Govt declares ICICI Bank's IT resources as 'critical information infrastructure'

The government has declared the IT resources of ICICI Bank as 'critical information infrastructure', implying any harm to it can have an impact on national security and any unauthorized person accessing it may be jailed for up to 10 years, according to official notification.

The Ministry of Electronics and IT (MeitY), in the notification dated June 16, declared the IT resources of the private sector lender as critical infrastructure under Section 70 of the IT Act, 2000.

''The Central Government hereby declares the computer resources relating to the Core Banking Solution, Real Time Gross Settlement and National Electronic Fund Transfer comprising Structured Financial Messaging Server, being Critical Information Infrastructure of the ICICI Bank, and the computer resources of its associated dependencies to be protected systems for the said Act,'' the notification said.

The notification authorizes designated employees authorized by ICICI Bank, authorized team members of contractual managed service providers or third-party vendors who have been authorized by the bank for need-based access, and any consultant, regulator, government official, auditor, and stakeholder authorized by the bank on a case-to-case basis to access the IT resources of the lender.

''Looking at the recent sophisticated cyber attacks, it is high time all the banks and financial institutions get themselves notified as a protected system. ''Similarly, the control system of all the electricity, oil, airports, railways, metros and transport systems are critical infrastructure and must be declared as a protected system,'' SP, Cyber Crime, Uttar Pradesh Police and certified cyber expert Triveni Singh said.

As per the Act, 'critical information infrastructure' means a computer resource, the incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health, or safety.

Any person who secures access or attempts to secure access to a protected system in contravention of the provisions shall be punished with imprisonment of a term which may extend to 10 years and shall also be liable for a fine, the Act says.

(This story has not been edited by Devdiscourse staff and is auto-generated from a syndicated feed.)