Organizations face many threats to their information systems and data. Understanding all the basic elements to cyber security is the first step to meeting those threats.
Cyber security is the practice of ensuring the integrity, confidentiality and availability (ICA) of information. It represents the ability to defend against and recover from accidents like hard drive failures or power outages, and from attacks by adversaries. The latter includes everyone from script kiddies to hackers and criminal groups capable of executing advanced persistent threats (APTs), and they pose serious threats to the enterprise. Business continuity and disaster recovery planning are every bit as critical to cyber security as application and network security.
Security should be top of mind across the enterprise, and come with a mandate from senior management. The fragility of the information world we now live in also demands strong cyber security controls. Management should see that all systems are built to certain security standards and that employees are properly trained. All code, for example, has bugs, and some of those bugs are security flaws. Developers are only human, after all.
The human is always the weakest element in any cyber security program. Training developers to code securely, training operations staff to prioritize a strong security posture, training end users to spot phishing emails and social engineering attacks — cyber security begins with awareness.
All companies will experience some kind of cyber attack, even if strong controls are in place. An attacker will always exploit the weakest link, and many attacks are easily preventable by performing basic security tasks, sometimes referred to as “cyber hygiene.” A surgeon would never enter an operating room without washing their hands first. Likewise, an enterprise has a duty to perform the basic elements of cyber security care such as maintaining strong authentication practices and not storing sensitive data where it is openly accessible.
A good cyber security strategy needs to go beyond these basics, though. Sophisticated hackers can circumvent most defenses, and the attack surface — the number of ways or “vectors” an attacker can gain entry to a system — is expanding for most companies. For example, the information and the physical world are merging, and criminals and nation-state spies now threaten the ICA of cyber-physical systems such as cars, power plants, medical devices, even your IoT fridge. Similarly, the trends toward cloud computing, bring your own device (BYOD) policies in the workplace, and the burgeoning internet of things (IoT) create new challenges. Defending these systems has never been more important.
Further complicating cyber security is the regulatory climate around consumer privacy. Compliance with stringent regulatory frameworks like the European Union’s General Data Protection Regulation (GDPR) also demands new kinds of roles to ensure that organizations meet the privacy and security mandates of the GDPR and other regulations.
As a result, growing demand for cyber security professionals has hiring managers struggling to fill positions with qualified candidates. That struggle requires organizations to have a sharp focus on areas of greatest risk.
Types of cyber security
The scope of cyber security is broad. The core areas are described below, and any good cyber security strategy should take them all into account.
Critical infrastructure includes the cyber-physical systems that society relies on, including the electricity grid, water purification, traffic lights and hospitals. Plugging a power plant into the internet, for example, makes it vulnerable to cyber attacks. The solution for organizations responsible for critical infrastructure is to perform due diligence to protect understand the vulnerabilities and protect against them. Everyone else should evaluate how an attack on critical infrastructure they depend on might affect them and then develop a contingency plan.
Network security guards against unauthorized intrusion as well as malicious insiders. Ensuring network security often requires trade-offs. For example, access controls such as extra logins might be necessary, but slow down productivity.
Tools used to monitor network security generate a lot of data — so much that valid alerts are often missed. To help better manage network security monitoring, security teams are increasingly using machine learning to flag abnormal traffic and alert to threats in real time.
The enterprise’s move into the cloud creates new security challenges. For example, 2017 has seen almost weekly data breaches from poorly configured cloud instances. Cloud providers are creating new security tools to help enterprise users better secure their data, but the bottom line remains: Moving to the cloud is not a panacea for performing due diligence when it comes to cyber security.
Application security (AppSec), especially web application security, has become the weakest technical point of attack, but few organizations adequately mitigate all the OWASP Top Ten web vulnerabilities. AppSec begins with secure coding practices, and should be augmented by fuzzing and penetration testing.
Rapid application development and deployment to the cloud has seen the advent of DevOps as a new discipline. DevOps teams typically prioritize business needs over security, a focus that will likely change given the proliferation of threats.
