🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Read More
Protect your organization from external threats like data leaks, brand threats, dark web originated threats and more. Schedule a demo today!
Schedule a DemoTo meet the growing needs of customers, banks are increasingly adopting Information Technology (IT) solutions, to carry out daily operations. Thus making them attractive targets for escalating cyber attacks. To ensure that Indian banks function in a cyber-resilient environment, the Reserve Bank of India (RBI) issues regular guidelines. Hence, in one of its recent circulars, in addition to distinguishing cybersecurity from information security, the RBI advises banks to establish mechanisms for:
The RBI guidelines advocate the following measures to help banks improve their overall security posture:
Cyber attacks are not preceded by warnings or timelines. Hence, the RBI recommends that banks set up continuous surveillance to stay abreast of emerging cyber threats.
XVigil, CloudSEK’s digital risk monitoring platform, offers continuous monitoring across the surface and the dark web. Specifically focusing on: mentions of the bank, its brand, and its infrastructure.
Financial institutions depend on technology to function smoothly. It also helps them deliver cutting-edge digital products to address their customers’ needs. However, in the process, banks collect customers’ personal and sensitive information.
Banks should take appropriate steps to ensure uncompromised confidentiality, integrity, and availability of this data. Moreover, as custodians of such information, it is incumbent on banks to preserve data, in transit and in storage, within their environment or that of third party vendors. To this end, banks should establish suitable systems and processes, across the data/ information lifecycle.
XVigil proactively monitors the web for data leaks. Subsequently, it alerts banks to leaks involving their customers’ information, credit card details, or debit card details. The platform also reports 3rd party data leaks that could affect banks and their customers.
Banks also need to notify the RBI of all unusual cybersecurity activities and incidents, irrespective of the success or failure of the attempts.
XVigil prepares reports, listing major incidents that may be submitted to the RBI, adhering to compliance standards.
Banks need to maintain an up-to-date inventory of assets including their infrastructure and business applications.
XVigil performs daily asset scans, to track all internet-facing assets, including domains, sub-domains, IPs, WebApps, etc.
Banks should maintain an updated, and preferably centralized, inventory of authorized/ unauthorized software.
XVigil runs infrastructure scans every day and alerts banks to any threats. As a result, it keeps Shadow IT threats in check.
Banks must document and apply baseline security requirements/ configurations to all categories of devices.
XVigil detects and reports misconfiguration of internet-facing assets, in addition to the Open Web Application Security Project (OWASP) top 10 vulnerabilities.
Banks are accountable for appropriate management of security risks pertaining to outsourced and partner arrangements.
XVigil monitors and reports on any third-party sources that leak sensitive information, thus fulfilling the RBI’s requirement to manage vendor risk.
The RBI advocates for banks to:
XVigil monitors and provides real-time alerts, on threats that impact banks’ brand or infrastructure, from various sources across the surface web and the dark web. In addition, the platform scans open ports, misconfigured SSLs, leaky S3 buckets, and XSS vulnerabilities.
Banks have been advised to subscribe to anti-phishing/ anti-rogue apps or services from external service providers. Since, this will help them identify and take down phishing websites/ rogue applications.
XVigil detects phishing/ rogue apps, fake domains, and fake social media accounts. CloudSEK also offers takedown of such phishing websites/rouge applications.
Banks should develop a comprehensive data loss/ leakage prevention strategy to safeguard sensitive, proprietary, and confidential business and customer data.
XVigil scans for data leaks, including third-party leaks, and additionally gives banks timely and actionable threat intelligence.
Banks should conduct periodic vulnerability assessment and pen-testing exercises on all the critical systems, particularly the internet-facing ones.
XVigil runs basic level vulnerability assessments, as well as pen-testing exercises, every day. And subsequently alerts banks to open ports, misconfigured SSLs, leaky S3 buckets, and XSS vulnerabilities.
Banks must make arrangements for forensic investigation unless they have support.
CloudSEK offers forensic services, together with unlimited support.
While delivering services to customers, several stakeholders are involved directly or otherwise. Their experience is indispensable. Besides, their integration with multiple tools would give organizations a view of the entire security landscape. Thus, encouraging better decision making.
XVigil can be easily integrated with multiple SIEMS, SOAR and other platforms. Thus giving banks a single view of their entire security landscape.
Home Ministry Proposes Ban on VPN Services: Should You Be Worried?
Top open source resources to stay vigilant against COVID-themed cyber attacks
Take action now
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Digital Risk Protection platform which gives Initial Attack Vector Protection for employees and customers.
