View from India: Accelerated digital transformation brings cyber security to the fore

Digitisation brings its challenges in the form of security. Cyber-security is an ongoing concern that goes hand in hand with digital transformation. “The pandemic has introduced us to remote working, whereby work from home (WFH) has become a norm. Remote working and bring your own devices (BYOD) have led to new risks,” said Prof Avishai Wool, Tel Aviv University, and co-founder Algo Sec, Israel at a recent online event. Consequently, levels of cyber- security have to be scaled up. Additional layers of security may be required to address cyber threats. So systems need to be flexible and agile, and parameters of speed fine-tuned to make the digital ecosystem strong and secure. Basically, it is about using skill and dexterity to fasten the loose ends.

“Ransomware attacks are another aspect that calls for attention. Micro segmentation is a means of minimising attacks through hackers. Micro segmentation means work gets split into different segments and its framework prevents movement from one segment to another,” Wool explained.

The pandemic has made organisations vulnerable to cyber attacks and hacking. This can be attributed to a change in working style, as organisations have opted for a hybrid approach. Almost everything will be perceived as a service. To that extent, most of the infrastructure requirements will be outsourced to the cloud. And this will be co-located in some data centres. Data-intensive applications will proliferate. These sudden changes have sprung up. It’s anyone’s guess that such new options will only make the working environment complicated and even difficult to secure manually. Breaches are likely to happen in such circumstances. Hence, all security processes need to be automated to eliminate typo errors. To that effect, systems and tools need to be customised to offer the necessary precautions. 

“Industry estimates point to the fact that 90 per cent of the cyber security breaches happen through human error. Some of the undesired outcomes include loss of revenue as well as intellectual property (IP),” added Vaishali Bhagwat, advocate, civil and cyber. A dent in the reputation of the individual or institution leading to licence cancellation and penalty are other spill-offs. Cyber security is required at the inception stage of the company. 

Covid has added a dimension to security issues. “Social engineering awareness initiatives have been on the rise during Covid. These initiatives have spread as quickly as the virus itself. Many people have fallen prey to social engineering scams,” noted Bhagwat. Emails have been generated to target empathy. Fake industry-specific emails cautioning people about the virus have been doing the rounds. Corona maps and false charity channels have opened up. All such initiatives are highly conducive to harness data. This explains why the need for cyber security is felt much more than before. Sadly, there’s a gnawing gap between awareness and gullibility. Software and hardware tools need to be deployed to secure the IT systems.

The unprecedented pace of digitisation may be disruptive, but it has also brought along hidden opportunities. “The user base of the internet, smartphone, e-commerce and IoT-connected devices is data intensive and is expanding. This has stressed the need for securing the huge volumes of data generated from the digital churn. The data bytes generated by the average mobile user are increasing exponentially,” highlighted Amit Sinha Roy, vice president, global head of marketing & communications, Tata Communications Ltd.

A secure cyber world is essential for India to fulfil its digital vision. “We are working on the National Cyber Security Strategy, which will have new deliverables after industry-wide consultations,” explained Narendra Nath Gangavarapu, joint secretary, National Security Council Secretariat, Government of India. “The digital document is being examined by the government. Cyber crime affects citizens.” The Indian Cyber Crime Coordination Centre (I4C) has been set up to address cyber crime. I4C will act as a nodal point for the fight against cyber crime. Active threat-hunting automated tools and robust software will help detect any form of cyber threat at the early stages.

The cyberspace needs to be strengthened and safeguarded. Preparedness for cyber security is required, as this decade may not be the same as it was in the previous one. 

All this was discussed at DX Secure: Create a Cyber Security Strategy for your company in the Current Scenario. The virtual conference was organised by CII-Tata Communications Centre for Digital Transformation. (CII, an apex body, stands for Confederation of Indian Industry)