Internet of things (IoT) security
IoT refers to a wide variety of critical and non-critical cyber physical systems, like appliances, sensors, printers and security cameras. IoT devices frequently ship in an insecure state and offer little to no security patching, posing threats to not only their users, but also to others on the internet, as these devices often find themselves part of a botnet. This poses unique security challenges for both home users and society.
Types of cyber security threats
Common cyber threats fall under three general categories:
Attacks on confidentiality: Stealing, or rather copying, a target’s personal information is how many cyber attacks begin, including garden-variety criminal attacks like credit card fraud, identity theft, or stealing bitcoin wallets. Nation-state spies make confidentiality attacks a major portion of their work, seeking to acquire confidential information for political, military, or economic gain.
Attacks on integrity: Also known by its common name, sabotage, integrity attacks seek to corrupt, damage, or destroy information or systems, and the people who rely on them. Integrity attacks can be subtle — a typo here, a bit fiddled there — or a slash and burn campaign of sabotage against a target. Perpetrators can range from script kiddies to nation-state attackers.
Attacks on availability: Preventing a target from accessing their data is most frequently seen today in the form of ransomware and denial-of-service attacks. Ransomware encrypts a target’s data and demands a ransom to decrypt it. A denial-of-service attack, typically in the form of a distributed denial-of-service (DDoS) attack, floods a network resource with requests, making it unavailable.
The following describes the means by which these attacks are carried out.
Attackers aren’t going to hack a computer if they can hack a human instead. Socially engineered malware, often used to deliver ransomware, is the No. 1 method of attack (not a buffer overflow, misconfiguration, or advanced exploit). An end-user is tricked into running a Trojan horse program, often from a website they trust and visit often. Ongoing user education is the best countermeasure against this attack.
Sometimes the best way to steal someone’s password is to trick them into revealing it This accounts for the spectacular success of phishing. Even smart users, well-trained in security, can fall for a phishing attack. That’s why the best defense is two-factor authentication (2FA) — a stolen password is worthless to an attacker without a second factor, such as hardware security token, or soft token authenticator app on the user’s phone.
It’s hard to blame your enterprise if an attacker deploys a zero-day exploit against you, but failure to patch looks a lot like failure to perform due diligence. If months and years pass after disclosure of a vulnerability, and your enterprise has not applied that security patch, you open yourself to accusations of negligence. Patch, patch, patch.
Social media threats
Catfishing isn’t just for the dating scene. Believable sock puppet accounts can worm their way through your LinkedIn network. If someone who knows 100 of your professional contacts strikes up a conversation about your work, are you going to think it strange? Loose lips sink ships. Expect social media espionage, of both the industrial and nation-state variety.
Advanced persistent threats
Speaking of nation-state adversaries, your enterprise has them. Don’t be surprised if multiple APTs are playing hide-and-go-seek on your corporate network. If you’re doing anything remotely interesting to someone, anywhere, you need to consider your security posture against sophisticated APTs. Nowhere is this more true than in the technology space, an industry rich with valuable intellectual property many criminals and nations will not scruple to steal.
Executing a strong cyber security strategy requires you have the right people in place. The demand for professional cyber security folk has never been higher, from the C-suite down to the security engineers working on the front lines. Security leaders have elbowed their way into the C-suite and boardrooms, as protecting company data becomes mission critical for organizations. A chief security officer (CSO) or chief information security officer (CISO) is now a core management position that any serious organization must have.
Roles have also grown more specialized. The days of the generalist security analyst are fading fast. Today a penetration tester might focus on application security, or network security, or phishing users to test security awareness. Incident response may see you on call 24/7. The following roles are the foundation of any security team.
The CISO is a C-level management executive who oversees the operations of an organization’s IT security department and related staff. The CISO directs and manages strategy, operations, and the budget to protect an organization’s information assets.