Software and Supply chain Monitoring providing Initial Attack Vector Protection for Software Supply Chain risks.
Creates a blueprint of an organization's external attack surface including the core infrastructure and the software components.
Instant Security Score for any Android Mobile App on your phone. Search for any app to get an instant risk score.
min read
RBI guidelines for banks to combat escalating cyber attacks
To meet the growing needs of customers, banks are increasingly adopting Information Technology (IT) solutions, to carry out daily operations. Thus making them attractive targets for escalating cyber attacks. To ensure that Indian banks function in a cyber-resilient environment, the Reserve Bank of India (RBI) issues regular guidelines. Hence, in one of its recent circulars, in addition to distinguishing cybersecurity from information security, the RBI advises banks to establish mechanisms for:
The RBI guidelines advocate the following measures to help banks improve their overall security posture:
Cyber attacks are not preceded by warnings or timelines. Hence, the RBI recommends that banks set up continuous surveillance to stay abreast of emerging cyber threats.
XVigil, CloudSEK’s digital risk monitoring platform, offers continuous monitoring across the surface and the dark web. Specifically focusing on: mentions of the bank, its brand, and its infrastructure.
Financial institutions depend on technology to function smoothly. It also helps them deliver cutting-edge digital products to address their customers’ needs. However, in the process, banks collect customers’ personal and sensitive information.
Banks should take appropriate steps to ensure uncompromised confidentiality, integrity, and availability of this data. Moreover, as custodians of such information, it is incumbent on banks to preserve data, in transit and in storage, within their environment or that of third party vendors. To this end, banks should establish suitable systems and processes, across the data/ information lifecycle.
XVigil proactively monitors the web for data leaks. Subsequently, it alerts banks to leaks involving their customers’ information, credit card details, or debit card details. The platform also reports 3rd party data leaks that could affect banks and their customers.
Banks also need to notify the RBI of all unusual cybersecurity activities and incidents, irrespective of the success or failure of the attempts.
XVigil prepares reports, listing major incidents that may be submitted to the RBI, adhering to compliance standards.
Banks need to maintain an up-to-date inventory of assets including their infrastructure and business applications.
XVigil performs daily asset scans, to track all internet-facing assets, including domains, sub-domains, IPs, WebApps, etc.
Banks should maintain an updated, and preferably centralized, inventory of authorized/ unauthorized software.
XVigil runs infrastructure scans every day and alerts banks to any threats. As a result, it keeps Shadow IT threats in check.
Banks must document and apply baseline security requirements/ configurations to all categories of devices.
XVigil detects and reports misconfiguration of internet-facing assets, in addition to the Open Web Application Security Project (OWASP) top 10 vulnerabilities.
Banks are accountable for appropriate management of security risks pertaining to outsourced and partner arrangements.
XVigil monitors and reports on any third-party sources that leak sensitive information, thus fulfilling the RBI’s requirement to manage vendor risk.
The RBI advocates for banks to:
XVigil monitors and provides real-time alerts, on threats that impact banks’ brand or infrastructure, from various sources across the surface web and the dark web. In addition, the platform scans open ports, misconfigured SSLs, leaky S3 buckets, and XSS vulnerabilities.
Banks have been advised to subscribe to anti-phishing/ anti-rogue apps or services from external service providers. Since, this will help them identify and take down phishing websites/ rogue applications.
XVigil detects phishing/ rogue apps, fake domains, and fake social media accounts. CloudSEK also offers takedown of such phishing websites/rouge applications.
Banks should develop a comprehensive data loss/ leakage prevention strategy to safeguard sensitive, proprietary, and confidential business and customer data.
XVigil scans for data leaks, including third-party leaks, and additionally gives banks timely and actionable threat intelligence.
Banks should conduct periodic vulnerability assessment and pen-testing exercises on all the critical systems, particularly the internet-facing ones.
XVigil runs basic level vulnerability assessments, as well as pen-testing exercises, every day. And subsequently alerts banks to open ports, misconfigured SSLs, leaky S3 buckets, and XSS vulnerabilities.
Banks must make arrangements for forensic investigation unless they have support.
CloudSEK offers forensic services, together with unlimited support.
While delivering services to customers, several stakeholders are involved directly or otherwise. Their experience is indispensable. Besides, their integration with multiple tools would give organizations a view of the entire security landscape. Thus, encouraging better decision making.
XVigil can be easily integrated with multiple SIEMS, SOAR and other platforms. Thus giving banks a single view of their entire security landscape.