Cyber goes Hyper Time to get serious about its security
The information and communications technology (ICT) industry has evolved greatly over the last half century. The technology is ubiquitous and increasingly integral to almost every facet of modern society. ICT devices and components are generally interdependent, and disruption of one may affect many others. Over the past several years, experts and policymakers have expressed increasing concerns about protecting ICT systems from cyber attacks, which many experts expect to increase in frequency and severity over the next several years. The act of protecting ICT systems and their contents has come to be known as cyber security. A broad and arguably somewhat fuzzy concept, cyber security can be a useful term but tends to defy precise definition. It is also sometimes inappropriately conflated with other concepts such as privacy, information sharing, intelligence gathering, and surveillance. However, cyber security can be an important tool in protecting privacy and preventing unauthorized surveillance, and information sharing and intelligence gathering can be useful tools for effecting cyber security In India, 90 per cent of organizations are not protected against cyber threats. It is a very gloomy situation. And it is because of lack of cyber awareness. “In order to make a safe cyber environment, states need to look after 6Ps – Pre-threat, provision, protection, preventive, predictive and pro-active,” said Marc Kahberg, CEO, Vital Intelligence Group, Israel, at an event ‘Cybersecurity Conclave, 2017’ organized by Uday India and VAR India magazines in New Delhi.
Before formulating any policies on cyber security, one needs to know about the nitty-gritty of it. It is so complicated that without proper research and analysis, one could not even ascend one step in the cyber world. The evolving nature of attacks and motives behind them poses a threat not only to national initiatives such as smart cities, e-governance and digital public identity management, which rely extensively on information and communication technologies, but also to enterprises and consumers. The demand for cyber security solutions stems from a host of audiences, with varying requirements, ranging from warfare, espionage or national defence to the protection of intellectual property and employee, customer, and personal information across all industries (e.g., financial services, telecom, infrastructure, transportation, healthcare, etc.).
The Central government’s role in cyber security involves both securing federal systems and assisting in protecting of every state. Under current laws, states have cyber security responsibilities relating to their own states’ systems, and many have sector-specific responsibilities for critical infrastructure.
Addressing an august gathering at the symposium, Kiren Rijiju, Minister of state for Home Affairs said: “India is moving towards digital economy and we have not a robust system to operate it, although we are not lack behind any nation when it comes to building structure. Rapid development of technology possesses direct threat to the existing infrastructure. Cyber crime does not know jurisdiction. Cyber criminals have no boundary. Everybody knows ISIS is great threat and it is reaching our country. The very nature of internet allows for unprecedented collaboration and interaction among particular communities of criminals. Just 10 or 15 years back, one would have been sitting quietly. Any problem in Middle-East, there would have been a very different scenario that time because we were only concerned with what was happening with our own neighbours. But today, anything happening in Middle-East or any activities of the ISIS has immediate and direct reach on our shores. Nuclear plants can become destructive forms, and it is the vulnerability of Information Technology. And India tackles the situation very well. India has a committed partnership with United States of America and Israel to tackle the situation.”
Kiren Rijiju also admitted the fact that modernisation of the country’s police forces was not up to do. “We really need to update our policing system. I am admitting to the fact that we are not yet up to the mark in terms of modernization of our police forces in India. We need to look into that. The rapid development of digital technologies and wide range of services in cyberspace are raising serious concerns for the government as the country embarks on a journey towards cashless economy. India needs to secure its digital payments, put everything on secure networks to provide secure payments to its citizens and it is not an easy task. In the MHA we keep updating ourselves. I can clearly see the challenges and which is not going to be easy for all of us. This rapid development of digital technologies and wide range of services provided for activities in cyberspace raises issues of serious concern for the government.”
“India is on the target by the hackers because of its hostile neighbours. Cyber intelligence and methodologies need to improve,” said Hemal Patel, senior VP-India operation, Sophos.
The structure of economic incentives for cyber security has been called distorted or even perverse. Cybercrime is regarded as cheap, profitable, and comparatively safe for the criminals. In contrast, cyber security can be expensive, is by its nature imperfect, and the economic returns on investments are often unsure.