Also referred to as cyber security analyst, data security analyst, information systems security analyst, or IT security analyst, this role typically has these responsibilities:
- Plan, implement and upgrade security measures and controls
- Protect digital files and information systems against unauthorized access, modification or destruction
- Maintain data and monitor security access
- Conduct internal and external security audits
- Manage network, intrusion detection and prevention systems
- Analyze security breaches to determine their root cause
- Define, implement and maintain corporate security policies
- Coordinate security plans with outside vendors
A good information security architect straddles the business and technical worlds. While the role can vary in the details by industry, is that of a senior-level employee responsible to plan, analyze, design, configure, test, implement, maintain, and support an organization’s computer and network security infrastructure. This requires knowing the business with a comprehensive awareness of its technology and information needs.
The security engineer is on the front line of protecting a company’s assets from threats. The job requires strong technical, organizational and communication skills. IT security engineer is a relatively new job title. Its focus is on quality control within the IT infrastructure. This includes designing, building, and defending scalable, secure, and robust systems; working on operational data center systems and networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect those networks.
A new report by Threat Stack and ESG (Environmental, Social Governance) raises major security concerns about the increasing public cloud environments and containers. The report reveals a notable gap in security and compliance readiness across the rapidly growing cloud-container environs.
The report discloses some significant facts as:
- 60 percent of organizations regard security and compliance a hindrance to winning new business associates.
- 57 percent of those surveyed complained of significant delays in the sales cycle blaming troubles created to meet customer security requirements.
- 31 percent of those surveyed said they were unable to cope with the growing cloud and container environments. As a result, 62 percent said they’re aiming for greater visibility into their public cloud workloads.
- 40 percent of the respondents conveyed that in the next 12 months, they will have hybrid environments, which is an increase from the current 12 percent. Meanwhile, 45 percent of organizations plan on starting to test or deploy containerized environs, which is above the current 42 percent of those who already do.
- 94 percent of respondents believe containers give negative security implications for their organizations.
As the market democratizes, companies are adopting more complex technical solutions that were earlier reserved for only software giants.
This, experts believe, has led to the creation of an opening for external as well internal threats as security teams catch up on the cloud, containers, etc.
Sam Bisbee, Threat Stack CSO feels, “Containers originally focused on resource isolation, offering system building blocks to address specific operational needs that could be coupled with security solutions – they were not supposed to be a replacement for VMs, which is how most teams treat them”.
In emerging economies like India where the government is undertaking large scale digital initiatives and schemes, security has become a major concern. Cyber experts believe that the damage done by WannaCry ransomware is an issue of under-reported magnitude.
The use of pirated and outdated software is rampant among Indian users as well mid-size and small IT organizations. Fearing licensing issues, a huge number of these incidents will not be reporting the losses, concludes expert opinion on the latest cyber attack.
According to the Centre’s instruction to CERT-IN (Computer Emergency Response Team), “all the information of reported ransomware” have been collected into a report. Many of the cases across the country were isolated but the wave of attacks certainly shows that the impact to India is certainly a caution alarm.
The report states these places as worst hit by WannaCry:
1. 10% of Vadodara’s total computers in the District Administration Collectorate Office.
2. Computers in Panchayat offices of Wayanad and Pathanamthitta districts in Kerala.
3. 120 computers connected with Gujarat State Wide Area Network in Gujarat.
4. 18 systems of Andhra Pradesh Police Department.
5. Systems in the Tirumala Tirupati Devasthanams (TTD) Shrine in Andhra Pradesh.
6. Computers of the Personnel Department of the Southern Railways’ Palakkad Division.
7. Computers in several locations of the Police Department of Maharashtra.
8. Many attacks happened in computers across Kerala and Tamil Nadu.
May 12, 2017 is one of the most dreadful days of the year for cyber experts and its stakeholders. About 150 countries across the globe suffered a cyber-attack, affecting 200,000 computers.
It was the infamous “WannaCry” ransomware in which hackers locked people out of their computers, demanding a ransom of $300 in bitcoins. Medical care became inaccessible and factories were shut down for more than 2 days to minimize loss of confidential and further damage.
