Making India Cyber Resilient

 

The upward trend of security breaches, malware and hacking cases every year are irrefutable. In the year 2016, cyberattacks cost the world $575 billion and numbered 90 million. During the same period, India witnessed some large-scale cyber-attacks across verticals such as information of 32 lakh debit card holders of various Indian banks being hacked, IRCTC website attack, LinkedIn being targeted by attackers and the hacker group called Legion claiming to hack the Twitter accounts of prominent personalities. The recent attacks across the globe have brought cybersecurity to the fore and made it a boardroom discussion. As per Gartner, enterprise security spending (hardware, software and services) in India hit $1.12 billion in 2016. To bring about a wave of change that will make our ecosystem more secure, we need to focus on the following points: Strengthening Cyber Security Framework; Financial Service Companies; Securing Smart Cities and IoT Devices; and Need for Trained Security Professionals.

 

 

 

 

While the National Cyber Security Policy, 2013 provides a framework to protect data of individuals and corporations, it leaves room for interpretation. We have been spending a major chunk of our resources in tackling localized cybercrime while responding to major attacks on a case-to-case basis. The Prime Minister’s Office (PMO) created the position of National Cyber Security Coordinator in 2014, keeping in mind the increasing importance of cybersecurity. However, there is no national security architecture in place as of today that can assess the nature of cyber threats. The challenge is the legal framework, as the internet is not restricted to a single geographical boundary. We need to have

a National Cyber Security Agency in place which would be responsible for policy formulation and implementation at the national level.

 

 

 

 

The Indian Government’s decision of demonetization followed by the call for a “less-cash” economy has put focus on the financial services sector. Providing seamless experience to the consumers covering a range of services while managing the digital identities of individuals and enterprises is a major challenge for all companies which allow/ enable online monetary transactions. Incorporating the security features that work in tandem with the overall design of the application and the services is going to be crucial in the coming years. It is also essential for enterprises to assess risks properly by creating a cyber risk calculation framework to help balance the business risks and ease of use for customers.

 

 

 

 

The present Government’s increased focus on development to create opportunities has led to the Digital India initiative. However, this demands a robust communications infrastructure which will, in turn, rely heavily on accessing and analyzing sensitive data or information. This throws the spotlight once again on the Information Technology (IT) sector and data security. The complex web of interconnected devices continually opens up gateways to information, and countless access channels makes for increased difficulty in keeping a watch over the safety of such online data. Hence, there is a pressing need for an increased focus on the security infrastructure and a policy framework for IT security across India. Constant coordination between government and local planning authorities will play an important role in making smart cities secure. Meticulous planning will be required to address the safety and security needs of commercial establishments, railway stations, airports, city markets and shopping malls, residential areas and educational institutes.

 

 

 

NASSCOM predicts that India will need a workforce of one million skilled security professionals by 2020. As of today, India is facing a shortage of cybersecurity experts which further complicates the situation. The Government needs to encourage more educational institutes which offer specialized cybersecurity courses with more than than just theorybased knowledge. A close collaboration between the private sector and government will help the institutes to churn out professionally trained manpower.

 

This also opens a window of opportunities for start-ups due to the best of technologies adopted by such companies. Cybersecurity is a growing concern for enterprises as well as the government which will further fuel the growth of start-ups.

 

Technology provides a number of facilities, it also brings with it a host of problems for security of communications, data and infrastructure. The illusion of protection from cyber-attacks is a thing of the past and it can be said that no one is secure. What we need today is an army of trained cybersecurity professionals who can help in minimizing the impact of cyber-attacks with continuous monitoring, early detection and quick response.