HDFC Bank Schools Police in CybercrimeCISO Vishal Salvi on New Cybercrime Response Training
This new training program is a component of HDFC's secure banking initiative, which broadly aims to improve awareness about security and fraud challenges throughout the banking channels, from ATMs to online, and across key external stakeholders, including customers, regulators and - in this case - law enforcement agencies.
"We want to understand what [law enforcement's] skills and knowledge are, and really empower them with the skills and knowledge, both from a technical point of view and from on-the-ground experience," says Vishal Salvi, CISO of HDFC Bank.
The cybercrime response training program, delivered as a two-day in-person workshop, has three main goals:
- Impart knowledge about specific cybercrimes to help improve response and investigations;
- Demystify some of the new cybercrime trends and terminology;
- Offer specific examples if cybercrimes - how they are launched, detected and mitigated.
"The training is much more interactive, and therefore more profound, than if you just do classroom work," Salvi says.
One of the benefits to HDFC: It's security staff gains new insight from the police officers. "There are so many things we learn from this whole process," Salvi says. "[Police] give their own examples of modus operandi and what they're seeing, and we are able to then work together with them."In an interview with Information Security Media Group about HDFC's cybercrime response training, Salvi discusses:
- HDFC's secure banking initiative;
- How this training is delivered;
- Metrics for how awareness programs are gauged.
Salvi is CISO and heads the Information Security Group at HDFC Bank. For the past seven years, he has been responsible for driving the information security strategy, policy, risk management, architecture and delivery of the information security program for the bank. He has operationalized best practices into a mature information security framework. Before joining HDFC Bank, Salvi served for 11 years at Standard Chartered Bank, where he had roles in IT service delivery, governance, risk management and information security. During his more than 20 years of industry experience, he has held positions with Crompton Greaves, Development Credit Bank, Global Trust Bank and Standard Chartered Bank.