The Master Direction provides necessary guidelines for the regulated entities to set up a robust governance structure and implement common minimum standards of security controls for digital payment products and services.

In exercise of the powers conferred by the Banking Regulation Act, 1949, the Reserve Bank of India Act, 1934 and Payment and Settlement Systems Act, 2007, the Reserve Bank, being satisfied that it is necessary and expedient in the public interest so to do, hereby, issues the directions hereinafter specified.

(more…)

The recent system failure revealed not only issues with the IT system itself but also issues with the operation of the system, such as a need for clarification and better transparency of standards and procedures for recovery, and an absence of rules for order handling in the event of system failures.

The market users making up the Council will consider how TSE should develop its responses to system failures and its rules and regulations from the perspective of investors, taking into account evidence from overseas.
(more…)

Different hunting styles are useful and should be encouraged. Just as  everyone may tackle a puzzle differently, it is often through a diverse set  of unique approaches that the most difficult problems are solved.

Encourage a diverse hunting team with diverse backgrounds; it  will pay off.  Sometimes it is good to hunt with the latest IOCs pulled from
many IOC feeds.

(more…)

In today’s digital economy, data isn’t just a means to create value, it has value itself. If banks were the target of the last century, data is the target of this century. The increasing use of tactics like social engineering and deep fakes, coupled with the ever-present threats of global warfare and infrastructure attacks endanger everything from email servers to our phones. Securing data in the 21st century requires a holistic approach to security operations that starts from the boardroom on down.

(more…)

This ENISA study introduces good practices for IoT security, with a particular focus on software development guidelines for secure IoT products and services throughout their lifetime. Establishing secure development guidelines across the IoT ecosystem, is a fundamental building block for IoT security. By providing good practices on how to secure the IoT software development process, this study tackles one aspect for achieving security by design, a key recommendation that was highlighted in the ENISA Baseline Security Recommendations study which focused on the security of the IoT ecosystem from a horizontal point of view.

(more…)