The attitude of the management and awareness of the employees in the banking industry need to change and have to become positive. They have to bend towards cybersecurity. Updating and upgrading to hardened systems is the need of the hour. ATMs cannot be on Windows XP.
Criminals are always one step ahead of law enforcement, but cybercriminals are 10 steps ahead. In some cases, the prowess of law enforcement agencies is not anywhere near the criminals'. So forget catching the cyber offender, they don't even anticipate a cybercrime. Not having enough cyber intelligence or not acting on online intelligence is the biggest failure of Indian law enforcement till date in the digital space.
Various cyber crimes via social engineering, and organised international cybercrime gangs like Lazarus or Cobalt — I can say that these are today's challenges. Both are essentially part of organised crime syndicates. Police do catch some of the ring members but there has been no conviction in India to create deterrence among cybercriminals. I find cyber criminals often walk out on bail and gte back to business as usual.
There are measures the administration needs to implement. One, large-scale digital literacy programmes in vernacular languages. Two, a cyber cadre of police without any other law enforcement duties. Three, an industrial CERT, or computer emergency response team, to warn the industry against specific types of cyber threat. And four, a functional civil court, or an adjudication officer, to grant appropriate damages and compensation.
Cellphones, mobile operating systems and mobile apps that are not fully secure have created this situation where the consumers have become vulnerable. The Reserve Bank of India and the state governments need to set and achieve targets in digital literacy programmes for banks. They also need to monitor the progress of these initiatives. Such training should be given in vernacular languages so the people have a better grasp of the subject, as well as the new technology.
More cybersecurity and less data leakage mean more trust in digital banking — Digital India. And leakage or illegal transfers give banking a bad name. Today, everything in banking is IT-based and delivered via cyberspace. If cybersecurity is taken seriously by every bank employee, then crime can be avoided and good services can be provided to digital banking customers. Data is the new gold, and banks are now custodians of this gold.