Carmit Yadin, CISO and Director of cyber division, Vital Intelligence group, said: “How does government can protect the people? The only solution is awareness and education about cyber world. Government needs to include cyber science in the education in the entire nation. And it is need of the hour. India cannot lack behind in pace of technology. Cyber crimes can be caused in real-time from anywhere in the world and the culprits are hard to track, prosecute and penalize. Cyber-terrorism can cause much wider damage to any country now in comparison to physical violence.”
“Laymen’s understanding about cyber security is almost zero in India. It is time to educate people of grassroots levels. The fifth dimension is not man-made or man-controlled unlike water, land, air and space. IT is a double-edge-sword, India needs to handle it in a very cautious way,” said Deepak Kumar Rath, group editor, Uday India.
In today’s dynamic environment, cyber security has become vital for individuals and organizations that collect and store a wide range of confidential data on computers and transmit that to other computers across different networks. For an individual, protecting information that could impact social life as well as personal finance is essential. The internet has provided a wide array of learning opportunities, but there are risks too. Photos, videos and other personal information shared by an individual on social networking sites such as Facebook, Twitter can be inappropriately used by others, which may lead to serious and even life-threatening incidents. Social networking sites have become the most popular medium for sharing information and connecting with other people. But these sites have created varied opportunities for cyber crimes, compromised personal identities and information leakage. Therefore, it is important for individuals to understand how to protect against cyber threats, and must also comprehend the difference between virtual and real world. One should learn how to protect computers and personal information from being hacked and should engage in appropriate online behaviour in order to eliminate changes of cyber threats and thereby creating a safer online environment.
India has 8,000 government websites, and each is an independent on one and not integrated with the other, and that makes our cyber network a very secure one, says P.P. Choudhary, Union Minister of State for Law and Justice, and Electronics and Information Technology. While delivering the valedictory address at the conclave, he also added that Prime Minister Narendra Modi has been saying that there will be bloodless war in future. It means cyber terrorism. We are prepared for any kind of cyber attack with counter measures.
Cybersecurity means different things to different stakeholders, often with little common agreement on meaning, implementation, and risks. Substantial cultural impediments to consensus also exist, not only between sectors but within sectors and even within organizations. Traditional approaches to security may be insufficient in the hyperconnected environment of cyberspace, but consensus on alternatives has proven elusive.
Brijesh Singh, Inspector General of Police (Cyber), Maharashtra police opines that malware protection is important. And the problem is that security framework is yet to be developed well in the world. Investment in the security projects is also vital. Maharashtra’s cybersecurity plan is a 1000-crore project. The Fadnavis government has set up one cyber police station for one district. There are 44 police stations of its kind in the state. It is a unique system. The country needs such projects to make India secure.
Experts often say that effective security needs to be an integral part of information and communication technology (ICT) design. Yet, developers have traditionally focused more on features than security, for economic reasons. Also, many future security needs cannot be predicted, posing a difficult challenge for designers.
“India has no adequate cyber security exports. We should not blame government for it. Indian Institute of Technology (IIT)s are autonomous bodies, they need to start initiatives to create researchers and academicians. 10 years ago there was no literature available on cybersecurity. But, today especially western scholars research on it and produce abundance of data and information on cyber world. However, India lacks behind it. This year’s union budget has allocation for cyber security. It is a good sign,” maintains Devabrata Nayak, Chief Security Officer, Huawei India.
Cyberspace has been called the fastest evolving technology space in human history, both in scale and properties. New and emerging properties and applications—especially social media, mobile computing, big data, cloud computing, and the Internet of Things—further complicate the evolving threat environment, but they can also pose potential opportunities for improving cyber security, for example through the economies of scale provided by cloud computing and big data analytics.
“Gujarat’s Gandhinagar is one of the few cities in India where an advance technology has been implemented, where every citizen gets 2 mbps speed internet for 30 minutes absolutely free. Recently in Washington, CCTVs were hijacked, even Austria faced the same situation. Therefore, technology needs to be developed, otherwise the world would face serious danger,” said Purshottam Koushik, senior adviser, smart cities and infrastructure, McKinsey India.