Cybersecurity is the practice of protecting computer systems, networks, and digital information from unauthorized access, theft, damage, or disruption. With the increasing use of technology in our daily lives, cybersecurity has become more critical than ever before. In the digital transformation era, the growing reliance on technology and the increasing interconnectedness of devices and systems has brought about new cybersecurity risks and challenges. As organizations across industries embrace digital technologies to drive innovation, efficiency, and growth, cybercriminals are also ramping up their efforts to exploit vulnerabilities in these systems.
Cybersecurity has become a critical concern for businesses, governments, and individuals alike. The consequences of a cyber attack can be devastating, ranging from financial loss and reputational damage to intellectual property theft and even physical harm in some cases. The rise of cloud computing, AL & ML, mobile devices, and the Internet of Things (IoT) has further expanded the attack surface, making it more challenging to secure digital assets and data.
As a result, the importance of cybersecurity has grown exponentially in recent years. Organizations must now invest in robust cybersecurity measures to safeguard their networks, systems, and data from potential threats. This includes implementing access controls, firewalls, encryption, and other security technologies to prevent unauthorized access, detecting and responding to threats in real-time, and conducting regular security assessments to identify vulnerabilities and strengthen defences.
In summary, in the digital transformation era, cybersecurity is no longer a nice-to-have but a must-have for organizations of all sizes and sectors. The growing importance of cybersecurity is driven by the need to protect digital assets and data, maintain business continuity, comply with regulatory requirements, and preserve the trust of customers and stakeholders.
Indian businesses should create cloud infrastructure like hybrid multicloud
Evolving cybersecurity industry in India
Today, cybersecurity and data security are crucial because they safeguard personal and professional information. As data is shared internally and externally, insider threats like data theft are also a serious concern. To protect data, we must adhere to security policies, procedures, and legal requirements. The evolution of threat intelligence and mitigating the potential threats before they could cause any harm to the systems is thus essential. Clearly, there is an urgent need to manage these cyber threats by guarding against unauthorized entry, disruption or damage to the targeted computer systems and destruction of data. Cloud-native platforms, AI, ML and Quantum Computing (QC) are some of the emerging technologies that are gaining traction in the market. It is cloud-based storage that enhances scalability and flexibility and helps customers in meeting the demands in terms of data storage and security.
Biggest challenges for Indian businesses
Indian businesses are undergoing a huge transformation. However, they do face various challenges when it comes to cybersecurity. Indian businesses are facing constant threats of data theft. Most of them lack the skilled personnel and adequate resources to defend against cyberattacks as we have always moved on a traditional path and such innovative technologies are a new trend in the industry. To address such issues, Enterprises need to have a good budget, which has been a serious concern and a barrier to addressing cyber security issues. Because of these low investments, businesses are easy targets for cybercriminals and malware. Due to the advanced increment in the tech-centric modus operandi in businesses, they are working on huge databases that are susceptible to cyber threats as they are stored on large servers.
Potential risks associated with the increasing adoption of emerging technologies
Emerging tech is a space that provides exceptional new-age technologies and helps in the upskilling of Indian businesses and industries, be it in terms of volume, data storage, cloud transformation or easy accessibility through different servers and granting safety to the data. The technology and open source of the networks that one works on further increase the threat to data in different forms like ransomware, malware, data theft, etc. Around 77 percent of Indian business executives share that cybercriminal activity is the biggest organizational threat and 62 percent view insider threat as a major challenge.
India improving its cybersecurity readiness
There must be a body to monitor the cybersecurity movement. Indian businesses need to create cloud infrastructure like the hybrid multicloud for storing huge databases to protect the data from all the malware and spam. Nutanix can be the appropriate cloud partner for them in their cybersecurity journey. It offers hybrid cloud infrastructure, multicloud management, along with unified storage and database services to businesses to support all types of workloads.
Faiz Shakir
Managing Director-Sales, India & SAARC, Nutanix
India's cybersecurity landscape evolved rapidly along with digitalisation and cloud adoption initiatives
Evolving cybersecurity industry in India
According to our recent XDR (Extended Detection and Response) research report, 71% of cybersecurity professionals feel they’re losing ground against cybercriminals. With the growing number of endpoints and ever-increasing attack surface, cybercriminals now have a diverse set of entry points for targeting enterprises. Security operations team must be empowered to detect, respond, and remediate sophisticated attacks in real time. XDR is one of the most promising technologies that predicts, identifies, and remediate threats in a more coordinated and orchestrated manner. With its unique living XDR architecture, Trellix provides cutting-edge cyber threat intelligence and adapts according to the threat posed.
