The ODFC Webinar on Cybersecurity Framework for NBFC brought together experts to address the growing cyber risks faced by Non-Banking Financial Companies (NBFC) in India. As digital transformation accelerates, NBFCs need to adopt robust cybersecurity measures to protect sensitive financial data and maintain trust.
General, Legal & Technology
Email 📬 ask@nbfc.in
At the ODFC Webinar we will cover the following RBI Master Directions:
1) - IT Governance, Risk, Controls, & Assurance Practice
2) - Outsourcing of IT Services
3) - Digital Payment Security Controls
4) - IT Framework for NBFC Sector
Key Provisions:
🎯 1️⃣ Cybersecurity Policy:
NBFCs must have a Board-approved cybersecurity policy covering risk management, data protection, and incident response, aligned with their IT strategy.
🎯 2️⃣ Management:
Appointment of a Chief Information Security Officer (CISO) who reports directly to the Board or a sub-committee, responsible for overseeing the cybersecurity framework.
🎯 3️⃣ Security Operations Center:
Establishment of a Security Operations Center (SOC) for real-time monitoring, threat detection, and response. Continuous surveillance of networks and applications is mandatory.
🎯 4️⃣ Access Control & Data Security:
Implementation of strict access controls, multifactor authentication, and encryption for data at rest and in transit.
🎯 5️⃣ Incident Response & Recovery:
Development of an Incident Response Plan integrated with Business Continuity and Disaster Recovery (BCP/DR) plans.
🎯 6️⃣ Vendor Risk Management:
Regular due diligence and audits of third-party vendors, with contractual clauses on data protection and incident response.
🎯 7️⃣ HRM - Staff Members Training:
Ongoing cybersecurity training for all staff, including senior management and the Board, to stay updated on threats and best practices.
🎯 8️⃣ RBI Compliance Filing:
Mandatory reporting of significant cyber incidents to RBI within specified timelines, along with regular internal and external audits. Find more at rbicompliance.com
🎯 9️⃣ Regular IT Audits:
Periodic information system audits and vulnerability assessments to ensure compliance and identify gaps.
🎯 🔟 NBFC Case Study Highlights:
A few leading NBFC companies faced significant cybersecurity challenges as they expanded their digital operations, including threats from ransomware, phishing, data breaches, and insider attacks. These companies needed to modernize their IT infrastructure, centralize security management, and ensure compliance with RBI guidelines.
Most of ODFC webinars take place on a rotational basis, date/timing will be allotted to you as per booking. If you need any clarification, we recommend you to chat at the ODFC helpdesk, and attend this webinar as per your convenience. Find more at webinar.odfcdigital.com
WhatsApp 🪀 8779696580
ODFC Digital Helpdesk (INDIA)
Email 📨 help@odfcdigital.com
General, Legal & Technology
Email 📬 ask@nbfc.in