The Reserve Bank of India (RBI) executive director G Padmanabhan has called for the need for a statute protecting a common citizen against cyber fraud or cyber crime.
“Cyber-attack is generally met with panic. A policy that clearly states the roles and responsibilities of each stake holder and the response that is required for each scenario will ensure that panic is replaced with decisive action,” said Padmanabhan at the Sri Chithira Thirunal Memorial Lecture Series on Saturday in his speech.
According to Padmanabhan the biggest challenge in making the financial sector cyber resilient is to first acknowledge the complexities and interdependencies and then to proactively address failures, adopt effective resilience techniques, and resolve problems through cooperation.
Padmanabhan's comments come at a time when the country is moving towards digital banking in a big way. RBI and government have been consistently making efforts over several years to encourage electronic banking and electronic financial transactions to bring the economy out of cash based system.
Padmanabhan believes that a strong law, which protects a diligent customer from cyber frauds would infuse institutional safeguard to a common person and increase his confidence to use technology in financial transactions.
“The point that I am trying to flag is that a customer must be legally protected from suffering losses when he becomes a victim of the cyber crime as a matter of right rather than having to run from pillar to post to prove that he was not negligent,” he said.
There is a need for the support of the insurance sector too in a bid to implement customer protection effectively.
“Insurance cover is certainly an option worth looking at as part of risk management, but this poses several challenges to both the regulator and the insurance companies. There are several issues in arriving at an acceptable formula for insurance premium due to paucity of historical data. We need to have systematic data on the losses suffered in the past due to cyber attacks covering incident occurrences and incidence reporting, impact analysis, third party damages suffered etc.,” said Padmanabhan. He believes this is certainly challenging but not insurmountable.