Challenges for Indian Enterprises in Security Implementation
India is waking up to the need for, and challenges in, implementing cyber-security. The National Cyber Security Policy of 2013 is a step in that direction. Indian enterprises too, have realized the implications of ineffective info-security measures. What was once a mere check in the box meant solely to appease compliance norms has today emerged as a top agenda in the boardroom.
While awareness for cyber-security is on the rise, with government, organizations and even consumers recognizing the need for robust security measures, implementing cyber-security is not easy. Let us consider this from an organisation’s perspective –
India has a unique dichotomy – for a nation renowned for its prowess in information technology and the large body of educated youth it churns out, there are still many areas around the country that are still developing, which are still some time away from broadband internet & consumer IT infrastructure.
The number of active Internet users in urban centres is estimated at 141 million in December 2013, according to the I-Cube report released by IAMAI and IMRB. This is nearly double that of the rural users.
o Many of these areas have gone past the PC-era, and graduated to the world of mobile Internet. In Rural India, 70% of the active Internet users also access Internet using mobile phones, while 32% use internet only through mobile, the report suggests.
o For many others, the quintessential cyber-café is still the most reliable method to get online. The report revealed that 40% of active Internet users in rural India still rely on community service centres and cyber-cafes. On the other hand, some of India’s largest cities are readying for the 4G and LTE wave!
There is no denying that the Internet landscape in India is heterogeneous.
But that’s not all – Internet usage in the country is also on a rapid growth trajectory. India and China, together, are expected to add more than 400mn new users of internet-enabled phones to the global network, vaulting India ahead of the US to make it the second-largest country for smartphone use in the world. In fact, the same report by IAMAI & IMRB estimated that by June 2014, India will have 243 million Internet users, at which point of time, it was expected to overtake the US as the second largest overall Internet base in the world.
In a market that is as heterogeneous, fast-paced and vibrant as India, large enterprises with a widespread clientele must think of a security solution that can secure digital experience across form factors and access points. One which is future-proof and can keep pace with a growing population of Internet users.
The Indian Internet landscape is not the only rapidly evolving phenomenon – the state of security itself is quite dynamic. Newer, more sophisticated attacks emerge every day, even as security systems that were once considered unconquerable are rendered obsolete. The security landscape is more webbed and complex than it was a few years ago, advanced persistent threats including zero day attacks, dynamic Trojans, stealth bots, different types of phishing & pharming, Man-in-the-Middle (MITM), Man-in-the-Browser (MITB) and Man-on-the-Machine (MOTM).
The cyber-security challenge before enterprises today is, therefore, two-fold. The question that enterprises need to address is whether their security measures are capable of keeping pace not only with (a) the constantly growing mass of active internet users in the country, but also with (b) the ever-evolving cyber-threat landscape.
The multitude of user types, devices, network access points, with scores of technology platforms as well as enterprise application deployment structures available makes it a nightmare for an organization’s security team to secure everyone under a unified security umbrella. CIOs, CTOs and CISOs are grappling with highly complex and costly security architectures, which do not scale to large number of users without compromising on security.
Contemporary security solutions in the market fail to address the problem completely. Some of them do not provide the required level of security since they work over the highly insecure public Internet. Others like VPN’s are very expensive and need a large investment to accommodate more users, and are unfeasible to be scaled beyond a certain mass and segment of users. As the enterprises keep on adding safety locks, complexity of underlying architecture rises constantly.
The current situation calls for solutions that simplify as well as unify security architecture. Organizations need to take the first step in adopting any security solution: acknowledge the complexity and diversity that exists both among the external environment (users who are customers and partners) as well as within the organizations.
In conclusion, there is the need for more concerted and synergistic efforts at industry-level to overcome challenges and seek joint solutions to the ever-evolving, rapidly growing concern of cyber-security.
- Trends In Information Management: An India Perspective
- WB To Announce New IT Policy To Woo Investors: CM
- Cyber Security Predictions For 2018
- How CIOs Can Ensure A Seat At The Strategy Table
- CIO's Five-Point RPA Planning Success Formula
- SpiderOak CEO Warns Of 10 Cybersecurity Threats For 2018
- Uber Data Breach: Accountability, Corporate Ethics In Question
- Customer-Facing Web, Mobile Apps Pose Highest Security Risk: Study
- 70% Consumers Stop Following A Business After Data Breach: Study
- CISOs, Beware Of Crime-as-a-Service, IoT Threats In 2018