RBI Guidelines for Cyber Security Framework
While Information Security focuses on protecting confidentiality, integrity, and availability of information, Cyber Security is the ability to protect or defend the use of cyberspace from cyberattacks. Cyberspace is nothing but interconnected network of information systems or infrastructures such as Internet, telecommunications networks, computer systems, embedded processors and controllers and many others systems.
Traditional information security has limited coverage of risks emanating from cyberspace such as Cyber warfare, negative social impacts of interaction of people (trolling, defamatory viral messages, etc.), software and services on the Internet and threats from Internet of Things (IoT). These and other threats are not classic information security issues and thus need to be covered under a separate Cyber Security Framework. The emerging technologies and tools within the cyberspace is rapidly increasing organizations exposure to new vulnerabilities thereby increasing the risk to the organization. Given the benefits of the cyberspace, it is imperative that organizationsmanage their risk effectively through a robust Cyber Security Framework.