in a meeting called by the additional chief secretary to DTCP, P Raghavendra Rao, with 16 senior officials from departments including urban local bodies, DTCP, HUDA, HSIIDC, transport and MCG. According to Rao, the proposal to create a specialized agency (HUGSA) is aimed at integrating data from different departments, and to develop a technology-based platform for data-sharing and coordination among various arms of the government.

If customized applications are made using this databank to cater to services offered by bodies like HUDA, HSIIDC and municipal corporations, it will improve response time and efficiency of all departments, as well as of citizen services, he said.

He further said the purpose of this company is to integrate geo-spatial data (from creation to updating, management, dissemination and sharing of the data), master plans, a land-use portal, land-ownership records, data from public utility networks (including roads, water, sewerage, electricity, telecommunications) maintained and managed by various departments, local bodies, HUDA, HSIIDC, housing boards, among others.

He added that the ‘draft concept note’, issued by the Union ministry of urban development on smart cities, lays great emphasis on building a GIS (geographic information system) database for selected cities/towns as well as urban e-governance.

Three cities from Haryana - Gurgaon, Faridabad and Sonepat - are likely to figure in the smart city scheme list. One

NEWS BRIEFS


of the prerequisites of a ‘smart city’ would be to have an integrated and reliable database, which in case of Haryana could benefit HUDA, licensed colonies, the public health department, municipalities, PWD (Buildings and Roads), Delhi Metro, for future infrastructure expansion or development.

Need to tap new funding sources for infrastructure: Raghuram Rajan

The banking sector has already overstretched itself in lending to infrastructure, Reserve Bank of India Governor RaghuramRajan said, underscoring the need to tap new sources of funding for this industry.

“Going forward, we need to develop new sources of risk capital so that our infrastructure needs can be financed with moderate amount of debt, even as we help the system

deleverage,” Rajan said in his inaugural address at a conference on financial inclusion, organised as part of the RBi’s80th anniversary celebrations.

India’s infrastructure funding needs were estimated at more than $1 trillion (Rs 62.60 lakh crore) over the 12th plan period ending March 2017. To meet that, tapping other sources too would be required.

“Our tasks are far from over. The nation has enormous financing needs in infrastructure, and far too many of our banks already have too much exposure,” he said. Moreover, big corporate infrastructure players have also taken too much debt. The government has already allowed mutual funds and non-bank finance companies to float infrastructure debt funds to cater to this sector.

Excessive reliance on the banking sector to fund infrastructure could potentially impact financial stability, Rajan warned. “The required national push to finance infrastructure should not override financial stability, which is key to national security.”

NEWS BRIEFS


Not more security. Better security.

Nuance ForensicsNuance Forensics is a web-based voice biometric software solution designed to provide forensic examiners and law enforcement investigators with the ability to quickly and accurately match an individual’s identity from audio captured during a criminal investigation.• Support successful prosecutions or defence with comprehensive biometric forensic reports• Advance active investigations by biometrically linking targets with audio statements• Leverage language, dialect and gender detection capabilities to speed up investigations

For the consumer.Think of knowledge-based security as sprawl. When one level becomes ineffective, another level is added. PINs become passwords and passwords then require security questions to back them up. This is hard and stressful for the customer, and it puts them further away from completing their intended task.

For the corporation.Knowledge-based security is easily compromised. The four-digit PIN is the weakest credential as it’s often shared and a brute force attack can compromise it without any knowledge of the legitimate account holder. Passwords and security questions can be successfully answered based on simple web searches .

Voice Biometrics does away with all this. It uses the customer’s voiceprint for authentication. It can be passive, where the user can say anything and we match their voice, or it can be based on a passphrase. Either way, it’s a natural, effortless, and much more accurate way to authenticate.

Voice Biometrics is more secure than a PIN or password, because a compromised voiceprint has no value to a hacker. Not only that, when a fraudster speaks in an IVR, call centre or mobile app, they leave behind their own voice – which can be used to identify them.

Powerful Voice Solutions for Public SecurityNuance is the global leader in public security solutions employing voice biometric and other speech technologies.

Nuance delivers successful security solutions to government, military, intelligence and law enforcement agencies to assist in crime prevention, investigation efforts, and voice recording analysis.

Nuance Communications T +61 2 9434 2300 australia.nuance.com

Brisbane 245 - 249 Lutwyche Rd Windsor QLD 4030

Melbourne Level 23, 40 City Rd Southbank VIC 3006

Sydney Level 11, 124 Walker St North Sydney NSW 2060


solution that allows agencies to quickly and easily identify known individuals through their voice within large audio data sets, as well as enroll voiceprints for individuals under surveillance or investigation to:• Identify speakers, language & gender quickly and accurately

audio analysis

• Spot keywords spoken in over 80 different languages and dialects

Nuance Identifier

Nuance CommunicationsDeepak Bhatia | [email protected] | +91 99111 81052Ashish Bhat | [email protected] | +91 98102 14664


Technology’sgiantstridesanditsincrediblesuccessintermsofbringingmorepeopleintheambit of a digitized and connected world need no elaboration. If the last decade of the 20th Century witnessed the advent of new age banking in India with the ubiquitous Indian customer

being introduced to the concept of ATM, the first decade of the 21st Century saw the expansion of the sphere of plastic money, internet based banking or net banking as well as phone banking. Over the last five years or so, the exponential growth of smart phones, tablets and the advent of the new age of applications or app as there are commonly known as, has brought in a completely new dimension so far as spreading the reach of banking is concerned. This has been extended even more with the massiveproliferationofbloggingsitessuchasfacebookandtwitter.Newagebankingthushadtokeep pace with all these developments and bring innovations to match the pace of technological developments. Today one can even operate or rather make banking transactions with twitter.

