Products
- Products
  
  Platform
  ShadowPlex Advanced Threat Defense
  Deception for early detection of cyber threats with precision and speed
  
  ShadowPlex Identity Protection
  Visibility, management and protection of identity stores and attack paths
  Acalvio Active Defense Platform
  Comprehensive and Award-winning Distributed Deception Platform
  
  What is Active Defense?
  Active defense detects and diverts attacks.
  
  Why do I need Acalvio Active Defense?
  Active Defense deceives and disrupts attackers.
Solutions
- Technology Solutions
  
  Industry Solutions
  Breach Detection
  Active Defense for breach detection and response, both in on-premises and cloud workloads
  
  Identity Threat Detection & Response
  Visibility into Identity attack surface and effective detect & respond solution for identity attacks
  
  OT / ICS Security
  Passive and low-risk agentless solution that is easy to deploy
  
  Active Directory Protection
  Visibility into AD attack surfaces and detection of AD Attacks
  
  Threat Hunting
  Active threat hunting, based on targeted deception, to confirm hunting hypothesis
  
  Ransomware
  AI-Driven Advanced Deception Technology to combat even zero-day Ransomware
  
  Honeytokens for CrowdStrike
  Honeytokens are deceptive credentials and data that are embedded in legitimate assets
  Public Sector
  Targeted solution for protecting Federal agencies in conformation with NIST and CISA recommendations
  
  Healthcare
  Active defense solutions thwart healthcare attacks before they can inflict real damage.
Resources
Partners
- Strategic Partners
- Technology Partners
Company

The Reserve Bank of India – Cyber Security Framework

by Team Acalvio | September 17, 2019

Mandating Robust Attack Detection, Response, and Recovery

The cybersecurity guidelines issued by the Reserve Bank of India (RBI) in 2016 serve as a stark reminder of the need for robust cyber threat detection and response. Although the RBI released extensive IT security guidelines in 2011, it felt compelled to update its guidance with the “Cyber Security Framework in Banks” (CSF) five years later, because the original advisory didn’t sufficiently address the need for post-breach capabilities. Since we at Acalvio are all about “post-breach”, it’s great to see the central bank for such a large country take a leadership role in mandating effective response capabilities.

Let’s look at the Cyber Security Framework at a high level. The core goal of the CSF is to compel banks to establish adequate capabilities to reliably detect, respond to, and contain threats that have penetrated their defenses. This is clear from the three main sections (annexes) of the CSF:

Baseline security controls, including
- Real time monitoring
- Anomalous behavior detection
- Core controls: configuration management, patching, access control etc.
Establishing a Cyber Security Operation Centre
- It is important to note that the SOC guidelines specifically call out the use of honeypot services. This is one of the very few specifications of a particular technology by the framework, which speaks to the clear value of honeypot solutions in detecting and responding to advanced threats.
Establishing an Incident Response plan and supporting program
- The IR plan includes a Cyber Crisis Management Plan (CCMP) which should address incident Detection, Response, Recovery and Containment.
- Incident Notification: Banks must promptly notify the RBI of all “unusual” cyber-security incidents whether successful or not. The notification can take no more than 6 hours, which means that detection and analysis much take place extremely quickly.

“The systems that NEED to be put in place as a part of the Cyber SoC requires the following aspects to be addressed….Counter response and Honeypot services”
Cyber Security Framework in Banks, RBI, 2016

Acalvio Support for RBI Cyber Security Guidelines

Acalvio’s ShadowPlex solution effectively supports the goals of the Reserve Bank of India Cyber Security Guidelines. Acalvio delivers

Fast and accurate event detection, including advanced honeypot services
Adversary engagement and forensics
Threat response to retard attack propagation

We have carefully reviewed the requirements of the Guidelines, our whitepaper enumerates Acalvio’s support for the RBI CSF controls with extensive detail for each control. It must also be noted that what separates Acalvio from all other detection solutions is operational efficiency at scale. Banks do not have unlimited budgets for implementing cyber security, and the more efficiently they can deploy funds, the more effectively they can build a robust defensive architecture.

Take a look at the whitepaper for the details, or go to the original document from the Reserve Bank of India for the broader picture.