Biggest challenges for Indian businesses
Given the digitalisation explosion & dynamic nature of the cyber world, Indian businesses face a variety of cybersecurity-related challenges. Insufficient SOC resources to tackle cyber threats, a lack of awareness, increasing sophistication of cyberattacks, and potential threats like phishing, malwares are the primary concerns. Organizations that are dealing with the targeted and sophisticated threats today can enhance their security posture by adopting the XDR framework. A living security platform enables an XDR ecosystem to learn and adapt to the evolving threat landscape, keeping them always safe from potential breaches.
Potential risks associated with the increasing adoption of emerging technologies
ChatGPT is a potent language model that has been a most talked topic of discussion recently. While it can help strengthen cybersecurity by creating code, procedures, guided investigations, and plans that can aid in countering such threats, it can also be misused to create malicious codes like evasive malwares, ransomware, or phishing emails campaigns. ChatGPT AI engines can potentially be leveraged by threat actors to create complex threats that can have massive reach and impact.
India improving its cybersecurity readiness
India's cybersecurity landscape has evolved rapidly keeping up with digitalisation and cloud adoption initiatives. Today, there is already a growing demand from private and public sector organizations alike for a comprehensive security strategy and for security platforms to advance at the same rate as cyber threats. At the same time, businesses must investment in cutting-edge security technologies powered by AI and ML to help identify threats in real time.
Rahul Arora
Managing Director, India & South Asia, Trellix
Zero Trust approach to cybersecurity aiding organisations to strengthen cyber resiliency and reduce security complexity
Evolving cybersecurity industry in India
Cybersecurity is being recognised as an essential need for digital transformation of India Inc. Revenue in India’s cybersecurity market is projected to reach US$2.37bn in 2023. With businesses being more open to spending towards cybersecurity, Dell Technologies 2022 Global Data Protection Index report also highlighted 41% of the businesses would want to adopt a Cyber Recovery as-a-Service model in the next 12 months. Zero Trust is gaining traction with about 91% of organisations around the globe planning to deploy a Zero Trust architecture.
Biggest challenges for Indian businesses
Some of the biggest challenges to cybersecurity remain infrastructure upgrades, lack of data science skills, and a future-ready security strategy to take on sophisticated risks. Businesses need to urgently move to a prevention-first cybersecurity strategy. Until businesses consider cyber recovery in an as-a-service model, their cybersecurity plan needs to ensure that their protection is not only limited to their infrastructure but is extended to their applications and data. This will ensure that the whole value chain and all of the employees are secured from the core till the perimeter. Leadership can also take on an empathetic role to understand the challenges of their employees when it comes to data skills and help them build on cybersecurity best practices. A Zero Trust approach to cybersecurity will help organisations to strengthen cyber resiliency and reduce security complexity.
Potential risks associated with the increasing adoption of emerging technologies
New-age technologies like AI, ML, IoT and cloud computing will definitely augur new opportunities for the Indian businesses. However, with increasing connectedness and lack of data management infrastructure, the surface area for attacks has also been increasing. Without a robust cybersecurity plan, the new-age technologies can contribute to more vulnerability which would mean loss of critical data.
India improving its cybersecurity readiness
Data is the currency of the internet economy and a critical asset that must be protected at all costs. To reduce business risk caused by cyberattacks and to create a more cyber resilient approach to data protection, Indian enterprises must modernise and automate their recovery and business continuity strategies and leverage the latest intelligent tools to detect and defend against cyber threats. Solutions and services which can ensure that a clean copy of data free from corruption can be recovered, will be essential. Future-ready solutions like air gap cyber vaults and integrated IT solutions which strengthen servers and storage, will be the way forward.
Ripu Bajwa
Director and General Manager, Data Protection Solutions, Dell Technologies India
The growing importance of cybersecurity in the digital transformation era
Evolving cybersecurity industry in India
The cybersecurity industry in India is growing rapidly due to increasing digitization and awareness of the need for strong cybersecurity measures. Emerging technologies such as Artificial Intelligence (AI), Machine Learning (ML), Internet of Things (IoT), and quantum computing provide growth prospects, but also pose risks such as increasing the attack surface and using generative AI models to create more authentic phishing emails or automate malicious codes. Therefore, individuals and organizations need to become more vigilant.
Biggest challenges for Indian businesses
With timely intervention and clear visibility across the threat landscape, organizations can effectively combat cybercriminals. Small and medium-sized businesses in India should invest in advanced cybersecurity solutions such as cloud-based security services and managed security services. They should also stay up-to-date with the latest threats and invest in solutions such as zero trust approach to protect identity, using multifactor authentication, and firewalls, eliminating misconfigurations, incorporating email security software to detect phishing emails, investing in elite threat hunting, intrusion detection systems, antivirus software, investing in employee training and awareness programs to ensure that their employees understand the importance of cybersecurity.
