Prime Minister Narendra Modi has described cyber-related threats as a global risk to bloodless war, while Home Minister Rajnath Singh calls it the biggest challenge for India.
Experts also say India is particularly vulnerable, including its businesses. Shree Parthasarathy, partner, Deloitte in India, told IANS that though the Indian government and regulators have demonstrated significant focus on cyber security, more attention is needed on strengthening the initiatives to address growing challenges in the area. Excerpts from the interview:
Q: What are the current trends in cyber threats and security issues for businesses and industries in India, and the risks to the country?
A: The risks are enormous for businesses of all sizes and in all industries -- ranging from reputational, operational and financial risk to the potential for significant market disruptions due to systemic risk. Despite these realities, many organisations are not prepared for the challenge. In fact, many lack the internal knowledge, tools and resources to effectively combat today's increasingly complex threat landscape.
More From This Section
Q: How prepared are the government and regulatory policies in India to deal with these issues, compared to the global standards?
A: The Indian government and regulatory bodies have demonstrated significant focus on cyber security and several initiatives have been launched, implemented or under implementation. But focus should be on strengthening these initiatives to address growing cyber challenges and ensure effective implementation in line with global standards.
Q: What kind of research work goes on in India to combat cyber-crime?
A: Cyber security research in India is multi-dimensional. It is supported by academia, start-ups, research and development centers of Indian and global organisations and central government-led institutions. There is a definite need of increasing the academic focus on cyber security to incubate skills and nurture research talent to support growing industry. Deloitte CIC (explained below) focuses on threat intelligence and analysis, threat research, malware analysis and cyber forensics capabilities.
Q: What is the percentage of cyber security breaches in India and how much of it is serious crime?
A: Reporting of security breaches remains a challenge world-wide and in India, there are varying reports on statistics of security breaches and could not be confirmed or quoted.
Q: Is there any legal obligations on Indian companies to notify the breach of cyber security to any government or self-regulatory agency? If no, why?
A: No! But it is recommended that Indian companies and institutions notify CERT-IN (Indian Computer Emergency Response Team) in case of any breach of cyber security. There is a need to empower nodal agencies, and enable and enforce regulatory framework. There is also a reporting requirement. At the same time, it is also required to build confidence towards sharing information and its benefits for reporting enterprise or institution.
Q: What is the importance of the newly expanded Gurgaon Cyber Intelligence Center (CIC) to overall cyber risk practice of Deloitte?
A: The newly expanded Gurgaon Cyber Intelligence Center (CIC) is a strategic decision to enhance the overall capabilities of cyber risk practice of Deloitte. It significantly adds to Deloitte's capabilities to provide on-demand, managed and shared services and will help to provide specialized services in advanced threat correlation and analytics, threat intelligence and analysis, and incident forensics -- in addition to standard managed services offered by Deloitte CIC.
Q: Will this new centre work with other existing Deloitte CICs globally (US, Japan, Spain, Australia and Canada)? What are the best practices it is going to adopt from other global centres?
A: India CIC is part of Deloitte's global network and it collaborates and contributes to cyber risk services delivered globally. The India CIC is connected with other CICs and threats are analyzed, shared and expertise is leveraged globally to support our client in India.
(Aparajita Gupta can be reached at aparajita.g@ians.in)