Cyber Security:Where does India stand on the grid?

Adhya Dagar
4 min readJun 28, 2018

--

The orange hues that swept India on the dawn of 26th May 2014 brought with them a government ready to implement new reforms, a prospective 7.7% growth rate, demonetisation, GST and sundries.

Along with powerful and revolutionising Digital India Initiative what our government failed to recognise and realise was the need to protect data that over 460 million Indians were sharing on the Internet.

On 4th Jan 2018, the guardian reported that the personal information of more than a billion Indians stored in Aadhaar-the world’s largest biometric database can be bought online for less than £6, according to an investigation by an Indian newspaper.

Aadhaar has access to the photographs, thumbprints, retina scans and other identifying details of every Indian citizen.This document can be used to obtain various government subsidies and avail government schemes such as free meals.

Around 3.24 million records were stolen, lost or exposed in India in 2017, according to Breach Level Index study by digital security firm Gemalto. The past 5 years have experienced nearly 10 billion records that have been lost, stolen or exposed. The industries that experienced the largest number of data breach incidents were government (28%), retail (21%), education (17%) and healthcare (7%).

Indian security laws and negligent counteractive measures have not really helped to wither away this murky cloud of data breaches and violation of privacy rights.Lack of stringent privacy regulations can hamper the scope of potential business opportunities destined to come India’s way.

Is the Indian IT Ministry levelling up to its foreign counterparts?

GDPR:The European Union’s scrupulous data protection framework has come into affect in full swing 25th May onwards and is already leading EU and its consisting members states to a safe, secure and trusted environment.

To climb up the ladder in this ‘information age’ India is stepping up its game.The bonhomie between big tech and advertising behemoths and its Indian consumers and target audience is about to take an unprecedented turn.

Cyber-security laws in India or the lack of them haven’t been revamped since 2000 and what is popularly known as the Information Technology Act, 2000 is in line to get a new facade.

The IT Act was enacted to give “legal recognition for the transactions carried out by means of electronic data interchange and other means of electronic communication.” Howsoever there is no mention of protection of rights of data objects and a lot of terms and definitions have been given a pass.

As both the public and private sectors are heavily invested in collection and processing of personal and highly sensitive data it is important to mitigate the harms that are ensued by harnessing information in this digital economy.

In the light of the digital revolution a White Paper has been drafted by a Committee of Experts under the Chairmanship of former Supreme Court Justice Shri B N Srikrishna to study various issues relating to data protection in India and make specific suggestions on principles to be considered for data protection.

Circling around the objective to “ensure growth of the digital economy while keeping personal data of citizens secure and protected this bill has been drafted to solicit public comments on what shape the new data protection law must take.”

A sneak peak into this 243 paged labyrinth revealed drastic changes in how data is to be viewed and processed.

Matching to the international norms-consent, child’s consent, grounds of processing, individual participation rights, data breach notifications, scope and exemptions have been distinctly stated and to be deliberated upon.

Once Data Protection Law is imposed,Indian organisations in lieu of lagging behind in the race to achieve accountability will be at par with their respective counterparts.

Is the Indian Cyber-Security market getting redefined?

India Inc. reported that we are facing a scarcity of cyber security professionals.Salaries offered at the leadership level have increased by 25–35% over the past year.

Cyber attacks and nefarious hacking techniques are the reason why even smallest of the firms are convinced to revisit their cyber security architecture and ready to hire talent with packages ranging from rupees 2–4 crores.

The traditional Indian tech market has been dominated by data scientist, data analysts, backend developers etc. but with Modi Government’s push for digitalising services, demand for cyber security experts have reached an all time high.

The job profiles which will be listed under the ‘to hire’ list of companies in cybersecurity include information risk auditors, firewall and security device development professionals, security analysts, intrusion detection specialists, computer security incident responders, cryptologists, vulnerability assessors, lead security architects and chief information security managers.

All this said, it is high time we ring in measures to attenuate these threats and vulnerabilities and train experts at top leadership roles about the changing scenarios.

Aadhaar is handling sensitive data related to more than 1.32 billion Indian citizens and is under prying eyes of malevolent attackers .

India’s approach to securing zettabytes of information has to be rethought and the country must strive for data protection.

//The stats used have been taken from other sites.

References:https://economictimes.indiatimes.com/magazines/panache/facebook-security-breach-why-india-is-still-nowhere-near-securing-citizens-data/articleshow/63519096.cms

--

--