Data being at the very core of business development, service and support functions for financial institutions and external vendors outsourcing means GDPR is a major risk factor. And with heightened focus on executive accountability, the BFSI sector is undergoing maximum change to address regulatory challenges and demands.
[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f9f9f9″ bcolor=”#5b9cc0″]
“With heightened focus on executive accountability, the BFSI sector is undergoing maximum change re-evaluating business models, transforming units, and redefining both their role and value within the organization.”
Rahul Kumar
Country Manager
WinMagic India
[/quote]
How has been the general reaction of the Indian BFSI sector to the implementation of EUGDPR, positive or negative? Are they geared up for the DPR era?
For financial institutions, data is at the very core of their business development, service and support functions. With these institutions outsourcing much of the work to external vendors, GDPR is a major risk factor! What’s more, the vendors cannot disassociate themselves from the GDPR obligations, irrespective of the clear process and procedure laid out by the organizations. This, in a way, makes the BFSI sector an important one for GDPR if they are doing business in the EU – the global players in India. In any case, the Indian banking sector is on a roll and is poised to become the third largest domestic banking sector by 2050. They are comfortably placed to comply with the DPR regime, but to my mind, this will be driven mostly from local regulations – more than EUGDPR. Trends show that the BFSI sector and its ancillaries have geared up already. For instance, the market for BFSI security solutions is expected to grow the highest in this region. These are all pointers that show where we are headed.
Has compliance demanded a major overhaul in the security procedures of banking organizations? Has there been a marked increase in the security budgets?
With or without compliance, banks face business risk if they do not align business strategy with regulatory compliance. Regulations have only heightened the expectations by giving the due powers to the customer. This has ushered in change at the individual business level and enterprise level. It makes business sense to automate compliance processes for the benefit of accountability, analysis, reporting, etc. Of course, spending on information security products and services is showing healthy signs of growth. It is expected that the global spending will grow by 8.7 per cent to $124 billion in 2019.
How has this changed the outlook of the board and other CXOs apart from ITDMs, now that penalties are involved?
With heightened focus on executive accountability, the BFSI sector is undergoing maximum change to address regulatory challenges and demands. This involves re-evaluation of business models, transforming units, and redefining both their role and value within the organization. Of course, this would involve breaking institutional barriers, but then that is the future of business.
With India becoming a prime target for cyber criminals like never before, how does this coupled with the regulatory landscape alter the playing field for banking CIOs and CISOs?
Privacy concerns, data security, and compliance are the key market drivers. Staying ahead of changing business needs and addressing threats remain the top concerns of banking CIOs and CISOs. The threat of penalties has pushed the security mechanism into the spotlight. Both the CIO & CISO have a demanding task of building a robust culture of compliance and transparency across the organization, ensuring that security is the key consideration in the design of business processes, strategy, and innovation. There is a renewed sense of urgency and maturity within the teams, greater cooperation, and openness when sharing information and best practices.
What are some simple security practices which will help BFSI CIOs and CISOs to maintain compliance in the long run?
Encryption and compliance controls are the two keywords that determine the security of banking and financial organizations. This industry faces almost three times more cyber-attacks than any other does. The threat landscape is evolving, and so is the security ecosystem. We are talking about a very vast landscape here. It is critical that customers make strides towards building fundamental layers of security and build on from there.
