Abstract
Banks have technology-driven business model and are heavily dependent on the Internet. As banks continue to digitize, the attack surface is increasing. Cyber-crimes have the propensity to impact not only an organization’s reputation but also its profitability and economic growth. The apex bank of the country, Reserve Bank of India (RBI), has detected 50,547 cyber-frauds worth a whopping INR 145.08 Crore in India’s scheduled commercial banks the financial year 2018–19 ( Ganjapure, V.: RBI reports over 50,000 cyber frauds in FY 2018–19. Times of India (2019). Retrieved from: https://timesofindia.indiatimes.com/city/nagpur/rbi-reports-over-50000-cyber-frauds-in-fy-2018-19/articleshow/71174635.cms#:~:text=NAGPUR%3A%20The%20Reserve%20Bank%20of,credit%20cards%20and%20internet%20banking) [6]. Hence, the need for banks to be cyber resilient is becoming more and more essential. Cyber resiliency of an organization depends on the IT infrastructure and cyber security measures undertaken; however, a prominent factor to achieve resilience depends on the employees. Confronted with this bleak realization, it is only recently that the need for cyber resilient culture has come into existence. While seminal contribution has been made in the field of cyber security measures in the banking sector, these have typically proposed and explored techniques to enhance infrastructure rather than cyber resilient behaviour. There is a need to look at the cyber resilient behaviour of employees as a potential source of cyber resilience of bank as a whole. This paper presents a novel framework to measure cyber resilience behaviour of Indian bank employees. Cyber-attacks are inevitable, but what will matter now is how fast a bank can recover from vulnerabilities, and this will heavily depend on cyber resiliency of the staff.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ganjapure, V.: RBI reports over 50,000 cyber frauds in FY 2018–19. Times of India (2019). Retrieved from: https://timesofindia.indiatimes.com/city/nagpur/rbi-reports-over-50000-cyber-frauds-in-fy-2018-19/articleshow/71174635.cms#:~:text=NAGPUR%3A%20The%20Reserve%20Bank%20of,credit%20cards%20and%20internet%20banking
Saraswat, V.: Niti Aayog report on cyber security (2019). Retrieved from: http://niti.gov.in/sites/default/files/201907/CyberSecurityConclaveAtVigyanBhavanDelhi_1.pdf
Korolov, M.: Banks get attacked four times more than other industries (Online) (2015). Available: http://www.csoonline.com/article/2938767/advancedpersistent-threats/report-banks-get-attacked-four-timesmore-than-other-industries.html
Obura, F.: Kenya worst hit in East Africa by cyber crime (2017). Retrieved 16 July 2019 from https://www.standardmedia.co.ke/article/2001235820/kenya-worst-hit-in-eastafrica-by-cyber-crime
OED (Oxford English Dictionary) Online. Resilience, OED Online 2018. www.oed.com/view/Entry/163619. Retrieved 14 Mar 2020
Kott, A., Linkov, I.: Fundamental concepts of cyber resilience: introduction and overview. In: Kott, A., Linkov, I. (eds.), Cyber Resilience of Systems and Networks. Springer, Switzerland (2019). Retrieved from: https://springerlink.bibliotecabuap.elogim.com/chapter/https://doi.org/10.1007/978-3-319-77492-3_1
Seville, E., Opstal, V., Vargo, J.: A primer in resiliency: seven principles for managing the unexpected. In: Global Business and Organizational Excellence (2015). Retrieved from: https://onlinelibrary.wiley.com/doi/abs/https://doi.org/10.1002/joe.21600
Dalziell, E.P., McManus, S.T.: Resilience, vulnerability, and adaptive capacity: implications for system performance (2008). Retrieved from https://www.researchgate.net/publication/29489371
Deloitte, T.: Cyber security in Indian banking industry: part 1 (2020). Retrieved from: https://www2.deloitte.com/content/dam/Deloitte/in/Documents/risk/in-ra-cybersecurity-in-the-indian-banking-industry-noexp.pdf
Bogale, M., Lessa L., Negash, S.: Building an information security awareness program for a bank. In: 25th Americas Conference on Information Systems. Cacun, Mexico (2019). Retrieved from: https://www.researchgate.net/publication/336133212_Building_an_Information_Security_Awareness_Program_for_a_Bank_Case_from_Ethiopia
North, P., James, R., Pascoe, R.: Cyber security and resilience It's all about governance. Governance Direct 68(3), 146–151 (2016). Retrieved from: https://search.informit.com.au/documentSummary;dn=003855469276044;res=IELBUS;type=pdf
Wyman, O.: Building a cyber resilient culture (2019). Retrieved from: https://www.oliverwyman.com/content/dam/oliver-wyman/v2/publications/2019/October/building-a-cyber-resilient-culture.pdf
Parsons, K.M., Young, E., Butaviciu, M.A., Cormac, A., Pattinson, M.R., Jerram, C.: The influence of organizational information security culture on information security decision making. 9(2), 117–129 (2015). Retrieved from: https://journals.sagepub.com/doi/full/https://doi.org/10.1177/1555343415575152
Ponemon Institute.: The Third Annual Study on the Cyber Resilient Organization (2018). Retrieved 31 Dec 2018 from: https://public.dhe.ibm.com/common/ssi/ecm/55/en/55015655usen/the-3rdannual-study-on-the-cyber-resilient-organization-whitepaper_55015655USEN.pdf
Caralli, R., Allen, J., White, D.: CERT resilience management model, version 1.2. Pittsburgh: Carnegie Mellon University (2016). Retrieved from: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508084
Joseph, G., Heedon, K., Zhi, L., Cheng, W., Galen, S., Chris, Y.: Cyber risk surveillance: a case study of Singapore. In: IMF working paper, Monetary and Capital Markets Department (2020). Retrieved from: https://www.imf.org/en/Publications/WP/Issues/2020/02/10/Cyber-Risk-Surveillance-A-Case-Study-of-Singapore-48947
NIST: Framework for improving critical infrastructure cybersecurity. (V1.1) (2018). Retrieved 25 Jan 2019 from https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
Reserve Bank of India: Cyber Security Framework in Banks. Retrieved from Reserve Bank of India Circular Number: DBS.CO/CSITE/BC.11/33.01.001/2015–16 (2016)
Vedashree, R., Vishwanath, S.: Cyber Security India Market (2019). (Joint report published by PwC and DSCI) Retrieved from: https://www.pwc.in/assets/pdfs/consulting/cyber-security/cyber-security-india-market.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Godbole, T., Gochhait, S., Ghosh, D. (2022). Developing a Framework to Measure Cyber Resilience Behaviour of Indian Bank Employees. In: Senjyu, T., Mahalle, P.N., Perumal, T., Joshi, A. (eds) ICT with Intelligent Applications. Smart Innovation, Systems and Technologies, vol 248. Springer, Singapore. https://doi.org/10.1007/978-981-16-4177-0_31
Download citation
DOI: https://doi.org/10.1007/978-981-16-4177-0_31
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-4176-3
Online ISBN: 978-981-16-4177-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)