Potential risks associated with the increasing adoption of emerging technologies
As adversaries increasingly target cloud environments, the cloud continues to evolve as the new battleground. According to CrowdStrike’s 2023 Global Threat Report, cloud exploitation has skyrocketed with a 95% increase in observed cloud exploitation cases and a 300% increase in observed ‘cloud-conscious’ threat actors over 2021.To address these challenges, cyber-security should be woven into the digital fabric to achieve a state of “security by design”. With CrowdStrike’s cloud-native Falcon Platform, our customers can gain advanced end-to-end visibility and protection of any workload across endpoints, clouds, and identities.
For the third consecutive time, IDC has recently ranked CrowdStrike #1 in worldwide modern endpoint security market shares. Our customers are leveraging the CrowdStrike Falcon platform to consolidate their security stack and save on operational costs. They want to easily and cost-effectively protect the broader attack surface including the endpoint, cloud, identity and more. Unlike any other solution, CrowdStrike Falcon adapts and continuously evolves to its environment with AI and ML processing beginning on the sensor and dynamic communication with the CrowdStrike Security Cloud.
Nitin Varma,
Managing Director - India & SAARC, CrowdStrike
‘Businesses are fast adopting digital models to grow and expand their markets’
Evolving cybersecurity industry in India
Contemporary market conditions in India have prompted businesses to modernize their operations and undergo significant digital transformation. Businesses are fast adopting intelligent technology solutions that facilitates innovation, wider market reach, operational efficiency, and enhanced customer experience. Hybrid work models have become more prevalent, offering greater flexibility and accessibility to company data from anywhere and any device. However, working outside the secured perimeter increases the risk of cybersecurity vulnerabilities, particularly with the constantly evolving threat landscape.
Biggest challenges for Indian businesses
For the new ‘Digital’ normal, there is a need to address the cyber security challenges which are becoming far more pervasive and sophisticated than ever before. The recent increase in cyber-attacks has mandated both large and MSMEs to take a serious look at their cybersecurity measures as their vital infrastructure goes digital. With the growing cyber-attacks like phishing, malware, distributed denial of service, data breach, ransomware etc it has become imperative for the businesses to confront their digital preparedness in tackling these cyber threats. Businesses cannot afford to lose any sensitive data as this can be highly detrimental on their revenues and reputation.
Potential risks associated with the increasing adoption of emerging technologies
AI, ML, IoT – these are emerging technologies, and we are seeing some tremendous use cases across industry segments. These technologies give organizations the ability to develop new business models or undergo digital transformation which offers endless benefits such as improved real-time interaction with customers, accurate insights, better inventory management, higher employee productivity, better resource allocation, effective forecasting resulting in more efficient business decisions.
India improving its cybersecurity readiness
Businesses are fast adopting digital models to grow and expand their markets. But for many enterprises, especially small and medium businesses, limited knowledge and lack of IT resources remain a crucial problem when it comes to taking care of their security needs. Thus, they always look for cost effective all in one solution that is nimble, capex and asset light and easy to install on ‘pay as you go’ model.
Therefore, the onus lies with technology providers like us to develop relevant solutions at the right price point to support these enterprises in their digital journey. To this effect, we have introduced innovative smart tech solutions like ‘Smart Internet’ that enables SMBs to get robust connectivity, security, manageability, and clear visibility of their users and network.
Aditya Kinra
Vice-President, Tata Teleservices
Lack of awareness is the biggest challenge
Evolving cybersecurity industry in India
The digital era has dawned in India, with businesses adopting new technologies and shifting to new ways of working. This has undoubtedly attracted bad actors to strategize unique methods to attack them. According to a report by CERT-In, India reported 13.91 lakh cybersecurity incidents last year, indicating a growing number of cyberattacks. The cybersecurity market in India is expected to grow at a CAGR of 13.37% from 2022 to 2027, reaching USD 317.02 billion by 2027, as businesses mitigate and combat these risks by adopting emerging technologies such as AI/ML, distributed cloud, and 5G.These technologies can analyze vast amounts of data and identify patterns that are not easily detectable by humans, which businesses are using to develop security solutions to prevent, detect and respond to cyberattacks in real-time.
