Eavesdropper: The key to security

By: |
Published: June 22, 2020 7:37 AM

A day before Australia, Amazon had announced that it was able to stave off a DDOS attack with a peak traffic volume of 2.3 tbps in February

australian cyber attack, cyber fraud, amazon, DDOS attack, china, Kaspersky, cybersecurity, work from home, cyberspace, cyber hygiene, Aarogya SetuA day before Australia, Amazon had announced that it was able to stave off a DDOS attack with a peak traffic volume of 2.3 tbps in February.

The Australian PM on June 19 announced that the country had come under cyber-attack from a state actor. However, China was quick to deny its involvement. A day before Australia, Amazon had announced that it was able to stave off a DDOS attack with a peak traffic volume of 2.3 tbps in February. Adistributed denial of service (DDoS) attack is akin to flooding a channel with so much volume from infected devices so that the service breaks down.

Such attacks are becoming common, and reports indicate that with the use of cyberspace growing more people are organisations are coming under attack. Globals security firm, Kaspersky, in a note on May 26 had stated that four in ten users in the Asia Pacific region had faced a situation where their private information was accessed without consent. A more recent study by CyberArk had highlighted that nearly 80% of employees used personal devices to access corporate systems, leaving them vulnerable and two-thirds were using services like videoconferencing and communication tools that had reported vulnerabilities.

While India has not reported any such attack, as of now, given the rising tensions with China, the country may soon witness escalated attacks, the kind Amazon warded off, and Australia is hoping too. That is also the reason that the term cybersecurity has become so ubiquitous. Work from home and the demand from companies for systems that aren’t vulnerable has put the focus back on cybersecurity.

Webinars are the most commonplace where such issues are discussed. Indian Future Foundation conducted one such event in association with UN Women. While the theme was more broad-based covering topics like Aarogya Setu and the need for data protection, the discussion mostly veered towards cyber hygiene.

Although the government was to come out with a National Cybersecurity Strategy, that hasn’t stopped people from contemplating what it shall entail and what it needs to. Besides, the discussion has gone past what the government must do, instead people are discussing what the companies need to do.

“A cybersecurity system and framework is ready. And, now there are enough models-subscription-based, security as a service, certifications to choose from. As long as you are doing business, cybersecurity is a cost which must not be ignored. Cybersecurity should be regarded as an input cost,” says Abhishek Singh, president & CEO, NeGD and MyGov, MeitY.

The companies may do all this to ensure users stay with the platform. But getting tech monopolies to bow may not be so easy. Zoom is a classic example.

But not everyone shares the view of a passive approach. Some, like Lt Gen Rajesh Pant, want to be more proactive. Lt Gen Pant last year took charge of National Cybersecurity Coordinator of the Indian government.

“Companies should spend at least 10% of their IT budget on security. Even if there are problems, there are enough services available online. Now, with work from home and increased online use it has to be done, there is little choice,” Lt Gen Pant says. Kanishk Gaur, founder, India Future Foundation has similar views.

“While SME’s in India focus on growth and adopt digital technologies to reach out to masses, they often ignore the security and privacy aspect. It’s vital SME’s look at aspects of trust by design, and spend atleast 5-7 % of overall tech budget on cyber security,” Gaur says.

One way, Lt Gen Pant suggests to bringfocus on cybersecurity, can be to include cyber audit as part of the financial audits, which are in any case is mandatory.

But before the government delves into this space, there needs to be an ecosystem in place. You would need certified cybersecurity professionals and standards. The cybersecurity strategy is expected to address this.

Once, infrastructure is in place, the government need not mandate audits. The market may take care of that, weeding out firms that do not comply with security norms. But, until then, India needs to start building a system. The costs are low, and cybersecurity firms are rising in numbers, so now may be a good time.

ishaan.gera@expressindia.com

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1Samsung announces all its Galaxy smartwatches will now be made in India
2Tinder introduces video chat feature in select markets; check what’s so special about the new feature on dating app
3Intel reveals Thunderbolt 4 technical details; here’s how it will affect data transfer and charging in devices