Building Cyber Resilience: India's Integrated Cybersecurity Approach

Cybercrime has shifted from trivial online crimes to election meddling orchestrated by state-sponsored actors, large-scale ransomware attacks, and cyber espionage campaigns. Current cyberattacks can cripple business operations. In addition, there has been a rise in cybercriminal activity targeting critical national infrastructure, such as power grids and hospitals, which often puts people's lives in danger.

Raj Sivaraju, President, APAC, Arete shared his thoughts around breaches, cyber threat evolution, and the future.

Significant data breaches

Last year, data breach allegations surrounding a leading Indian platform that allegedly resulted in the worst cases of data leaks (though the company denied the claim) came under the Reserve Bank of India's (RBI's) scanner. The mere thought of approximately 9.9 crores consumer data breach sent the nation into an unprecedented frenzy. However, this isn't the first instance India's cybersecurity vulnerability has been exploited, nor will it be the last. Below are some significant data breaches seen from last year till June 2022.

Oil India Ltd. – Ransom of ₹58 Crore

Between October 2021 and April 2022, the government-owned oil & gas extraction company Oil India Ltd. reported cases of cyberattacks. It also found a ransom note on one of the infected computers, demanding $7,500,000 (approximately ₹58 crores).

Razorpay – Lost ₹7.3 Crores

Online payment gateway Razorpay said hackers stole ₹7.3 crores worth of funds in 831 transactions over three months. According to media reports, "an unauthorized actor(s) with malicious intent" manipulated the authorization process of the gateway to authenticate these transactions.

PNB - 180 Mn PNB customers exposed

In November last year, a cybersecurity firm alleged that the personal and financial information of nearly 180 Mn PNB customers was exposed for seven months.

Air India – 45 Lac Passengers Data Hacked

A sophisticated hacking attack on Air India's passenger service system provider SITA resulted in the theft of the personal data of around 4.5 million passengers in February 2021. Frequent flyer data and credit card data were affected due to the breach.

Similarly, a Cisco report last year stated that Some Indian SMEs lost up to INR 7 Cr in cyber-attacks between September 2020-September 2021.

How Have Cyber Threat Actors Evolved Over the Years?

Frequent cyberattacks on companies with enough resources to have adequate cybersecurity measures in place prove that, over time, cyberattacks have magnified not only in size and scale but also in sophistication. In addition, threat actors are becoming more creative and resourceful in carrying out such attacks. According to the India Ransomware Report by Cert-In, there is a 51% increase in ransomware incidents reported in 2022-H1 compared to the previous year <2021>.

• CERT-In reported that 14,02,809 and 6,74,021 cybersecurity incidents were observed during the years 2021 & 2022 (up to June), respectively.

• CERT-In has conducted 67 mock cybersecurity drills to assess system vulnerabilities and ascertain critical sectors' preparedness.

• The government, via the National Critical Information Infrastructure Protection Centre, is aware of all critical information infrastructure that requires protection.

Companies should focus on excelling at cyber resilience in alignment with business objectives/strategies to achieve better/profitable outcomes and desired return on cybersecurity investments. Businesses also need to adopt cooperative cybersecurity approaches to make headways in the cyber resilience future.

What Is the True Essence of Cyber Resilience?

As security professionals and regulators, it might be entirely out of our hands to stop cyberattacks altogether, but we can take measures to mitigate the impacts of such breaches. While the first goal of cybersecurity is to prevent attacks from happening, at the same time, it is crucial to identify such violations on time. If identified, steps can be taken in time to stop the breach from escalating and ensure that the enterprise can recover quickly, with minimal loss. This is where cyber resilience culture in an enterprise plays an essential role. The aim is to ensure that even in the face of a cyberattack, a cyber-resilient security perimeter ensures that the subsequent damages are inconsequential.

Smart Investments Today, Safer Tomorrow

The global pandemic forced companies worldwide to move their offline base to online platforms overnight. Naturally, this left a massive number of security issues unaddressed. If cyber criminals identify even a whiff of some vulnerability, they want to exploit it. On the other hand, as the race for shifting workload on cloud is picking up pace, companies are working strenuously to have the edge over competitors. But, given that the cybersecurity process forces them to pause and mull over questions like, "who will have access to the data?" businesses are inclining towards skipping it entirely as it delays their progress.

However, security measures must be built-in from the beginning while migrating to a cloud network. If not, the relevant business is open to exposure and thus can be attacked by cybercriminals, resulting in massive losses. According to an IBM report, the average per capita data breach cost has increased by 10.3% from 2020 to 2021.

Plan To Achieve Cyber Resilience? Collaboration Is the Key

As an organization, if you value cyber resilience, a collaboration between security, business, and project teams has to be in tandem to provide best-in-class information security. In a company, if the business team faces cybersecurity-related challenges, the concerns should be immediately conveyed to the security team within the organization. There should not be any hesitation or competition regarding cybersecurity measures. The focus should be on ensuring complete transparency.

Moreover, company leaders should be in constant communication without any barriers. The CISOs should have direct access to CEOs and CFOs and vice-versa. Apart from the steps mentioned earlier, organizations must ensure that cybersecurity measures are extended beyond the concrete walls of a company. According to several reports, though 67% of businesses believe that their company ecosystem is secure, they are susceptible to indirect (supply chain) attacks, which continue to grow. This proves that to attain 100% security against cyber threat actors, companies need to cover all their bases, internal and external.

Future Prospects: At a Glance

As the world is moving towards complete digital transformation, companies must take absolute cybersecurity measures to ensure there aren't any breaches or loss of customers' trust. Therefore, building a cyber-resilient workplace is of utmost importance. As an entity, your goal should be to protect the company's sensitive information, detect potential malicious activities, and evolve pertaining to ever-changing industry demands.

Remember, cybersecurity is no longer a 'good to have’ thing. It has reached absolute necessity. It is your responsibility to ensure that the trust consumers have in your enterprise is not compromised. As a company, you must work together to reach a cyber-resilient place, as cybersecurity is no longer the responsibility of just the security department but every single player in the organization.