Roy Zur is a cyber intelligence expert, the founder and CEO of several cyber companies, including Cybint, a cyber education company. Roy has more than 15 years of experience in cybersecurity and intelligence operations from the Israeli Defense Forces, Unit 8200 (Retired Major) and has developed cyber education programs and technological solutions for companies, educational institutions, and government agencies around the world.
We are towards the close of 2021and today almost all facets of human interactions, from healthcare to finance, commerce to entertainment, and others, have become completely digitalized. Though living in this age of information and communication has brought a great level of comfort, it has its share of perils in the form of cybercrime. Given the risks of cyber-attacks India is facing, it is essential to increase the investment in strengthening the cybersecurity framework. Within the first half of the year, there were more than 1 million cyberattacks in India.
You may be surprised to know that in the year 2019 alone, more than 4.1 billion records including email accounts, passwords, banking details, personal information, sensitive business records as well as national security information were hacked by hackers and cybercriminals all over the world. There was a 51% increase in the attacks during the pandemic. Cybercriminals have the potential to either put this information to use for nefarious purposes or to extort a large amount of money from the entities. Industry experts say that there is no legislative control and monitoring yet. There is an urgent need to update the exciting laws to create a better surveillance system over the internet.
Is India prepared for cybersecurity threats?
Let’s look at the steps that the government has taken for cybersecurity preparedness.
At present, India is at the 10th position in the UN Global Cybersecurity Index (GCI) 2020. This is an improvement from its 23rd position in 2017.
- The National Technical Research Organization, which was constituted in the year 2004, provides technical intelligence for both internal and external security in cyberspace.
- To reach global compliance security, India is working with the US on cybersecurity.
- India also consists of a robust Computer Emergency Response Team (CERT) that notifies concerns relating to cyber-attacks and analyzes the vulnerability.
- The appropriate legislation, National Cybersecurity Policy, 2013 is proactively followed aiming to protect the public and private infrastructure from cyber attacks.
Let’s take a glimpse at the other side of the coin
- India has an inadequate force of cyber soldiers, whereas other countries have a huge number of cybersecurity experts. India requires around 1 million more, cybersecurity professionals, right now.
- According to Symantec, India is ranked as one of the top three countries in the world when it comes to malware attacks and phishing.
- There is a lack of awareness of cybersecurity laws.
- Increasing online gambling has reported higher incidents of bank account hacking which are going unchecked in India.
What India should do?
Building an effective legal framework to handle cybersecurity cases: In India, there isn’t any specific legislation that offers protection against cybercrimes. As the modus operandi of cybercrimes has evolved with time, even the Information Technology Act, 2011, needs to be revisited. The framework should focus on the ever-changing nature of technology.
Capacity building in the domain of cybersecurity: There is a dearth of skilled cybersecurity professionals in India. A study conducted by the Information Systems Audit and Control Association (ISACA) shows that 58% of organizations across the globe have vacant cybersecurity positions. More than 3.5 million job positions are unfilled as of 2021. This shortage, which is felt at both the government and industry level, can affect India’s fight against cybercrimes. Government should invest in the capacity building of cybersecurity professionals to develop a robust cybersecurity ecosystem in India.
Protecting critical infrastructure with deep monitoring: With the advent of new technologies like the Internet of Things (IoT), new cybersecurity threats are emerging which are required to be handled by specific security solutions. Approximately 75 billion connected IoT devices will be created by 2025. When coupled with a growing trend of convergence and multi-system interconnectedness, it has introduced a variety of security issues that threaten normal economic and social functions. There are some growing concerns and debates about the protection of the country’s critical infrastructure, which are important for deep monitoring.
Public awareness: Many countries emphasize citizens’ awareness against cybercrime. In India, the government should act too to launch result-oriented cyber awareness campaigns to provide individuals with one-to-one assistance. More than 95% of security breaches happen due to human error. The awareness drives can include the formation of guidelines and also offer an application that can be installed to secure the devices. In addition, the government should also consider making cybersecurity a part of the school curriculum, so that students are aware of cyber threats and the precaution they should take while using the internet.
The Bottom Line
In this new world of cybersecurity, it is important to remain one step ahead of cybercriminals. Beyond taking different steps, the threat landscape will continue to evolve and have profound impacts on the way the government designs the security infrastructure. Every entity including individuals, companies, governments, enterprises, etc. needs to maintain vigilance through cybersecurity professionals when it comes to digital security.