The Reserve Bank of India has set up the Reserve Bank Information Technology Pvt Ltd (ReBIT) to take care of its IT requirements, including the cyber security needs of the bank and its regulated entities.
ReBIT will focus on IT and cyber security including research for the financial sector and assist in IT systems audit and assessment of RBI regulated entities, in addition to implement and manage internal or system wide IT projects. The agency will have four main verticals it will work in – cyber security, research and innovation, systems audit and project management.
For now, the RBI is looking to hire for various roles in cyber security, administration, project management, system audio and research and innovation. It’s not clear by when the agency will go live. Note that Reserve Bank’s regulated entities include other banks, NBFCs, wallets, ATM operators and payments banks, and as such, ReBIT will be responsible for ensuring cyber security enforcement of almost all online/digital transactions. However, it’s not clear if this will cover the UPI as well.
With digital payments on the rise, and digital heists and frauds becoming common, the establishment of such an arm has been long time coming. Just a few months ago in October, over 3.2 million debit card details were likely stolen by hackers hackers from ATMs and POS machines on YES Bank’s network, days after Axis Bank and SBI confirmed security breaches in its servers. To avoid such incidents, and to recover quickly in cases of attacks, it’s important for the bank regulator has its own IT plan in place, and setting up an arm for IT requirements is a good place to start.