TheCyberExpress

AI Cyber Attacks Top Threat To Indian Banks: RBI


The Reserve Bank of India (RBI) has identified AI Cyber Attacks as the biggest near-term cybersecurity threat facing the Indian banking system, according to the June 2026 edition of its Financial Stability Report (FSR). The central bank’s latest assessment highlights that while banks and financial institutions have strengthened cyber risk management practices, rapid advances in artificial intelligence are making cyber threats more difficult to counter.

The findings are based on a survey conducted by the RBI to assess the preparedness of major banks and non-banking financial companies (NBFCs) against evolving cyber risks. The survey found that institutions have established robust cybersecurity practices, particularly in vulnerability assessment and penetration testing of critical systems. However, AI Cyber Attacks emerged as the most significant challenge expected over the next 12 months.

AI Cyber Attacks Lead RBI’s Cyber Risk Assessment

According to the RBI Financial Stability Report, AI-enabled cyber threats can increase the speed, scale and sophistication of attacks targeting financial infrastructure. Survey responses showed that most financial institutions are still in the developing or intermediate stages of integrating AI-specific threat preparedness into their existing cybersecurity frameworks, while only a smaller number reported mature capabilities.

The report states that continued improvements in threat monitoring, detection, response mechanisms, employee awareness and cyber resilience will remain critical as AI-powered attacks continue to evolve.

Cybersecurity Practices Improve, But Gaps Remain

The RBI noted that financial institutions have made significant progress in cyber risk management. Regulatory reporting processes and board-level reporting of major cyber incidents have also matured.

However, the report identified employee cybersecurity awareness and training as areas requiring further improvement, noting that human behaviour remains one of the most exploited entry points for cyberattacks. It also highlighted the need to strengthen forensic preparedness to improve incident response, preserve digital evidence and support regulatory and law enforcement investigations following sophisticated cyber incidents.

report-ad-banner

The survey further revealed that around 67 percent of respondents increased IT and cybersecurity staffing between March 2025 and March 2026.

Additionally, 71 percent reported higher cybersecurity spending as a share of overall IT expenditure during the last three financial years.

Third-Party Risk Emerges as Second Biggest Concern

Beyond AI Cyber Attacks, the RBI ranked third-party risk and supply chain dependencies as the second most important cybersecurity challenge for the financial sector.

The survey found that 93 percent of respondents rely partially or substantially on external vendors for cybersecurity functions such as security operations centre monitoring, cloud security, incident response, threat intelligence and vulnerability assessments. Three-fourths of respondents also reported moderate to very high dependence on third-party technology providers for critical applications.

According to the RBI, a major cyber incident affecting a common service provider could rapidly disrupt multiple regulated entities and create broader financial stability risks.

Growing Digital Transactions Increase Cyber Risk

The report noted that cyber risk has become a major financial stability concern as India’s financial ecosystem becomes increasingly digital and interconnected. About 79 percent of surveyed institutions said more than three-fourths of their customer transactions are now conducted through digital financial services.

Although 98 percent of respondents rated their current cyber risk exposure as very low to moderate and reported minimal disruption to customer services during 2025-26, nearly one-third indicated that cyber risk had increased compared with the previous year.

The RBI also observed that geopolitical uncertainty is contributing to the evolving threat landscape, with 42 percent of surveyed institutions believing it has increased the likelihood of cyberattacks.

Financial Sector Cybersecurity Strategy Advances

The report said the proposed Financial Sector Cybersecurity Strategy is at an advanced stage of formulation. Developed by an Inter-Ministerial Group under the Financial Stability and Development Council, the strategy aims to establish governance frameworks, regulatory harmonisation and implementation timelines across the financial sector.

The RBI said the strategy will address cybersecurity risks associated with artificial intelligence, cloud computing, quantum technologies, third-party dependencies, consumer protection and cross-sector critical infrastructure, strengthening the resilience of India’s financial system against emerging cyber threats.



Source link