With time, the reality of today is that one can and does operate a bank account from multiple platforms like the smart phone, the tablet as well as the PC or laptop. Ports have been replaced by smart applications and even though cyber banking has made life and transaction extremely convenient, it has not come without its baggage of inherent risk because of cyber related frauds.

A report by the Centre for Strategic and International Studies (CSIS) in 2014 stated that the global cost of cyber crimes is to the tune of a whopping $445 billion. In fact the enormity of the impact of cyber related crimes on the banking industry can be gauged by what was reported in February this year.AnarticlebyTheTelegraphofUKstatedthatagangofRussiabasedhackerswerebehindacyberheistthatresultedinstealingof£650millionfromsomeUKaswellasJapan,ChinaandUSbased banks, As pert the news report the modus operandi of the gang involved using malware to infiltrate into the concerned banks� network and then sending data back to the hackers for months.

To take another example, in 2013, it was reported how the hackers had stolen around $45 million from a couple of Gulf based banks after successfully hacking into the system of a credit cardprocessing firm and then withdrawing money from ATMs from around 27 countries.

Tackling the Cyber Threat- Way Forward

BANK SECURITY


With India continuing to be the one of the fastest growing markets for internet, net banking and digital payment industry has been growing by leaps and bounds here. Reports state that in 2013, India 800 million financial transactions through the electronic media with almost 44% of the same being through net banking. By certain estimates, the digital payment industry of India was worth nearly $20 billion in 2014. The rapid increase of mobile banking as a result of a massive proliferation of mobile telephony and popularity of smart phones have made the Indian market one of the fastest for net based banking. However, as is the case with the global trends, the proliferation of net banking and cyber world has brought with it, its own set of problems. India has been witnessing a whopping 40% increase in cyber crime annually and a substantial portion of this is related to banking as well. Cyber attacks not just by non-state actors but also state sponsored concerted cyber attacks have become a real issue.

The modus operandi of the cyber criminals remain more or less the same across the world with some of the most popular method of attacks can be categorized as virus, spam mails, Trojan, malware, scare ware, phishing, fiscal fraud and carders.

Source- World Economic Forum Report

The impact, efficacy and indispensability of the cyber world today is such that the only way forward to make sure that on the regulatory, policy and awareness front, a considerable amount of effort is put to make sure that both organizations and governments take ample precautionary measures and sensitize the citizens so that cyber crimes can be contained if not completely done away with. While cyber attacks with time would become more of a norm than an exception, the key question that would be the determinant factor is how much the financial industry and governments would be willing to learn and invest in preventive measures, The response in this respect has to be in the realm of traditional approach such as improving the regulatory and policy measures in addition to more of information sharing and coordinated actions as well as investments in cyber security technologies.InthisrespectonehastoacceptthatsomepositivestepshavebeentakenbytheGovernmentofIndia through the creation of the Critical Information Infrastructure Protection Centre as well as comingoutwithaNationalCyberSecurityPolicybutmorehastobedoneintermsofdoingawaywiththecultureofdenialthatexistssofarascybercrimeisconcerned.Disclosureofcyberattackson organizations should ideally be made mandatory.

Hacktivism

Acc

iden

tal

Poor

Pra

ctic

e

Tec

hnol

ogy

Proc

esse

sPe

ople

Policies

Tra

ditio

nal

Com

mun

itySy

stem

ic

Regulations

Governance

Information Sharing

Mutual Aid

Coordinated Action

Risk Markets

Embedded Security

CorporateEspionage

GovernmentDriven

Terrorism

Criminal

Threats Vulnerabilities Values at Risk Responses

Assets

Reputation

BANK SECURITY


Notes

New DelhiNext to Syndicate bank,Subhanchal Hostel BuildingNear Vikas Sadan, INA colony New Delhi – 110 023T: +91 11 4955 6600F : 91-11 4373 4477

Mumbai103/104, 10th Floor, Maker Chambar VI, Nariman Point, Mumbai - 400021T : 91-22-43423313 33F : 91-22-43423322

Bangalore503, 15th Main, 7th Cross 3rd Block, Koramangala ExtnBehind BDA, Bangalore – 34T : 91-80-4125 4959F : 91-80-4125 4958

Please Search SWI at :To know more please visit www.securitywatchindia.org.in or email us at [email protected]


3rdSECURE BFSI

CONCLAVE

Special Issue on the occasion of

rd secure bfsi conclave - donutsdocshare01.docshare.tips › files › 28516 › 285163725.pdf ·...

Documents