Here goes a brief on one of the most dangerous ransomware attacks in the Cyber-verse:
What is “WannaCry”?
“WannaCry” appears to have utilized a flaw in Microsoft’s software, discovered by the National Security Agency, which was quickly leaked by hackers. The malicious code that relied on the victims opening a zip file emailed to them, spread rapidly across networks locking away files one by one. From then on, the programme used Microsoft’s flaw to thrive.
Microsoft had released a security update which addressed the vulnerability in the sixteen year old Windows XP operating system, in March 2017. This update was exploited by the hackers to trigger the massive ransomware attack.
Who got affected?
Several computer networks worldwide were affected, including Telefonica as well as other major organizations in Spain. The British National Health Service (NHS), too, was forced to cancel scheduled patients.
FedEx, Deutsche Bahn, the Russian Interior Ministry and Russian telecom MegaFon were barred from normal operating services. According to Quartz the three bitcoin wallets used in the attack received just under 300 payments totalling a sum of 48.8635565 bitcoins, which is the equivalent of about $101,000.
What is a ransomware attack?
The term ‘ransomware’ appeared in 2005 in the US with the first notable biggest threats to security. While cyber experts maintain it to be 2005, the history of ransomware goes back to 1989.
According to Becker’s Hospital Review, the earliest ransomware attack occurred in 1989, targeting the healthcare industry. Tracing the same, the healthcare industry still remains a top target for such attacks even after twenty eight years.
Ransomware is a cyber-attack wherein hackers gain control over a computer system and block access to it until the demanded ransom is paid. Hackers get control of systems by downloading a type of malicious software onto a device within the network. This is usually done by getting a victim to click on download link by mistake. The link is normally attached with an email, which once opened, encrypts the hard drive. Once the software gets into the victim’s computer, it enables the hackers to launch an attack that locks all files it can find within that network.
The recent ‘WannaCry’, also known as Wanna Decryptor is a ransomware programme that locks all the available data in the system leaving the user with only instructions on what to do next and the Wanna Decryptor programme itself.
When the software is opened, it tells the users that the files on their computer have been encrypted. It then gives them a few days to pay up, warning that their files will otherwise be deleted. It generally gives them instructions to pay in Bitcoin, providing the Bitcoin address for it to be sent to.
What is the way out?
Larger organizations should ideally follow the guidelines provided by concerned institutions:
- Apply the latest Microsoft security patches for this particular flaw.
- Ensure all outgoing and incoming emails are scanned for malicious attachments.
- Ensure anti-virus programmes are up to date and conducting regular scans.
- Backup all key data and information.
- Organize education programmes on malware so employees can identify scams, malicious links or emails that may contain hazardous viruses.
- Run “penetration tests” against your network’s security at least once a year.
Many experts even suggested restoring all files from a backup. If that isn’t possible, there are tools that can decrypt and recover some information.
Google Cloud Summit is one of Google’s most definitive events on cloud-driven latest technologies, held on September 26th in Bengaluru and on September 28th in Mumbai.
The event marked motley of tech giants from across the globe, each having a significant announcement to make for the future of India’s e-commerce.
Rajan Anandan (Vice President, South East Asia and India, Google), Rick Harshman (Managing Director, Asia Pacific, Google Cloud) and Mohit Pande (Country Manager – India, Google Cloud) inaugurated the plenary session divided into three categories of discussions – Imagine, Learn and Build.
Each of the plenary discussion involved a close coordination between the global market of Internet of Things and India. Google India took this opportunity to highlight some important facts and figures concerning online businesses. Some vital ones are :
(i) According to Google, about 650 million Indians will have access to the Internet, mostly through smartphones, by 2020.
(ii) At least seven consumer-focused Google products have more than 100 million users each, in India. This number is growing fast.
(iii) By 2018, over 40 million Indians will shop online.