Biggest challenges for Indian businesses
The biggest challenge is the lack of awareness, where many Indian businesses are unaware of the latest cybersecurity threats and best practices. They may not have dedicated cybersecurity personnel or adequate training programs for employees. Other challenges include limited resources to purchase/avail the technology and unskilled talents. To address these challenges, businesses should invest in cybersecurity awareness programs and training for employees to help them recognize and prevent cyber threats. Additionally, cost-efficient and easy-to-install solutions are required to enable organizations to effectively use these services.
Potential risks associated with the increasing adoption of emerging technologies
Further to the emerging technologies, Generative AI has gained broad popularity with the introduction of ChatGPT – an OpenAI project. However, many security experts are concerned that it might introduce new cyber risks and increase the threat surface. The primary concern would be social engineering, where the tool can manipulate humans to share sensitive information with bad actors, resulting in serious attacks. The other concern is that ChatGPT can increase the number of phishing emails. The high intelligence of the tool can write emails with fewer or no spelling errors and syntax mistakes, improving the quality of phishing emails significantly, and deceiving the receiver to believe it is a genuine email.
India improving its cybersecurity readiness
Indian businesses need to invest proactively in better IT infrastructure, holistic security solutions, the right partner and solutions that are cost-effective, easy to deploy and handle real-time customer complaints to improve cybersecurity readiness and capacity building. It is imperative for businesses to provide adequate training and education to their employees to enable them to handle attacks effectively.
Dhananjay Ganjoo
Managing Director, India and SAARC, F5
Prevention-first security solutions help in driving security readiness
Evolving cybersecurity industry in India
The cybersecurity market in India is projected to reach the revenue milestone of US $2.37 B in 2023, according to Statistica. This growth is driven by several factors such as the adoption of a cloud-first strategy, connectivity proliferation, an expanding threat landscape fuelled by a continued remote work strategy, and data privacy.
With the introduction of advanced technology like 5G, Web 3.0, metaverse, AI generative software and IoT adoption, we can expect that this is going to make the industry more prone to sophisticated Gen V and Gen VI attacks. These advanced technologies are going to decentralize the data, shift the physical infrastructure to cloud-based platforms and operate on edge computing.
Biggest challenges for Indian businesses
According to Check Point Threat Intelligence Report, an organization in India is attacked an average of 1787 times per week in the last 6 months, compared to 983 attacks per organization globally,as the world experiences the 5th generation of cyberattacks large-scale, multi-vector, mega attacks targeting businesses, individuals, and countries. Most businesses are trying to protect their IT environments against current attack technology with security technology from 10 years ago that relies on detection only. They are stuck in the world of 2nd and 3rd-generation security, which only protects against viruses, application attacks, and payload delivery. Networks, virtualized data centers, cloud environments, and mobile devices are left exposed.
Potential risks associated with the increasing adoption of emerging technologies
Check Point researchers have discovered that ChatGPT can be used to create malicious emails, malware, and codes that can be used to hack organizations. Hacking forums on the dark web are attempting to use this program for malicious purposes such as creating info stealers, encryption tools and phishing lures, etc. In fact, miscreants are using it in a creative way like developing cryptocurrency payment systems with real-time currency trackers to add to dark web marketplaces.
India improving its cybersecurity readiness
Organisations should also play their part in driving security readiness and capacity building especially for prevention-first security solutions which work to prevent attacks from taking place, rather than just detecting them after the organisation has been breached. They need to implement comprehensive, collaborative and consolidated security options to protect their multiple attack surfaces – from endpoints, networks and cloud to email and even mobile.
Manish Alshi
Head of Channels and Growth Technologies - India & SAARC, Check Point Software Technologies
‘The role of CISO needs to be made meatier by giving it more responsibility and authority’
Evolving cybersecurity industry in India
Digitization and disturbances at the global level has seen an increase in both the number and complexity of cyber threats. The Government of India has responded to this challenge with the launch of a dedicated Cyber Security Division under MeitY that constantly assesses threats and corresponding regulatory frameworks to mitigate cybersecurity risks. The private sector is also actively involved in building strong cybersecurity infrastructure as enterprises recognize the need to establish robust cybersecurity measures to safeguard their sensitive data. In terms of growth, India’s cybersecurity industry is well-positioned and is slated to reach $2.65 billion in 2023. However, the role of CISO needs to be made meatier by giving it more responsibility and authority, in line with the western countries.
Biggest challenges for Indian businesses
With the pandemic, digital transformation initiatives in most organizations have accelerated by years. Business continuity has taken a different meaning. Having infrastructure availability is no longer good enough. Companies are gearing up so that any disruption in access to devices or networks or offices doesn’t disrupt critical business processes. This is also leading to outsourcing key business processes.
