Qualys Security Platform out-of-the-box capabilities automate assessment and reporting requirements for RBI compliance
Qualys will demonstrate its capabilities for automating RBI Compliance among the Financial institutions at its user conference in Mumbai.
Cyber-attacks and data breaches have increased significantly against the banking sector as they are digitally transforming. Using the Qualys security and compliance platform, the financial institutions can easily address both the technical and procedural requirements for compliance and reporting without adding the cost or complexity of point solutions.
“Today’s digital way of life puts immense pressure on financial institutions to provide both business flexibility and an unprecedented level of security for their customers’ financial information,” said Philippe Courtot, Chairman and CEO, Qualys, Inc. “The new guidelines require banks across India to put in place a robust cyber security and resilience program to help them assess their security posture on a continuous basis, which Qualys delivers uniquely through its highly scalable security and compliance platform that can be delivered on premise or via the cloud.”
Qualys RBI Compliance Solution
Qualys enables banking organizations to more easily meet existing and new regulations such as RBI guidelines without the hassle of deploying, managing and integrating point security products from multiple vendors. The Qualys Cloud Platform incorporates more than 10 applications, all of which are delivered via the cloud, on top of Qualys’ infrastructure and core services. It features several unified turnkey solutions in one platform that allows customers to efficiently comply with the RBI Cyber Security Guidelines:
- Two-Second Visibility and Prioritization: Qualys AssetView (AV), Vulnerability Management (VM) and ThreatPROTECT (TP) work together to provide complete visibility of a customer’s assets, vulnerabilities, and related risk as required by the RBI Cyber Security Guidelines. Since the RBI Guidelines require continuous surveillance and baselining of risks in an organization, these modules can be supplemented with Qualys Continuous Monitoring (CM), which enables customers to immediately identify and proactively address potential problems.
- Compliance: Customers can use Qualys Policy Compliance (PC) to automate security configuration assessments and quickly determine compliance with RBI technical security requirements, as it provides out-of-the-box reports that customers can run in minutes to document their preparedness against RBI Guidelines. Qualys Security Assessment Questionnaire (SAQ) allows customers with out-of-the-box campaign templates to derive the posture of procedural RBI guideline elements such as vendor risk management or user awareness, and verify that these procedural controls are enforced internally and by third-party vendors and partners.
- Web Application Security: Banks can use Qualys Web Application Scanning (WAS) to implement the RBI guidelines for vulnerability assessment, penetration testing and red team exercises, application security life cycle, patch/vulnerability and change management. In addition, Qualys Web Application Firewall (WAF) can be an integral part of their multi-layered security infrastructure and help banks implement the RBI guidelines of web application security lifecycle.
Further, the Qualys soltions can be delivered to customers worldwide either from Qualys’ public cloud infrastructure or via a Qualys Private Cloud Platform (PCP).
Qualys has set up its first Secure Operations Center (SOC) in Pune this year to provide enterprises access to cost-effective, localized cloud-based security and compliance solutions that support data sovereignty requirements of Indian organizations.
Similarly, Organizations can also deploy Qualys via the Qualys Private Cloud Platform, available as a 1U appliance, which offers the same robust private cloud security and compliance services while keeping all sensitive security and compliance data generated by Qualys locally in the customer’s datacenter.
For all deployment models, Qualys offers open APIs, which allow organizations to seamlessly integrate into Cyber Security Operation Centers that are mandated by RBI. There is no new software to deploy or infrastructure to maintain.
