The Indian prime minister, Narendra Modi, in his recent Independence Day speech announced that India will get a new, 'robust' cyber security policy soon.
The Internet Crime Report for 2019, released by the USA's Internet Crime Complaint Centre of the Federal Bureau of Investigation, has revealed that India stands third in the world among top 20 countries that are victims of internet crimes. Given this status and the PM's announcement, it is vital to understand the outlook of the industry leaders on what kind of cybersecurity policy the industry is looking forward to in the country.
Nikhil Korgaonkar, Regional Director, India & SAARC at Arcserve
"Adaptation of digitization is taking place at a faster pace, be it in businesses or in other walks of life. It is expected that we will be soon transiting wholly to newer technologies like cloud computing, Artificial Intelligence, Internet of Things, and 5G spectrum, which will naturally expand our dependency on digitization multifold. However, in the absence of stringent cybersecurity infrastructure, cyber threats can be disastrous for our entire social fabric. There has been a recent surge in cyberattacks on Indian digitalscape that are only increasing in scope and sophistication, targeting sensitive personal and business data and critical information infrastructure, with impact on national economy and security. Cyberwarfare is relentless in trying to erode the security fortification of several sectors in the country. This is certainly a wakeup call for India to have stronger policies in place.
India being the country with proven digital capabilities hub of the world contributing around 75 percent of global digital talent, it is pivotal for India that we come up with sturdy policies. The Prime Minister's assurance on bringing in a National Cyber Security Strategy is very much welcomed. This move will emphasize the adoption of data protection measures and stronger policies that shall protect the privacy and interests of customers, businesses and the general public of the country. Formulation and adoption of policies might still take time, but this is a clarion call to the Indian internet users to pay attention to the threats, on creating robust 'firewalls', and conducting regular cyber security and data protection audits."
Gurpreet Singh, Managing Director at Arrow PC Network Pvt Ltd (Titanium Partner - Dell Technologies)
"The world is moving towards a more sophisticated path in terms of digitization and so are the cyber threats. India has a huge part of the tech-savvy population. From social media to online transactions we have our footprints everywhere. In such a scenario, it is imperative to have a strong resilient cyber security policy and we are glad that the government is thinking in these terms. Covid-19 has shown the importance of having a strong cyber security measure, while organizations have done their best in trying to secure their employees, users and vendors from cyber attacks, the government too should safeguard the sensitive data it holds that, if breached, would lead to a colossal damage. Threat actors have time and again targeted government agencies, banks and other organizations for data which is in huge demand in the dark web. To overcome and take control of the situation, a strong policy is of dire need. The government must first regulate the many 'institutions' that teach ethical hacking without taking responsibility for what their trainees intend to do with that knowledge as there is no legal check point."
Satish Kumar V, CEO at EverestIMS Technologies
"The PM's announcement has a long term perspective aligned to it. We look forward to a policy that incorporates security as a core and mandatory aspect permeating the various facets of cyber interaction. We envisage a top down flow where actions and interventions have to take place by Governments at a framework and policy level, businesses at a security level and community at a behavioural level. The various crime fighting bureaus and agencies need to be empowered so that they can speed up their response times without red tape miring them down.
With a large percentage of work, interaction and engagement moving online, cyberspace is going to become the next hunting ground for unethical practices and felonies. Most systems have now seen an inundation of usage (from simple broadband to video chat to educational software and a host of others) with no extra security precautions taken. Zoom session hacking was a recent case in point. In fact the outcome of COVID has opened up a huge potential target base for cyber criminals. Companies now need to incorporate and mandate best practices at an enterprise, department and employee level.
An apt policy would take into consideration all touch points and introduce transformational interventions across them. Make in India companies need to be actively involved in galvanising the new policies ensuring the implementation is cost effective, secure and beneficial to the nation at large. We strongly believe that the eminent experts will define the policy that not only covers the current scenario but is also preventive in nature. We look forward to any policy that ensures the safety and security of businesses, users and the public at large."
Prashanth GJ, CEO at TechnoBind
"Cyber Security has never been more important than what it is today. Even before COVID the business environments coupled with the Digital India initiatives have mandated that the cybersecurity policy framework of the government needed to be significantly ramped up - both from catching up with the rest of the world as well being relevant given the evolving environment. With COVID and the new norms of working from home - it is becoming even more urgent.
The policy that we are looking forward to should cover the entire spectrum of challenges - be it in terms of Data or in terms of Identity. The new policy that we are looking for should include guidelines and compliances for organizations and government departments so that the citizens of the country can freely participate in this Digitization of the country which is now going to be a way of life going forward.
While compliances and regulations are required, what is more important is a mechanism to effectively make the matter of the compliance - in that get the implementations of the compliances to happen. India has been notorious about very lax implementation of laws - so amongst everything else I personally will look forward to how this new policy will ensure effective and timely implementation of the regulations in spirit and in law.
S Sriram, Chief Strategy Officer at iValue InfoSolutions
"Cyber security is the largest and most persistent threat for the country and it is a critical infrastructure as it is under attack relentlessly every minute. Businesses by going Digital to work around Covid lockdown are most vulnerable, with most employees working from home in the last few months. Due to the geopolitical issues with the neighbouring countries, the frequency and sophistication of cyber attacks have grown enormously in the recent past threatening Government and Business entities. With tremendous progress in Digital infrastructure during the recent past, with all government to business and citizen now being delivered through net and mobile, along with plans to link villages with high-speed fibre, time is not ripe to take a total assessment and review of our cyber security posture covering state and central government initiatives and infrastructures.
The ongoing war is more frequent, intense and severe on the cyber space with no rules or guideline, which makes it even more dangerous as seen from the extortion attempt through encrypting data at multiple entities. We need a dynamic, holistic and evolving cyber security policy leveraging best brains across India and the world to address IT, OT and IoT areas comprehensively. As with beefing up Airforce with new fighter planes, we need the same with cyber security in an integrated way covering all areas in an orchestrated and coordinated way. Time to assign top priority to cyber security, to bridge the widening gap between where we need to be and where we are in an ever-evolving threat landscape....the sooner we do better for all of us!"
Given the recent cyber assaults attempted on India's digital ecosystem, it is now important to prepare for an India-centric cyber security umbrella, that will protect the country's data and cyber infrastructure."
Shibu Paul, Vice President - International Sales at Array Networks
"The announcement on drafting a cyber security policy by Prime Minister Narendra Modi is exactly what India needs right now. While we have moved towards achieving a big transformation in terms of digital movement, we are still in a nascent state when it comes to cyber security. It is high time for threat actors to be held responsible for their acts. It is not just loss of data that is a concern, but what happens when such data is being misused. From phishing attacks under the pretext of Covid-19 information to siphoning off hard earned money from a citizen's account, there is a need of not just holding such threat actors responsible but also to provide justice to those who have suffered. The government should set up a separate agency under the IT wing to deal with cyber crimes and this wing must include its own centre where people can report cyber crimes, investigation can be made and technology can be used to apprehend or even predict before such acts are carried out. Indian IT sector is ready to invest its time and talent to help the government in this effort as this policy is what all of us need. "