All this has completely changed the cyber threat landscape. Companies can no longer look at the security in the traditional way. One can no longer be comfortable within a perimeter. There is no perimeter. DATA has become the center stage of all security strategies. Technologies that help in identifying, tagging, protecting and tracking business sensitive data are becoming key drivers in the digital transformation process.
Potential risks associated with the increasing adoption of emerging technologies
The increasing adoption of emerging technologies like AI, ML, IoT, and cloud computing in India has brought about several potential risks. One of the major risks is the increased vulnerability to cyber-attacks, data breaches, and privacy violations. Many of these technologies work on large data repositories. These data repositories can become juicy targets for hackers and cybercriminals.
India improving its cybersecurity readiness
The advent of the 5G network and advanced AI applications like ChatGPT has accelerated India's path towards becoming a digital nation. However, Indian enterprises are still struggling to keep up with the security concerns arising from these technologies. It is important to improve cybersecurity awareness among individuals and businesses by introducing specialized courses at university levels. India can also foster cybersecurity innovation through better industry-academia collaboration.
Abhijit Tannu
CTO, Seclore
CISOs are investing in building a culture of Zero Trust
Evolving cybersecurity industry in India
Modern CISOs are battling unconventional cyber threats at far more increasing frequencies than before. India witnessed 13.91 lakh cybersecurity incidents in 2022, according to a CERT-In report. It is clear that rapid digitalization, remote work, and increased collaboration have made enterprises vulnerable.
Customer-centric enterprises are no longer complacent about cyber security. They are asking if their existing cyber risk programs can tackle emerging risks and how they can foster a culture of risk awareness and resilience. Along with creating new growth opportunities, CISOs are leveraging digital technologies to build a culture of Zero Tolerance, and looking towards concepts like Secure Access Service Edge (SASE) and consumer privacy rights.
Biggest challenges for Indian businesses
Ransomware, data leaks, phishing, and malware attacks are some of the cybersecurity challenges facing Indian businesses. Digitalization has also increased mobile and internet banking fraud, currently some of the biggest concerns for banks. According to Deloitte India’s Banking survey 2022, 40% of the frauds in India can be attributed to digital and cyber-related issues. Enterprises can no longer just react to a threat or vulnerability. They have to be able to look into the future, proactively identify risks, and be prepared. CISOs are already investing in building a culture of Zero Trust through frequent training and workshops. An organization is truly secure when everyone in the organization realizes the need to be aware and understands the impact of cyber threats. Additionally, CISOs can invest in platforms and solutions that provide end-to-end data protection and decrease threat and risk exposure across the organization. They can use AI- and ML–based platforms for security automation, malware analysis, containment, and eradication.
Potential risks associated with the increasing adoption of emerging technologies
Emerging technologies are transforming the way businesses operate –ChatGPT, for instance, is considered revolutionary by many experts. With many of these technologies working on a foundation of a humongous amount of data, there is an increased risk of data leaks and exposure. Platforms like ChatGPT that use Natural Language Processing (NLP) can be used to produce sophisticated phishing emails and used for nefarious purposes. Future-proof businesses should put strong cybersecurity safeguards in place and make sure their systems are trained on various datasets. In order to remain ahead of potential dangers and hazards, they must also keep up with the most recent advancements and best practices in these technologies.
Saravanan Shanmugam
VP - Infrastructure Managed Services, BCT
Indian businesses and government agencies need to continuously update and improve their cybersecurity measures
Evolving cybersecurity industry in India
Gartner has predicted that by 2025, there could be a three-fold increase in software supply chain attacks compared to 2021, affecting 45% of global organizations. To tackle these challenges, the Indian government has taken several steps, such as establishing a national cybersecurity policy and creating the National Critical Information Infrastructure Protection Centre (NCIIPC) as a dedicated cybersecurity agency. Additionally, various Indian organizations have implemented their own cybersecurity measures, such as investing in technologies and services to safeguard against cyber threats and providing training to their employees to identify and prevent future cyber-attacks. These technologies include AI, Automation, Blockchain, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), which are used to monitor network traffic and detect any unauthorized access or suspicious activity.
Biggest challenges for Indian businesses
India has been facing a significant increase in cyber threats in recent years, with phishing, malware, and ransomware being the most common types of attacks. Phishing attacks, in particular, have been on the rise.India's large population and growing economy make it an attractive target for cybercriminals, and it is therefore important for individuals to take steps to protect themselves. This includes using strong passwords, keeping software and operating systems up to date, using reputable antivirus and firewall programs, being cautious about clicking on and downloading suspicious links, and avoiding using public Wi-Fi without a VPN. Implementing strong security measures such as two-factor authentication, data encryption, and regular data backups can help protect against these threats.
