CERT-Fin nice but cyber security needs more focus: Experts

While welcoming the government's move to establish the Computer Emergency Response Team for Financial Sector (CERT-Fin) to curb hacking and securing online data, cyber experts on Wednesday said much more is needed to be done in order to safeguard our computer networks and payment gateways as India aims to go digital.

During his Union Budget 2017-18 speech in the Lok Sabha, Finance Minister Arun Jaitley announced that CERT-Fin will be set up soon.

"Cyber security is critical for safeguarding the integrity and stability of our financial sector. A CERT-Fin will be established. This entity will work in close coordination with all financial sector regulators and other stakeholders," Jaitley said in Parliament.

"Although establishing the CERT-Fin is a nice move towards improving cyber security in the banking and finance sector, we need far more focus to safeguard computer networks and payment gateways targeted by state and non-state actors," Pavan Duggal, a cyber law expert, told IANS.

Following a malware-related security breach in 2016, the State Bank of India (SBI), HDFC Bank, ICICI Bank, Axis Bank and YES Bank blocked millions of debit cards that were compromised in one of the biggest data breaches in the Indian financial sector.

"We had expected far more allocation of funds towards fighting cyber crime, including initiatives towards strengthening our cyber law enforcement agencies in the budget. We also need to strengthen our cyber law so that online fraudsters can be nailed fast," Duggal added.

According to Altaf Halde, Managing Director, Kaspersky Lab-South Asia, the CERT-Fin will lead to collaboration between the technology companies and the banking system in the country.

But "with demonetisation and India going digital, we would like to see more focus from government to allocate budget into improving our cybersecurity framework," Halde told IANS.

Global network and endpoint security firm Sophos stressed that while the government's efforts to combat cyber crime are commendable, we can improve once the National Cyber Security Policy is fully implemented.

"To establish a secure environment for India's information technology (IT) infrastructure and related assets, it is imperative to create a solid foundation to thwart any risks that will ensure that both public and private entities, including small enterprises are well equipped to face the cyber security challenges of a connected world," Sunil Sharma, Vice President (Sales) Sophos, India and Saarc, told IANS.

Finland-based IT security company F-Secure hailed the move to set up CERT-Fin.

"The synergy created by these announcements, along with the efforts of cyber security solutions, is going to further inspire new users to come online, aiding India's transition to a digital economy," Amit Nath, Head of Asia Pacific (Corporate Business) F-Secure, told IANS.

--IANS

qd/na/bg