Delving Into The ABC Of Cyber Security

by Moumita Deb Choudhury    Oct 16, 2017

Infosec

Of late, cybersecurity is keeping CXOs extremely busy as they are dealing with different areas of cybersecurity, IoT security, cyber resilience and new regulations and policies by the Government. With incidents such as with WannaCry and Petya, and many such cyber threats doing the rounds, CIOs and CISOs and the government legal authorities are solving new puzzles everyday.

The recently concluded Infosec Intelligence Conclave 2017 in India, brought together over 30 talented speakers, and over 250 C Suite delegates from Government & Law Enforcement, Financial Services, Healthcare, Telecommunication and many more to expand their understanding of how to infuse risk awareness into everyday culture and strategies to help you evolving cyber resilience.

The conference acted as an annual point of connection for the CXO’s & IT security professionals; an opportunity for them to be updated on the latest breakthroughs in exponential technology and ideas.

Cyber Crime New Genre for Police Force:

Cyber Security has become a lucrative business wave in the recent years and according to a statistical report, the Indian cyber security market is likely to touch $35 billion and the global cyber-security market is expected to reach $190 billion by 2025.

On talking about India’s preparedness to tackle cyber-crime, Dr. Triveni Singh Addl. SPSpecial Task Force, UP Police said, “Police force is yet not completely trained to tackle cybercrime. With cybercrime mounting higher than ever, we are trying to bring in training in the departments like cyber forensic, information security, software development process.”

Time and again India has been facing cyber-threats. The people in general, government bodies, SMBs, Giant Corporates are targets of the malicious intentions of the cyber goons. “The entire ecosystem which tackles cybercrime, which includes several stakeholders, like the judiciary, the police force, and others are not upgraded on the legal and technical fronts as it is a new era of criminal landscape. There are several initiatives which the government has taken like setting up of CERT; Cyber-crime co-ordination center; Critical information protection center among others but we are skill miles behind.”

Citing a recent instance he said that he recently arrested a group who were generating AADHAR cards by faking biometrics. They were cloning the fingerprints and all these they learnt from YouTube videos.

 SMAC Brings in the new day cyber-crime:

With social, mobile, analytics and cloud being the new ask of all cybercrime has taken an altogher new shape. Anuj Tewari, CISOHCl Technologies, “With incrasing relevance of SMAC, Businesses nowadays, cannot stay within confinement and thus data is not in control. Most people don’t know which data lies where and this is making things difficult. Also, Bots can be used to infect any computer, bots come in many forms, it may come in traditional IT devices like computers, servers, or the more recent the Cloud or the IoT, everything today has intelligence and connectivity. Anything that is connected to the internet and runs on a software has a possibility of moving things outside of the network. Thus, we have to protect the environment and isolate them, it has to be taken care that they are cannot be publicly accessible.”

The extreme web elasticity calls in threats:

Cybersecurity is evolving in India, many organizations and the government are coming together to combat it.

India is 8th on the list of top target countries for Web Application Attacks, according to a study Akamai Technologies that stated that risks to the Internet and to targeted industry sectors remain and will continue to evolve. Unfortunately, India ranks second in the list of Global Web Application Attack Source Countries in APAC after China, while is rank 12th globally.

“There are a lot of web traffic in India and information is flowing in and out of India and that is due to the devices that are connected to the internet. The web has become very elastic today, and we are facing challenges from technologies such as bring your own device or IoT etc. As the nation is moving towards being digital, more devices are added every day and more systems are brought online,” said, Aseem Ahmed, Sr. product manager, Cloud Security- Asia Pacific, Akamai Technologies.

Shedding light on major reasons why security is compromised, Ahmed points out, “user awareness is a key challenge that is faced by government and organizations. The users should know what it takes to be online. All organizations must have proactive and reactive mitigations strategy and must have incidents response plans. They must also pay attention to a comprehensive approach including detection, recovery and post-incident learning. Also, regular testing is also mandatory.

Human link is the weakest link:

Cybersecurity today is the talk of the town for every corporate and government bodies to safeguard their business interest and clients information, however, it is the people whose unawareness gives in to cybercrime.

“70-80 percent of our information is in cyberspace today. However, only 40 percent of the people are aware of the threat vectors, which means 60 percent of the people do not even know through which sources the information can be compromised,” said, Shrinivas Kulkarni - VP & CISO, Xchanging Malaysia, A DXC Technology.

“The human link is the weakest link in the entire cyber security space and the only way out is through making people aware. It is true that technologically we are always behind the hackers, but the positive thing is that we still have control over our people, thus making the people aware is imperative,” he added.

Indian market is unique market:

While globally it has affected financial sector, the governments along with the other public and private organizations, India has been a victim and an easy target for cyber espionage with an increased adoption of digital security.

The Indian market is unique compared to any other developed country. There most of the people connect to the internet through their desktops or laptops but in India the connect with the digital is mostly through mobile phones. This is due to the plummeting rates of both smartphones and data plans. But, the troubling issue is that without knowing the potential threat we are using innumerable applications,” said, Sameer Bangia, Business Lead - Mobility, India, Samsung SDS.

“Today, with all financial data and personal data stored on the mobile phone, if the phone is lost all the data goes in the hands of others. Thus, in this digital era, threats are coming from different corners with all the latest devices and connectivity available to us. The user needs to aware as to how to use it and how much to use it. Nowadays several financial transactions applications do not have any protection mechanism, in fact, they do not even ask for any kind of authentication. In such a scenario users need to be extremely careful,” he noted.