India improving its cybersecurity readiness
There are still several challenges that India faces in terms of cybersecurity. One of the biggest challenges is the increasing number of cyber-attacks on Indian businesses. Hackers are constantly finding new ways to breach security measures and steal sensitive information. Malware and viruses continue to be a major threat, as do phishing attacks that trick individuals into revealing their personal information.
India's rapidly expanding digital infrastructure creates new vulnerabilities that hackers have the potential to exploit. This makes it essential for Indian businesses and government agencies to continuously update and improve their cybersecurity measures.
In addition to this, the cybersecurity skilled force is growing rapidly in India. With the increasing use of digital technologies and the growing threat of cyber-attacks, there is a high demand for cybersecurity professionals in India and around the world. India has a large and growing pool of skilled IT professionals, and many of these professionals are choosing to specialize in cybersecurity.
Kap Prabhakaran,
VP Engineering, Honeywell Connected Enterprise India
Artificial intelligence has the potential to revolutionize security with significant risks
Evolving cybersecurity industry in India
Over the last decade, Internet penetration in India has gained massive momentum. We have more than 700 million smartphone users and Indians are more digitally savvy than ever before. The Fintech industry is one of the fastest-growing sectors and overall tech startups are on the rise.
Although people consider Cybersecurity to be a niche sector in India or globally for that matter, It is exponentially developing into one of the most integral, vast, and necessary security solutions paving the way for a more secure and dependable future in all things online. A few of the emerging technologies and approaches that are gaining traction are Quantum Computing, Cloud Computing, AI, ML, and IoT.
Biggest challenges for Indian businesses
One of the largest challenges that Indian businesses face is a shortage of skilled cybersecurity professionals. According to a recent survey, 75% of enterprises are finding it hard to find suitably skilled cybersecurity professionals. Another consideration is the existing pool of cybersecurity professionals that need to constantly keep upskilling themselves in order to handle dynamic cyber threat scenarios and align with rapid digital transformation happening across sectors.
In most enterprises, the cybersecurity department is still considered part of the engineering department and there is a special focus on enhancing the defenses proactively. Cybersecurity measures are often treated as a reactive approach which means once a data breach occurs, then enterprises start measures on how to mitigate and consider learning to build defenses. However, they are not concerned with preventing breaches altogether. So, to start with, the thought process and outlook toward cybersecurity are required to be changed.
Potential risks associated with the increasing adoption of emerging technologies
Whenever any new emerging technology gains momentum, the cybersecurity threats around it also tend to increase. In the current scenario, a lot of hackers are already using ChatGPT to create malware and other malicious code.
With new technology, the threat of unknown risks is also present. People get too comfortable with the technology and consider it too safe to disclose personal information which can lead to threats.
As AI, ML & IoT systems collect and process vast amounts of data, there is a risk that this information could be mishandled, either through intentional breaches or accidental leaks. This could result in sensitive information falling into the wrong hands, leading to identity theft, financial fraud, and other forms of abuse.
Artificial intelligence has the potential to revolutionize security, but it also poses significant risks. These risks include Lack of Transparency, Bias, discrimination, Lack of Human Oversight, etc.
Sandip Panda
CEO & Co-founder, InstaSafe technologies
Cybersecurity awareness and education should be a part of the school curriculum
Maheswaran S, Country Head, Varonis
Evolving cybersecurity industry in India
One of the emerging technologies that is gaining traction in the cybersecurity industry is AI and ML that can help identify patterns and anomalies in large volumes of data, which is particularly useful for detecting and responding to cyber-attacks in real time. Along with AI and ML, blockchain technology is also gaining momentum. Blockchain as a technology has the potential to provide a more secure and a transparent system of sharing data which is important for sensitive data such as financial and healthcare records.
In addition, there is a growing trend towards adopting Zero Trust Approach to cybersecurity which involves assuming that all devices, users, and applications are potentially at risk and compromised and requiring strict authentication and authorisation protocols to access sensitive data.
Finally, there is an increasing emphasis on cybersecurity awareness training for employees. Many cyber attacks succeed because of human error or negligence, so educating employees about best practices for password management, phishing identification and maintaining a strong security posture is important.
Biggest challenges for Indian businesses
1. Indian businesses face several cybersecurity challenges due to the increasing dependency on technology and the internet. Some key challenges being:
a. Lack of awareness: Many Indian businesses lack awareness about the threats and importance of data protection which makes them vulnerable to cyberattacks and data breaches.
b. Insider Threats: Insider threats such as employees with malicious intent, unintentional errors or lack of security hygiene can lead to data loss or compromise
c. Ransomware Attacks: These attacks are on the rise and can compromise businesses by encrypting their critical data and demanding a ransom for its release instead
If businesses implement a combination of best practices and robust security solutions, it can help improve their defences and protect against threats.
