Indian businesses highly vulnerable to cyber attacks but adequate counter preventive measures still not in place

14-12-2017 Shelley Vishwajeet


Indian businesses highly vulnerable to cyber attacks but adequate counter preventive measures still not in place

  • Cyber attacks now the top business and economy risk
  • Mass cyber-risk awareness drive and multi stakeholderism approach only potent defenses against rising cyber threats – Cyber Security Experts
  • High incidence of cyber breaches but extremely low reporting a cause for big worry in preventing and curbing cyber security threats

As more and more of India, Indians and businesses get connected, country’s cyber risk vulnerability has also increased dramatically to the point that it has become a top national security and business threat.  This was the common concern among top cyber security experts gathered here at the 4th International Summit on Cyber Security India, 2017 organized in New Delhi by Bharat Exhibitions with support from Ministry of Electronics & IT, GoI; Indian Computer Emergency Response Team (Cert-in) & COAI.

Experts were unanimous to warn that the country and Indian businesses could be hit by cyber attacks tsunami unless counter measures put in place soon to prevent such a scenario.

A particular worrying aspect according to experts was that despite fair degree of awareness about cyber threats among top stakeholders, the required cyber security apparatus was yet to be put in place which left panelists wondering if India was waiting for a national cyber security crisis to happen to jolt itself out of slumber.

“Are we waiting for the cyber version of Mumbai type of terror attack to happen to really wake us up to grave cyber threats hovering over us,” wondered Dr Muktesh Chander, DGP of Goa and former Centre Director, Cyber Division, NTRO. He expressed these concerns during the inaugural session on “Securing Critical National Infrastructure from Cyber Attacks”.

Low reporting of cyber cases was another worrying area as reporting and investigation are critical to preventing cyber crimes. “Despite over a 1.17 lakh cyber security incidence reported in 2014, the number that actually got reported to police was miniscule. Low reporting remains a big bottleneck in preventing future cyber crimes and enhancing cyber security walls,” pointed out Dr Chander.

Other areas of high concerns remain the non appointment of CSO (Cyber Security Officer) in major government departments or even corporates, lack of uniform standard for cyber monitoring and reporting, absence of ‘Mandatory Breach Disclosure Law” and organizational reluctance to spend adequately on creating a robust cyber security apparatus.

The inaugural session was moderated by Mr Atul Gupta, Partner & Cyber Security Leader, KPMG India who pointed out that cyber security has moved beyond the realm of technology concern to become a business and national security concern. “Cyber threats are no longer a technology issue but a business risk agenda and has indeed become the number one risk to business worldwide,” said Mr Gupta.

“I would like to assure that GSTN is a very secure system as it has followed and embedded major threats mitigating principles that address both internal and external threats. Though, we have used many Open Source software in GST System but only after thorough scrutiny and scanning. The best part is that the core of GST is not directly exposed to the internet and that makes it a very safe and reliable system,” Anand Pande, Senior Vice President & CISO, Goods & Services Tax Network (GSTN)

“Its Zero Day Vulnerability scenario now with hackers community becoming more organized and smarter. With enough tools available now, they can immediately know the vulnerable or weak corners of a deployed system or IT architecture. So the time lag for cyber attacks has reduced. Today we don’t have the time privilege to experiment with a system. Cyber attacks can start within 24 hours of the launch of a system or architecture deployment,” Vikram Mehta, Associate Director, Information Technology,

Besides Dr. Chander, experts on the panel included Dr Siva Sivasubramanian, Global Chief of Security, Bharti Airtel; Anand Pande, Sr Vice President & CISO, Goods & Services Tax Network; Vikram Mehta, Associate Director, - Information Security,; Pawas Agrwal, General Manager & CISO, Aircel and Sumit Puri, CIO, Max Healthcare.

Positive aspect is that prevention is possible but it requires a holistic and engaging approach. Top cyber experts and officials from police, defense, telecom and private sector stakeholders were in unison that massive cyber risk awareness campaign and multi-stakeholderism were potent shields against cyber threats which otherwise would have grave disruptive impact on our economy, business and national security.

The technical session focused on “The Cyber Challenges for a New Era” whereby experts urged drafting of ‘Internet Governance Framework” while emphasizing multi-stakeholderism as the most potent shield against cyber threats.

“The mindset that government knows best must be given a go-by. As first line of defense comes from individuals and businesses, multi-stakeholderism has to be norm in devising any robust strategy against cyber threats,” pointed out Dr Subi Chaturvedi, Sr Director, Public Affairs & Communication, COAI.

Technical session was moderated by Anirban Sengupta, Partner, Cyber Security & Privacy, PwC India while expert panel included S. Rajesh Kumar, Tech Lead, Juniper Networks, Asaithambi N., Technology Specialist, Spirent; Badhrinarayanan Srinivasan, Manager, System Engineering, Ixia Technologies; Ravi Vijayvargiya, Sr. Technical Director & HoG, Network Security, National Informatics Centre (NIC), Govt. of India; Dr. Subi Chaturvedi, Sr. Director – Public Affairs & Communication, Cellular Operators        Association of India (COAI); Krishna Basudevan, Chief Enterprise Security Architect & Advisor, Kratikal Tech and Col. Inderjeet Singh, Director - Strategic Accounts, Scanpoint Geomatics Ltd.

Conference deliberated upon critical issues such as:

  • Securing Critical National Infrastructure from Cyber Attack
  • Securing Smart Grid/ Power, Telecom Network, Defense, Utilities, Railways etc from Cyber attacks.
  • Cyber Security And Lawful Interception
  • Securing Cloud Infrastructure
  • Mobile Security, Web App Security, Network Security
  • Cyber Threats & Intelligence Solutions & Threats from Open Source Technology
  • Protection of IT Infrastructure from Future Threats
  • Efficient and Effective ways to protect Data and Applications
  • Bridging the gap between Security and Operational Efficiency

Top Cyber Security Concerns Identified:

  • Low Priority to Implementing Counter Cyber Threats Measures
  • Low budget allocation in business organizations for putting up a robust counter cyber security apparatus
  • Absence of “Mandatory Cyber Incidence Disclosure Law”
  • Absence of uniform “Internet Governance Framework”
  • Low reporting of cyber cases despite high incidences
  • Lack of educational and awareness program regarding cyber risks and preventive measures

ABOUT author

Shelley Vishwajeet

Shelley Vishwajeet is Editor, My Mobile. He has previously worked at senior positions with Business India, 21st Century Fox (Star Television Group), Indian Express ...

Read More

Recommended for you

Airtel partners Symantec to offer c...

Read More

India turned out to be the biggest ...

Read More

Recent Comment

No comment found on this news

Leave a Comment

Add Another

Add Another

Add Another

Add Another