Rahul Sasi, co-founder and CEO of cyber-security firm CloudSek, says big companies in India will increase their security budgets in 2023 while also pushing partners and vendors to invest more to guard against cyber attacks.
CloudSek, whose investors include Exfinity Venture Partners, MassMutual Ventures, Omidyar Network India and Kunal Shah-promoted QED Innovation Labs, recently released a report that said the number of cyber attacks on government agencies was up 95 percent year-on-year globally.
While the rapid pace of digitilisation and its large population makes the country more vulnerable to cyber attacks, India may also be targeted due to its growing economic clout, Sasi tells Moneycontrol in an interview. Edited excerpts:
With companies adopting hybrid work, do you think they need to remodel their data security systems?
As more companies adopt hybrid working models, remodelling their data security systems will likely become more important.
With employees working from different locations and potentially using various devices to access company resources, businesses must have secure and reliable systems in place to protect their data.
This may include implementing additional security measures such as multifactor authentication and virtual private networks (VPNs) to ensure that only authorised users can access company resources.
It may also involve implementing stricter data access and storage policies and regularly training employees in cyber security best practices.
Having said that, cyber security is such a dynamic field that the defence you have put together today won't be good enough for the future.
Hackers are constantly innovating to break the defence mechanisms. We recently observed that hackers bypass 2FA (multi-factor authentication) using stolen session cookies, for instance.
With companies spending a fortune on digital transformation technologies, there is now a greater risk of doing business in a hyper-connected world. Do you see a need for greater security measures in this context?
Yes, as companies increasingly rely on technology and the internet to do business, they are also exposed to a greater risk of cyber attacks. Digital transformation technologies can bring many benefits but they can also introduce new vulnerabilities that need to be addressed with appropriate cyber-security measures.
India has been one of the most vulnerable countries to fall prey to cyber attacks since the coronavirus pandemic. Why is India so fragile?
There are a number of factors that may contribute to India's vulnerability to cyber attacks. One factor may be the rapid pace of digital transformation in the country, as this has created new opportunities for cyber attackers to exploit vulnerabilities.
Additionally, India's large and diverse population means that there are many potential targets for cyber attacks and the country's relatively underdeveloped cyber-security infrastructure may make it more difficult to prevent and respond to such attacks.
It is also possible that India is specifically targeted by cyber attackers due to the country's importance as a major global economic player.
Having said all of the above—the primary reason you would see an increase in cyber-security incidents from India is primarily because of the recent CERT-IN regulation making it necessary for all companies to disclose any sort of security incidents to cert.
A similar disclosure is done with SEBI as well. So, it's not that the number of cyber attacks went up but rather the number of public disclosures.
How do you the cyber security budgets of Indian companies in 2023? There is a PwC study that indicates an increase in security budgets this year.
Cyber security is an important issue for businesses of all sizes and industries and it is a board-level discussion today. There will be an increase in security budgets for the coming year and there’s going to be a domino effect.
Large companies would be pushing smaller companies to invest more in security. Supply-chain attacks are rising; a supply-chain attack is when an attacker targets an SMS provider to hijack all the OTPs sent by a bank.
The SMS provider would be a small company whose services are used by the bank. Hence, banks need to have their vendors too safeguarded for security.
A CloudSek report talks about an unprecedented increase in cyber attacks targeting Indian government entities in 2022. What is the reason?
Cyber attacks in the government sector are not limited to financial gains; they are used to express support or opposition to certain political, religious, or even economic events and policies. The number of hacktivist groups has gone up in recent years.
A good example of that would be Opspatukwhich is a cyber activist operation that started in June 2022, driven by hacktivist group DragonforceMalaysia.
The operation was in response to a comment made by Bharatiya Janata Party (BJP) spokesperson Nupur Sharma. Dragonforce Malaysia, with the assistance of several other threat groups, indiscriminately scanned, defaced and launched denial-of-service attacks against numerous websites in India.
Small businesses across India have seen an increase in digital payments. This has posed a significant security risk. How can this be tackled?
Indeed, the increased adoption of digital payment methods by small businesses in India has the potential to expose these businesses to new security risks. These risks can arise from various sources such as malware attacks, phishing scams, and unauthorised access to payment systems.
To help mitigate these risks, small businesses in India can take a number of steps.
These include ensuring that all employees are trained in security best practices and are aware of the potential risks associated with digital payments.
Installing and regularly updating security software, such as antivirus and firewall programs to help protect against malware and other online threats will be an important step.
Use secure networks and devices when conducting online transactions and avoid the use of public wi-fi networks whenever possible.
Besides, implementing two-factor authentication adds an extra security layer to online accounts and transactions.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