Potential risks associated with the increasing adoption of emerging technologies
The increased adoption of emerging technologies like AI, ML, IoT and cloud in India has brought significant benefits, but also comes with potential risks such as:
d. Security and privacy risks providing unauthorised access to sensitive data leading to severe consequences such as financial losses, legal issues and reputational damage
e. Increase in cybercrime activities such as phishing, hacking and ransomware attacks. Cybercriminals use these technologies to exploit vulnerabilities in the system leading to data loss and theft
f. Regulatory compliance when adopting emerging technologies with various regulations and standards and lack of compliance can lead to severe penalties, fines etc.
g. Talent crunch can lead to implementation issues, inadequate security measures and lack of expertise in deadline with cyber threats
To address these risks, it is essential to implement a robust security infrastructure, conduct regular security audits, and invest in training employees. By addressing these risks, the adoption of emerging technologies can bring significant benefits to India.
India improving its cybersecurity readiness
To start with, India should focus on creating a robust cybersecurity policy framework that encompasses both the public and private sectors. This framework should include guidelines for data protection, incident response and risk management amongst other things. It should also encourage collaboration between various stakeholders, including government agencies, industry associations and cybersecurity experts.
India should invest in cybersecurity education and training. This includes not only training for IT professionals but also for employees in other functions such as finance, human resources, and operations. Cybersecurity awareness and education should also be a part of the school curriculum to create a cyber-aware culture from an early age.
‘India is progressing towards the ‘techade’, an era of semiconductors, 5G and digital innovation’
Harshil Doshi, Country Director, Securonix
Evolving cybersecurity industry in India
Cybersecurity has definitely taken a center stage as India is progressing towards the ‘techade’, an era of semiconductors, 5G and digital innovation. Whether it is business or the government, cybersecurity holds a major chunk of the investments. According to Gartner, end-user spending on security and risk management in India is forecast to total $2.65 billion in 2023, an increase of 8.3% from 2022. Recently, in the Union Budget, the Ministry of Electronics and Information Technology (MeitY) was allocated a sum of Rs 625 crores to improve the country's cybersecurity infrastructure. The year 2022 was particularly unfortunate for India as we saw a number of cyberattacks on critical infrastructure leading to serious disruption and losses. These attacks have spurred a lot of innovation in information security both on the business side and as well as on the government side.
Biggest challenges for Indian businesses
One of the biggest challenges that Indian businesses are facing is data overload. The migration to cloud and accelerated digital transformation, especially after the pandemic has led to data proliferation. As a result, cloud security monitoring has become difficult and basic security controls have become redundant as sophisticated attacks are increasing. In a cloud-based environment, where there are innumerable endpoints and users, there are concerns regarding data loss and data leakage, data privacy, lack of visibility of who can access the data, vulnerabilities in cloud based applications, compliance requirements, account hijacking, etc. Other challenges include lack of cyber awareness and education among employees and leadership, availability of highly skilled resources, etc.
Potential risks associated with the increasing adoption of emerging technologies
As we are using emerging technologies for our benefit, the same can be used for nefarious purposes. For example, ChatGPT can be used by attackers to create malicious content to fraud people. Attackers can easily manipulate language deficiencies and create highly convincing phishing messages. As our personal data is being processed by AI/ML systems, there is always a risk that this information could be mishandled either through accidental data leak or through intentional data breach. Cyber attackers are always on the lookout to compromise sensitive information using AI malwares. These malwares are highly sophisticated in nature and evade detection by traditional security systems.
India improving its cybersecurity readiness
Up until now, businesses and governments have been responding to threats reactively. But the kind of sophisticated cyberattacks that are happening have rendered traditional reactive-based systems useless. These systems largely focus on mitigating and containing the impact of a security incident rather than preventing it. Preemptive technologies which entail threat hunting, intelligence, forensics should be adopted as these focus on identifying and preventing threats before they cause any harm to endpoints. Enterprises should opt for a combination of reactive and proactive techniques to effectively thwart cyberattacks.
The government as well is already taking positive steps to make India cyber ready and build capacity. There are several initiatives to inculcate cyber awareness and training programs to hone potential talent in cybersecurity skills. The Digital India Bill is also underway and is likely to get ready very soon.