(iv) At present, 6.5 million Indians get online in over 100+ railways stations in the country through Google’s collaboration with RailTel.
(v) Google generates one new server in the cloud every 3 seconds.
(vi) Google Cloud Region is coming to Mumbai by the end of the year 2017. A Cloud Region in Mumbai will look after local data processing and online heavy-lifting, which is currently being taken care of by Google Cloud Regions located in Taiwan, Singapore, Tokyo and Sydney.
(vii) Google detects about 10 million spam messages every minute on the Internet.
(viii) On a monthly basis, Google performs scans and security checks on over 400 million Android devices.
With the advent of digital economy, more curious customers are adapting to the change in market environment. A latest report on the international market of Internet of Things (IoT) suggested last week that the global market spend is expected to grow from $625.2 billion in 2015 to $1.29 trillion in 2020 — with a compound annual growth rate (CAGR) of 15.6 per cent.
The spurt in growth is said to be due to the transformation of CIOs, IT and business enterprises into their digital footprints. IoT will play a major role in causing technological disruption and expansion of such multinational firms.
According to International Data Corporation (IDC), in partnership with US-based IoT service provider Aeris, the installed base of IoT endpoints will grow from 12.1 billion at the end of 2015 to more than 30 billion by 2020.
The report said that IoT will soon be in the first priorities in the minds of customers as their realization of its value grows and their needs to improve customer experience is delivered by IoT.
There is broad consensus among organizations that IoT leads the way when it comes to enriching customer lifetime value, smoothening customer onboarding or even making it easier for businesses to deliver sophisticated customer experiences.
“IoT is the next wave of growth in telecom sector. IoT is an enabling technology that bears the potential to take India to a whole new level of development and our vision is to play a significant part in this endeavor.” BSNL Chairman and Managing Director Anupam Shrivastava said at India Mobile Congress in September.
This comes with the state-run telecom firm Bharat Sanchar Nigam Limited (BSNL) announcing an agreement with IoT solutions provider Aeris to jointly tap the Internet of Things market in India.
The agreement guarantees that both the companies will offer packaged IoT solutions and services to enterprises, small and medium businesses and public sector undertakings, among other segments in India.
Further, BSNL will provide bandwith for IoT products that will be provided by Aeris Communications in India.
“Our tie-up with BSNL is a multi-dimensional one and I am confident that this relationship will transform the contours of the IoT landscape in the country. Our partnership will ensure faster permeation of IoT across India and help businesses and PSUs gain remarkable advantages,” Aeris Communications India President Rishi Bhatnagar said.
With global market trends shifting towards complete digitization, the nature of corporate asset value has also been changing. Maximum companies now consist of either intellectual property (IP) or other intangibles. As with AI, digital disruption in finance sector brings with it the corresponding risk of digitizing corporate assets.
According to latest research, corporations across the world are losing billions of dollars every year from the loss of altered or destroyed financial consumer data, traded algorithms, etc. Adding regulatory and legal exposure, the risk only multiplies.
Cyber systems are becoming even more insecure with the explosion of networked connection of almost every physical asset from phone cameras to refrigerators, known widely as “Internet of Things”. On the other hand, hackers are improvising their tricks. Attacks are being launched against commercial entities for political or economic purposes.
Surprisingly, cyber attacks are cheaper and easily accessible, with even weaker law enforcements. Less than 2% of cybercriminals are prosecuted. The imbalance is worsened because corporate entities undermine cybersecurity.
Cloud computing is cost-efficient but the matter of security gets complicated. Hence, corporate organizations are urgently faced with the need of maintaining their enterprises without risking their security.
To cope with the above, many associations set guidelines for their clients to follow.
