There has been a constant increase in the number of cyberattacks happening in India and other parts of the world including India’s power grid systems. The Government of India has been working on initiatives to educate and create awareness about the different aspects of cybersecurity and how to prevent a cybersecurity incident in order to achieve the goal of having safe, secure and open use of the digital environment.
Colonel (Dr.) Inderjeet Singh, Director General, Cyber Security Association of India (CSAI) during his keynote session at South Asia Digital Week 2022 India edition spoke about the norms and the government’s strategic initiatives and confidence-building measures for building comprehensive guiding tools for traditional and digital organisations, policymakers and other stakeholders.
“Every 11 seconds there could possibly be a new ransomware attack happening in some or the other organisation,” said Dr. Singh.
He further explained that cyberspace is changing and there is a paradigm shift and there are three major components in the world of cyberspace which include threats, targets and counters. The lines between cyber activists, criminals and state-paid hackers are becoming increasingly blurred.
Cybersabotage has begun to emerge in conflicts and cyber is an element that is present in all crises and wars. Important and critical industries are most vulnerable to cyberattacks. Several power grids’ security is being compromised.
“Currently, 16 industry sectors are defined as ‘Critical Infrastructure’ and 85 per cent of critical infrastructure is in private sector hands. Various trends are exposing the industry to increased risk for example interconnectedness of sectors, the proliferation of exposure and concentrations of assets. The critical infrastructure sectors include agriculture and food, dams, banking and financial services, defense industrial base, emergency services, energy, IT, and government facilities to name a few,” said Dr. Singh.
Preventing a possible breach can be done through capacity building and training of employees of the organisation. There are six major organisations that are being protected by the NPCI.
Dr. Singh further pointed out that cyberwarfare’s becoming increasingly common. The damage can affect the critical infrastructure, damages from espionage and DDoS can have far-reaching negative effects. Cyberattacks are getting more sophisticated, and complex to understand and defend against also due to their unpredictability, lack of disclosure and denials.
In order to prevent organisations from cyber incidents, it is important that organisations give the required training and spread awareness about the possible cyber incidents that could hamper the function of an organisation.
“Physical security is no longer an effective defence. It is crucial to deploy and integrate cyber solutions that protect user access, and databases and track the perpetrator,” added Dr. Singh.
Initiatives by the GOI
There are various initiatives that the Government of India is taking. One of them is Cyber Surakshit Bharat Initiative. The objective of this initiative is to educate and enable the CISO and broader IT community of central/state governments, banks, and public sector undertaking in order to address the challenges of cybersecurity in partnership with the industry.
“Key objectives of this initiative include creating awareness on the emerging landscape of cyber threats, providing an in-depth understanding on related solutions, applicable frameworks, guidelines and policies related to cybersecurity and others,” said Dr. Singh.
Training partners from the industry include Microsoft, IBM, Intel, PaloAlto and others. NIC, CERT-In and CDAC are knowledge partners from the Government side.
Another initiative is the National Cyber Exercise (NCX) which is being conducted by The National Security Council Secretariat of India as a hybrid exercise over a period of ten days from 18 to 29 April 2022 with the aim to train senior management and technical personnel of Government/Critical Sector organisations and agencies on contemporary cyber threats and handling cyber incidents and response.
Ajit Doval, KC, National Security Advisor, inaugurated the National Cyber Security Incident Response Exercise alongside Lt General Rajesh Pant, National Cyber Security Coordinator and Dr. Satheesh Reddy, Secretary DRDO.
