India’s BFSI sector faces cyber threats head-on with launch of Digital Threat Report 2024

New Delhi: In a significant step towards enhancing cybersecurity in India’s Banking, Financial Services, and Insurance (BFSI) sector, SISA, a global Cybersecurity company, CERT-In (MEITy), and CSIRT-Fin collaborated to launch the Digital Threat Report 2024 on Monday.

This landmark initiative addresses the escalating cyber threats financial institutions face as they navigate an increasingly digital landscape. The report was launched in the presence of key figures, including M Nagaraju, Secretary of the Department of Financial Services, and S Krishnan, Secretary of the Ministry of Electronics and Information Technology.

As the report highlights, the BFSI sector is witnessing rapid digital transformation. Digital payments are expected to generate a staggering $3.1 trillion by 2028, accounting for 35 per cent of total banking revenues. However, this shift enhances the attack surface for cybercriminals, making robust defences critical.

The report further explains critical control gaps that continue to persist across industries.

Weak access controls, over-privileged user accounts, and misconfigurations expose even the most fortified organisations. This report highlights how these vulnerabilities are not merely by-products of oversight but structural weaknesses that adversaries consistently exploit to devastating effect.

It equips financial institutions with the insights to prepare for today’s and tomorrow’s cyber threats.

The report highlights some of the significant attacks the BFSI sector is facing in the form of Data Exfiltration, Ransomware attacks exposing sensitive client data, Insecure API exploitation leading to unauthorised access, the threat of Quantum Computing, third-party data breaches compromising personal information, Internal Threats etc. along with the recommendation for protecting and strengthening the cyber security posture and resilience of organisations.

During the launch, Nagaraju emphasised the pivotal role of cybersecurity in safeguarding economic stability, stating, “Cybersecurity is no longer an optional safeguard but the foundation of financial stability in the digital age.” He highlighted the necessity for an integrated approach that combines technology, regulatory compliance, and proactive threat intelligence, underscoring the importance of securing digital transactions in a rapidly evolving marketplace.

S Krishnan noted, “The interconnected nature of the BFSI ecosystem means that a single cyberattack can have systemic repercussions.” This observation calls for a coordinated national response to cybersecurity threats, emphasising that collaborative efforts are vital in mitigating the risks that threaten financial stability.

While speaking to Millennium Post, Krishnan emphasised the significance of cybersecurity awareness across all industry sectors. He stressed the importance of self-reliance in cybersecurity, asserting that domestic technology plays a vital role. He noted that heightened vigilance and caution are essential, particularly in digital payments and personal data sharing.

The Secretary highlighted that cybersecurity encompasses multiple dimensions and that citizens must be informed and vigilant.

Sanjay Bahl, Director General of CERT-In, echoed this sentiment, stating, “Cybersecurity is not just about protecting individual entities—it’s about securing an entire ecosystem.” He emphasised the necessity for collaborative intelligence-sharing among stakeholders to adapt actively to evolving threats.

“In today’s hyper-connected world, threats evolve faster than ever, making collaborative intelligence-sharing essential. This report is meant to empower financial institutions to stay ahead of adversaries, adapt to emerging risks, and build long-term cyber resilience,” he added.

Dharshan Shanthamurthy, Founder and CEO of SISA, reinforced the report’s collaborative spirit, affirming, “Cybersecurity resilience is built on collaboration.” SISA’s integration of real-world threat intelligence and national oversight aims to empower financial institutions and ensure they are equipped to combat evolving cyber risks.