Since the world wide web has taken its roots in our lives, greater opportunities have emerged – better collaboration, communication, greater economic activity as well as innovation and job creation. However, this has also given birth to a new nature of crime - Cybercrime. Over the past two decades, Cyber Crime has evolved from being individual driven to organised crime and now more as a terrorist activity. Cybercriminals have evolved their ways of hacking into our systems and accessing our confidential information.
Today, Cybercrime has become an industry in itself that’s always on the edge, innovating new ways and technologies to breakthrough our walls of privacy.
Security Threat Landscape
Our country’s Cyber Security has been facing new and emerging challenges that range from a constantly shifting threat landscape to managing multiple platforms and devices in the environment. Modern threat landscape has never been more challenging, which is driving tremendous costs and risk to the security of critical information.
Security breaches can take 200+ days to detect and industry experts predict that there will be over two million new malware apps by the end of the year. Therefore, protection from attacks begins with the implementation of security best practices and ensuring compliance across the environment. Organizations and Governments need to focus on four key areas for protection against modern security threats.
Focus on attack vectors of theft of user credentials, malware, or a combination of both. If these areas remain exposed to attacks they are increasingly trivial for attackers to exploit.
Focus on trusted software, identity and data protection that guard’s information at rest, in use, and in transit. If these areas remain exposed they lead to data breach.
Focus on identifying the polymorphic and just-in-time malware.
Focus on growing class of malware that include inserts and attacks before the operating system starts, which endanger critical boot processes before any antimalware solution begins to function.
Government of India Cyber Security Focus
With Digital India a key initiative for the country, Cyber Security is of critical importance. In light of the recent attacks, there is increased focus on cyber safety. Ministry of Electronics and Information Technology (MeitY) has taken various steps in this regard as follows:
· Launch of the Cyber Swatchta Kendra – Abot net Clearing and Malware analysis Centre
· New standardization Testing and Quality Certification (STQC) Labs in 10 states
· Training of 1.14 Lakh persons through 52 institutions under the Information Security Education and Awareness Project (ISEA)
· Allocation of 10 % Budget for Cyber Security in Central Ministries
· Challenger Grant for Cyber Security Start
· Issued a directive to all Ministries to appoint a CISO to monitor Cyber safety
To continue this journey, there is a need for education/training and develop inputs on security standards/practices for CISOs to make them aware of the security assessment tools to monitor cyber security preparedness of Government departments. Further, the frontline IT Staff requires continuous training to leverage security best practices.
Awareness of end-users on cyber security will be another important aspect, which needs to be addressed regularly.