CERT-In, CSIRT-Fin, and SISA unite to unveil a sector-wide action plan to secure India’s BFSI sector from rising digital threats
In a decisive move to reinforce India’s digital finance defenses, the Ministry of Electronics and Information Technology (MeitY) has launched the Digital Threat Report 2024 for the Banking, Financial Services, and Insurance (BFSI) sector. The report—jointly produced by CERT-In, CSIRT-Fin, and cybersecurity leader SISA—delivers a timely and tactical roadmap to combat rising cyber threats across India’s financial ecosystem.
Launched by senior government officials and cybersecurity experts, the report is a direct response to the rapidly evolving cyber threat landscape intensified by AI-driven attacks, phishing campaigns, and increasing transaction volumes.
“In the digital economy, resilience is the new currency.”
— Dr. Sanjay Bahl, DG, CERT-In
“A single cyberattack can ripple across the entire financial system,” warned Shri S. Krishnan, Secretary, MeitY. “This report is vital to helping the sector respond with unified, coordinated defenses.”
Blueprint for a Secure Financial Ecosystem
The Digital Threat Report analyzes systemic vulnerabilities and pinpoints the most pressing digital threats facing the BFSI sector. Drawing on forensic data from SISA, oversight from CERT-In, and incident intelligence from CSIRT-Fin, the report provides strategic insights and operational guidance.
“Cybersecurity isn’t just a tech issue—it’s a trust issue.”
— Ashish Tandon, Founder & CEO, Indusface
“Cybersecurity is the foundation of financial stability in the digital age,” noted Shri M. Nagaraju, Secretary, Department of Financial Services. “This is not just regulatory compliance—it’s an economic imperative.”
With digital payments expected to cross $3.1 trillion by 2028, the report stresses the urgency for BFSI institutions to adopt a more proactive, intelligent approach to cybersecurity.
“A single cyberattack can ripple across the entire financial system.”
— Shri S. Krishnan, Secretary, MeitY
Industry Perspective: A Strategic Shift for India’s BFSI Cyber Defense
Debojit Maitra, former CISO at Aditya Birla Fashion and Retail Ltd., welcomed the report as a milestone in India’s cybersecurity evolution: “Given the rapid digitization of banking and financial services, this report is a crucial step toward understanding sector-specific threats. It shows that the government is not just reacting to attacks, but proactively strengthening the nation’s cybersecurity framework.”
He emphasized the strength of the collaboration behind the report: “The partnership between MeitY, CERT-In, CSIRT-Fin, and SISA brings together policy, technical expertise, and real-world threat intelligence—creating a powerful alliance for action.”
“This report signals a maturing cybersecurity mindset in India’s financial sector—one that values foresight as much as defense.”
Debojit Maitra, Ex-CISO, Aditya Birla Fashion and Retail Ltd.
Maitra also highlighted the need to build resilience—not just response mechanisms: “By mapping emerging threats and identifying system vulnerabilities, the report helps BFSI organizations shift from reactive to resilience-focused cybersecurity, which is essential in the age of AI-driven fraud and ransomware.”
Placing the initiative within a broader national context, he added: “This aligns well with India’s broader push for digital trust and secure digital infrastructure under the Digital India initiative—especially with the rise of UPI, digital lending, and neo-banks.”
Looking ahead, Maitra sees even deeper implications for the future: “While not mentioned explicitly, such initiatives could eventually pave the way for quantum-safe cryptography in BFSI, especially as the Quantum Internet and computing mature in the coming decade.”
Five Strategic Pillars for the Future
Adding depth to the discussion, Ashish Tandon, Founder & CEO of Indusface, underscored the complexity of modern attacks:
“The rise of multi-vector attacks, API targeting, and automated bot threats calls for security that’s integrated, intelligent, and managed 24/7,” said Tandon.
“This is not just about technology—it’s about building trust, resilience, and continuity.”
“Cybersecurity is the foundation of financial stability in the digital age.”
— Shri M. Nagaraju, Secretary, Department of Financial Services
He outlined five strategic priorities aligned with the report:
- Holistic application security across all digital interfaces
- Responsible AI adoption for accurate, unbiased detection
- Seamless regulatory compliance integration
- Scalable managed security models for adaptability
- Commitment to digital trust as a long-term investment
“Cyber resilience is built on shared intelligence.”
— Dharshan Shanthamurthy, Founder & CEO, SISA
Strengthening Collective Cyber Defense
The message across the board was clear: cybersecurity in the BFSI sector demands collaboration. Dr. Sanjay Bahl, DG of CERT-In, reiterated the importance of ecosystem-wide vigilance:
“This report is designed to empower institutions to outpace threats and build long-term resilience,” said Bahl. “We must secure not just systems, but trust itself.”
Dharshan Shanthamurthy, CEO of SISA, added: “Cyber resilience is built on shared intelligence. Our joint effort delivers actionable insights that prepare financial institutions for what’s next.”
A Call to Action
The Digital Threat Report 2024 marks a pivotal shift in India’s approach to financial cybersecurity—placing foresight, collaboration, and readiness at the core. As digital transactions grow, the report serves as both a warning and a strategic guide for the nation’s financial institutions to stay ahead of increasingly sophisticated adversaries.