The National Association of Corporate Directors’ Cyber Security Handbook has identified five core principles for corporate boards to enhance their cyber-risk management:
1.Understand that cybersecurity is an enterprise-wide risk management issue. Thinking of cybersecurity as an IT issue to be addressed simply with technical solutions is an inherently flawed strategy. The single biggest vulnerability in cybersystems is people – insiders. Cybersecurity costs are managed most efficiently when integrated into core business decisions such as product launches, M&A and marketing strategies. Moreover, in an integrated world, organizations must take into account the risk created by their vendors, suppliers and customers as their weaknesses can be exploited to the detriment of the home system.
2.Directors need to understand the legal implications of cyber-risk. The legal situation with respect to cybersecurity is unsettled and quickly evolving. There is no one standard that applies, especially for organizations that do business in multiple jurisdictions. It is critical that organizations systematically track the evolving laws and regulations in their markets.
3.Boards need adequate access to cybersecurity expertise. Although cybersecurity issues are becoming as central to business decisions as legal and financial considerations, most boards lack the needed expertise to evaluate cyber-risk. Many boards are now recruiting cyber professionals for board seats to assist in analysing and judging staff reports. At a minimum, boards should regularly make adequate time for cybersecurity at board meetings as part of the audit or similar committee reports.
4.Directors need to set an expectation that management have an enterprise-wide cyber-risk management framework in place. At a base level, each organization ought to have an enterprise-wide cyber-risk team led by a senior official with cross-departmental authority that meets regularly, has a separate budget, creates an organization-wide plan and exercises it.
5.Based on the plan, management needs to have a method to assess the damage of a cyber-event. They need to identify which risks can be avoided, mitigated, accepted or transferred through insurance. This means they need to identify which data, and how much, the organization is willing to lose or have compromised. Risk mitigation budgets need to then be allocated appropriately between defending against basic and advanced risks.
Any organization must follow these principles to establish a sustainably secure cyber-risk management system.
As the world moves from ‘globalization’ to ‘glocalization’, the era of digitization seems to make its entry into global markets too. We’ve stepped into the age of ‘digital disruption’ where every new technology succeeds over its predecessor, proving the former a failure.
Increasing digital market environments are becoming a goal for every contemporary business organization. Digital interventions of social, analytics, mobile, big data and cloud technologies are laying the foundation for transformation. When these are integrated into cognitive computing, robotics, internet of things, 3 D printing, they form multiple disruptive scenarios like P2P, remote healthcare, digital banks, etc.
From the industry perspective, digital disruption is blurring lines between practices and learning from one industry being implemented in the other. Proliferation of smart devices and surge of AI, is the new battleground that is taking many sectors by storm.
AI has become the new hiring manager as job losses are projected to be the next big story. A recent World Bank research shows that AI threatens 69% and 77% of jobs in India and China respectively. A report by US-based research firm HfS Research states that about 7 lakh low-skilled workers in IT and BPO industry in India are likely to lose their jobs 2022, due to automation and AI.
Further, AI is set to affect 60%-70% of the current jobs. They will either get marginalized or totally eliminated.
A number of AI-based startups like Skillate, Belong, Stockroom, etc. scan through resumes and contain automatically updating algorithms for CVs. All of these are slowly taking over jobs portals like monster.com, Indeed, etc.
AI is shaking up the recruitment industry. Companies like Airbnb, WeWork, are starting pay-per-use models in both products and services. This has consistently given rise to freelancers who enroll for project-based work in growing gigs economy. Projections show that 43% of the US workforce will be freelancers by 2020.
In the time interactivity, where AI ensures upgrade on the go, jobseekers often complained of websites becoming useless for their resumes. Many even complained of no update on feedback on their interviews.
With AI, the most prime concern is of privacy. It is naïve to believe that AI-based platforms only track data in the public domain. A lot of times, a candidate’s political bias might potentially affect the employer’s decision-making. Or in the digitally-dominated world, potentially employable candidates who don’t use a lot of computers, may miss out on opportunities.
It is largely expected by cyber specialists that gradually, a person’s digital footprints will significance in the future.
To curb the rising cyber fraud in digital transactions, a high level meeting has proposed the imposition of a token ‘security fee’ on digital payments in India.
