Ashwini Pandey, CISO, Oriental Bank of Commerce, gave all credits to the Cyber security Incident Response Plan which enabled the bank to continue banking business amid series of lockdowns and work-from-home limitations. He informed that with the merger of the bank with United Bank of India and Punjab National Bank, integration of IT platforms of the three banks is expected to be completed within 6 months
Early 2020 is a prime example of how quickly threats can change and take advantage of vulnerabilities. As Covid-19 spread across the world and became a global pandemic, cybercriminals deployed persistent campaigns that capitalised on the uncertainty and fear related to the corona virus and, in some cases, reduced cyber security measures because of the surge in employees working from home.
In the current scenario, security leaders need to strengthen their focus on the entire threat lifecycle which includes planning and detection, in-the-moment response and remediation & recovery. While responding to a query on Oriental Bank of Commerce’s preparedness on cyber security front, Ashwini Pandey, CISO, Oriental Bank of Commerce (OBC), asserted that as an organization they had been working even before the pandemic to build their Cyber security Incident Response Plan. “Under the plan, we ensured that endpoints of people working from home remain as secure as our corporate endpoints. We ensured that each stakeholder has latest antivirus as per our company policy.”
He further added that the company integrated the remote systems with the privilege management system to ensure accessibility as per the roles and requirements. “We allowed bare minimum access to the stakeholders so that they can perform only the tasks which are required. These strict guidelines and processes enabled us to safeguard our systems during the pandemic and WFH scenario. The journey so far has been fantastic.”
In the BFSI segment, having a user id and a password was considered safe a decade back. However, threat vector has evolved drastically as the applications around the core banking system have evolved. “To circumvent evolving threats, we have implemented multi-factor authentication for users. In addition, we have deployed security operation center with all the latest technologies including network access control, network behaviour analysis and privilege identity management,” shared Pandey.
On the efficacy of digital systems to prevent NPA and liquidity crisis amid the pandemic, Pandey stressed on the presence of early warning systems in the banking process. “A good MIS, core banking solution and data warehousing system can help in a big way to avoid such scenarios. While we already have MIS and CBS with us, the data warehousing system implementation is under progress.”
IT Infrastructure Integration
With the merger of OBC, United Bank of India and Punjab National Bank, integration of IT platforms of the three banks is expected to be completed by March 2021. The merger between the three banks took effect on April 1, 2020. However, the Covid-19 outbreak has delayed the process of integration by a couple of months. “We have formed over 30 task force teams to smoothen out rough edges in the IT integration and to avoid any disruption in banking services. The task force have been drawn from various verticals of the three banks to ensure complete synergy between the banks. The integration will take another 5-6 months to complete,” informed Pandey.
He added that integration of core banking solution of the three banks will take majority of the time as the banks are operating on different versions of Finacle CBS.
With the merger, the combined entity now has about 11,000 branches, more than 13,000 ATMs, one lakh employees and a business mix of over Rs 18 lakh crore.