The RBI Deputy Governor Mr R Gandhi has confirmed that the recent cyber attack that was reported in Mumbai was on Union Bank of India but no loss might have been reported. Mr Gandhi also reminded the Banks about the new Cyber Security Framework that RBI wanted Banks to implement.
Under this framework, there was a need for Banks to confirm that a gap analysis had been completed and taken note of by the Board before July 31, 2016. Since the deadline has already passed yesterday (given the weekend holidays), it would be interesting to know whether at least one Bank has reported to RBI about the compliance to its compliance requirement. Since his statement is silent on this aspect, it can be presumed that no Bank has so far completed the gap analysis and got the approval of its board and reported it to RBI so far though one or two might have been able to complete the gap analysis at departmental level and kept it ready for presentation to the Board whenever it meets next.
Now we need to watch out what would be the follow up action of RBI for non compliance of this first level default.
Naavi
It would be interesting if you could interview and publish in this location interaction with CEO or Chief Information Security officer of any Public Sector Bank on these lines.