Hometechnology News

    Experts discuss measures to boost cybersecurity in a smart connected world

    Experts discuss measures to boost cybersecurity in a smart connected world

    Experts discuss measures to boost cybersecurity in a smart connected world
    Profile image

    By CNBC-TV18  IST (Published)


    The Forbes India Marquee panel discussion on 'prioritising cybersecurity in the digital era', at the Mastercard Payments Summit, discussed the importance of giving cybersecurity a priority and shifting the conversation out of the CIO’s office into the board room.

    In a world where everyone is going digital, cyber-attacks and hacks are unaffordable. However, it is a challenge that every stakeholder — the government, service and technology providers, experts, as well as the users will need to come together to tackle.
    The heads of IT and chief information and chief security officers of various firms came together at the Mastercard Payments Summit 2019 — Innovating NXT to discuss, debate and share their experiences. The Forbes India Marquee panel discussion on 'prioritising cybersecurity in the digital era', at the Mastercard Payments Summit, discussed the importance of giving
    cybersecurity a priority and shifting the conversation out of the CIO’s office and into the board room.
    Forbes India’s special correspondent Manu Balachandran, who moderated the discussion, highlighted the importance of data as the new oil and the need for corporate, government and individuals to secure it safely.
    The panel participants were Bibhu Krishna, Vice President and Head of IT Infra, PolicyBazaar; Sachin Jain, Group CIO-Global IT Operations and CISO, EvalueServe; G Narendra Nath, Joint Secretary, National Security Council Secretariat; Unique Kumar, Head - Digital Security, Digital Transformation, Enterprise Application, Max Healthcare; Anil Porter, Head-IT, InterGlobe Technology Quotient Pvt Ltd; Mayank Bhargava, CIO, DHFL Pramerica; and Tirthankar Dutta, Senior VP and Head of Information Security, Infoedge.
    In his opening remarks, Nath expressed the challenge of managing cyber-attacks. Despite new cyber-attacks on a daily basis, "We are at par with the rest of the world. That is what we can say in terms of the skill sets we have in our country, both in the government and the private sector," he said. However, he pointed out that it is a race that his department has to run each day, as the technology and hackers keep improving.
    Nath also explained that India has a cybersecurity act (2013) and is currently working on a cyber strategy. The stakeholder consultation is going on for the cybersecurity strategy 2020-2025. He also pointed out that India has signed memorandums of understanding (MoUs) with various countries on cybersecurity.
    Sachin Jain stressed on standards of compliance that businesses are required to follow for clients in other countries. "In India, the law is not clear (on data and security), there is a lack of awareness and enforcement is going to be the key," he said.
    Jain also pointed out that a lot changed with regards to the General Data Protection Regulation (GDPR) globally and India should catch up fast.
    Panelists emphasised the need for rules and regulations to ensure transparency and urged the government to work towards it. Bibhu Krishna said he also looked forward to more stringent policies and acts for cybersecurity from the government. "The current act needs to be implemented. At the same time, new ones should be introduced to meet the industry requirements," said Krishna.
    At a time when all hospital data is getting digitised, mobile apps are connecting people to doctors, and laws regarding online selling of medicines are also on the table, the panelists stressed the need for data security in the healthcare sector. "The security of patient's data is critical and needs to be safeguarded. A complete framework has to be in place. There is no single silver bullet to solve this," Unique Kumar pointed out.
    Anil Porter said the travel industry is probably the most digitised today. However, he averred that there is a need to develop a collective ecosystem in the country.
    The speakers also highlighted that globally, the regulations and penal actions ensure that corporates adhere to strict compliance on cybersecurity and privacy. "In India, there is a need for a strong regulator to enforce it," said Porter. If that happens, then India would be in a better position to face future cyber attacks.
    Responding to the industry's concerns, Nath agreed that India does not have a cross-sectoral regulator, which is effective. The financial and telecommunications sectors have a sectoral regulator. The effective role played by the regulator is reflected in a high level of compliance by the stakeholders in those sectors.
    The Reserve Bank of India and the Department of Telecommunications have stood up to the challenge and opportunities of the digital era, said Nath. "I hope the new cybersecurity strategy will examine the aspect of a cross-sectoral regulator," he said. The government is currently in talks with various stakeholders for a cross-sectoral regulator.
    Safeguarding data
    Krishna said there is a need for more awareness about technologies and cybersecurity amongst the corporates. "There is a need to understand that as we protect anything valuable in a physical world, we should do the same in the cyberworld," said Krishna. Further, he said that corporates should also develop a system of peer-sharing, to share information about cyber-attacks, which can ensure that the damage does not spread and can be handled well in the future.
    He also said that corporates need to upgrade their systems and processes with the help of experts. "This will help them get relatively early warning signs instead of a warning due to an accident — by a customer's complaint or a third party alert," Krishna added.
    Thirthankar Dutta believes that the human element in the security chain is the weakest link. "We should have an incident response manual for corporates. In the absence of it, managing the situation will be difficult," said Dutta.
    Jain pointed out that cybersecurity is more focussed on crisis management response and options, rather than just limiting it to budget. The organisations today understand that it is closely related to their insurance, business sustainability, credibility and growth factors.
    Nath stated that penal action and regular cybersecurity audits would be the right steps in the matter.
    The personal data protection bill is in line with GDPR, he said. For example, in the telecom sector, operators are not allowed to take data out of India.
    Porter feels that there is a need for constant awareness to keep individuals alert not only against cyber-attacks but also about the ways and means of how it all works. Nath responded saying that he believed that that cybersecurity should become a part of the school curriculum.
    "People, processes and technologies are critical and should be actively discussed and implemented," Kumar said.
    Next decade: It is all about cybersecurity
    According to Krishna, breaches are bound to continue and increase in volume in a digital world. Organisations and individuals need to be equipped to recover quickly.
    While Jain underscored the importance of governance and awareness mechanisms, Nath pitched for a multi-pronged, multi-dimensional approach.
    Mayank Bhargava stressed the need for making people aware of the risks and sharing real-life experiences and Kumar urged users to maintain basic hygiene in the digital world.
    Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
    arrow down

      Most Read

      Market Movers

      View All