DR. HAROLD D’COSTA,
PRESIDENT, CYBER SECURITY CORPORATION
“While we speak extensively about data security and defense, the real question is what remedial measures exist from a techno-legal perspective when a breach actually occurs. In India, electronic evidence is still rarely tested decisively in courts, and many breaches pass without legal consequence. Incident response plans often look polished on paper but collapse under real adversary pressure. Organizations remain compliance-driven— focused on satisfying auditors rather than surviving breaches. There are no cyber drills, no tabletop exercises, no stress testing. Teams freeze due to lack of rehearsal, unclear chains of command, and absence of decision authority. Under Section 85 of the Information Technology Act, 2000, directors can be held liable, and under the DPDP Act, penalties may reach ₹250 crore. Yet awareness of these techno-legal implications remains limited.
When breaches occur, panic overrides process—systems are isolated without preserving forensic evidence, PR reacts late, leadership overrides technical judgment, and legal teams stall decisions. Evidence preservation is crucial to identify bad actors and ensure admissibility in court. Incidents must be reported within six hours to CERT-In and within seventy-two hours to the Data Protection Board under DPDP.
Organizations need structured playbooks-clear escalation matrices, defined containment thresholds, independent CISO and DPO roles, measurable KPIs such as mean time to detect and contain, threat intelligence integration, and resilient backup strategies including immutable, isolated storage. Compliance without execution is shelfware. Proactive readiness—not reactive response—is the only sustainable path to cyber- attack mitigation.”
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