India to gain a booming cybersecurity market, with security spending increasing across domains year-on-year
Sean Duca, Vice President, Regional Chief Security Officer - Asia Pacific & Japan, Palo Alto Networks
Evolving cybersecurity industry in India
Evolutions in tech and the threat landscape unfolding in tandem are driving significant changes in the cybersecurity domain globally. Evidence of this was laid out in Palo Alto Networks’ ‘What’s Next in Cyber Survey where we learned that 48% of organizations experienced between 3 - 9 cybersecurity incidents or data breaches in 2022. As enterprises ramp up digital adoption, it is likely that they will be targeted with threats more complex and disruptive than ever. A few high-action areas will be:
- 5G - 5G connections in India are expected to reach 88 million by 2025, according to a recent report by GSMA. While the spotlight is currently focused on delivering higher data speeds, latency improvements, and the overall functional redesign of mobile networks, the cloud will expose the 5G core to cloud security vulnerabilities.
- Internet of Medical Things - Recent cyber attacks on medical enterprises have proven that the presence of legacy and sensitive data make healthcare an attractive target for cyber threat actors. Ensuring the cybersecurity of medical IoT will be important as ever for patient safety as the closer a patient is to a device, the greater the likelihood of weaponization by bad actors.
-
Metaverse - With an estimated $54 billion spent on virtual goods every year, the metaverse could open up a new playground for cybercriminals. Cyber attackers will use mixed reality experiences to diversify their offerings and deploy complex threats to target enterprises and individuals.
Biggest challenges for Indian businesses
Safeguarding the network, data, and employees from ransomware attacks continues to be a major threat for India Inc. India saw a worrying 218% increase in ransomware attacks from 2020 to 2022, as per Palo Alto Networks' Ransomware Threat Report 2022. Hybrid work has also focused on many cloud-related threats, including weak, poorly written Identity and Access Management (IAM) policies and threats from the application supply chain. IAM) policies - the most critical and complex component that governs the authentication and authorization of every resource in a cloud environment - are also responsible for most cloud security incidents, especially in businesses. Per Palo Alto Networks and Unit 42’s Cloud Threat Report, 99% of cloud identities are overly permissive and grant permissions that are never used. 62% of organizations surveyed even have publicly exposed cloud resources. This opens the door for malicious actors to have wider access to cloud environments. As cyber attackers deploy more advanced tools to launch more complex and coordinated attacks, enterprises need to fight fire with fire and deploy AI and ML tools of their own to bolster defences. Deploying Secure Access Service Edge (SASE) with Zero Trust Network Access 2.0 (ZTNA 2.0) at the core is the way to go when it comes to safeguarding against the threats mentioned earlier as well as against never-before-encountered zero-day threats.
Potential risks associated with the increasing adoption of emerging technologies
AI is widely regarded as a double-edged sword. On one hand, security practitioners use AI-powered security tools and products to tackle large volumes of cybersecurity incidents with minimum human interference. On the other hand, AI allows amateur hackers to develop intelligent malware programs and execute stealth attacks. Since the launch of ChatGPT, there have been concerns worldwide regarding its potential to democratise cybersecurity. While the system technically has guardrails designed to prevent actors using it for straightforwardly malicious ends, ChatGPT, with a few creative prompts, can generate a near flawless phishing email that sounds “weirdly human.” When it comes to Cloud, challenges arise more due to how it's being secured than due to the platform itself. However, some best practices such as securing the supply chain, ensuring strong identity and access management policies, and so on are critical to securing cloud resources. IoT devices are becoming a significant part of every organisation’s attack surface, thanks to hybrid work, and blurring the line between digital and physical. Furthermore, these devices make digital information exist in physical spaces, which makes them key targets for cyber attackers.
India improving its cybersecurity readiness
India is on track to become a booming cybersecurity market, with security spending increasing across domains year-on-year, proving that the emphasis on cyber safety is high. Additionally, the monetary allocation of over 600 crores in the 2023 union budget and the initiatives we are undertaking as a part of the Quad coalition are key indicators of where the wind is blowing. That being said, a few areas remain where urgent action is required. Meeting conversations around data localisation and data sovereignty, that will likely intensify in 2023, with effective legal frameworks, will be critical. Additionally, recognising cybersecurity as a collaborative effort on the enterprise and individual level and establishing Information Sharing and Analysis Centers (ISACs) will go a long way in strengthening cybersecurity readiness. Bridging the cybersecurity skills gap through youth-focused skilling initiatives must also be prioritised. With the threat landscape evolving alarmingly, adding AI and ML-powered tools to the security operations centre to generate a swift and automated response to a breach will be needed to achieve true cyber security.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