The meeting, focused on measures to make digital transactions safer, was held on 13 September. Chaired by Home Minister Rajnath Singh, it was attended by officers from the MeITY, Home Ministry, Department of Financial Services, Department of Telecom, Reserve Bank of India and Intelligence Bureau. All major stakeholders were present to discuss and propose ways for the same.
Prasanto K. Roy, Nasscom Internet Council Head, expressed that every digital transaction could be aimed at starting a fund for creating better infrastructure to secure digital transactions.
“A special fund could help develop security infrastructure, hire experts and secure online transactions, though a cess on digital transactions isn’t the best way of doing it,” he told ThePrint. He further said that there was a need for the Ministry of Finance and the Ministry of Electronics and Information Technology (MeitY) to make digital transactions cheaper and secure.
An official from the Ministry said on condition of anonymity, “It was also discussed that an Act needs to be in place for regularizing digital payments, which will be looked after by the Finance Ministry, and to how fix the responsibilities of agencies”.
The action came after the official figures were disclosed that indicate that cases related to e-wallets and e-payments (that were reported to banks) jumped from 13,083 cases in 2014-15 to 16,468 cases in 2015-16.
Mostly, online frauds occur when people share their passwords, 3 D secure pins, ATM pins, etc. Hence there is a need to educate people about it. “A standard procedure for all e-wallets needs to be in place as right now anyone can make a wallet just by downloading the app. The KYC norms need to be strengthened for safer transactions,” the official from the Home Ministry said.
Further, the Ministry recommended undertaking a digital transaction education campaign and creation of dedicated cyber-forensics lab. Also, training for police personnel and forensic officers needs to be in place so that they can tackle cyber fraud cases.
“As of now we do not have the manpower or expertise to deal with cyber fraud cases, which is going to be challenging…we need to be prepared,” the Home Ministry official said.
The Intelligence Bureau proposed the Indian Government ensure the introduction of necessary software that is able to detect attempts at cyber fraud. Accordingly, the software would be incorporated by payment gateways so that customers can be alerted about suspicious activity.
“There needs to be a machinery to detect out-of-bound transactions and the pattern of violations in cyber fraud cases. The machinery should be able to figure if the transaction is fraudulent by looking at its pattern and send alerts,” Nasscom’s Roy said to The Print.
The second Global Cyber Security Index (GCI), released by the UN telecommunications agency, International Telecommunications Union (UTC) places India at 23rd position in the list of information secured countries. The rank is among 165 other nations across the world who have committed to cyber security.
The report reveals that only about half of all countries already have a cyber security strategy or are in the process of developing one. It urges countries to engage in cyber security education initiatives and job creation in the sector.
Singapore tops the index with a 0.925 score.
Other countries in the top 10 are United States, Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France and Canada.
The report says that 38 per cent of these countries have a published cyber security strategy while 12 per cent of governments are in the process of developing one.
The threat is dangerously worrying because in 2016, according to ITU, about one per cent of all emails sent were malicious attacks. The rate is the highest in recent years.
The findings show that there is “space for further improvement in cooperation” at all levels. It further advocates for encouraging governments to consider national policies that take into account cyber security and encourage private citizens to make smart decisions online.
The Indian government has taken a few steps to bring the attacks under control. Under PM Narendra Modi’s tenure, the Central govt established the office of Chief Information Ofiicer of Cyber Security Cell under PM’s office. Dr Gulshan Rai is the first to hold the post.
CERT-In, an emergency response team is set up under the Ministry of Electronics and Information Technology for dealing with a range of cyber-attacks.
Apart from this, the Government of India has four Sectoral Computer Emergency Response Teams to address Cyber Security Threats in Power Systems: Transmission, Thermal, Hydro and Distribution.
All the four utilities have been asked to identify a nodal senior executive as its Chief Information Security Officer (CISO) to lead the process of strengthening organizational systems with respect to cyber security and implement an information security management systems as recommended by rules under the Information Technology (IT) Act 2008.