Cybersecurity in India: situation report and future strategy

2020 and 2021 have seen a massive rise in cyber-attacks in India. Our country’s large attack surface has presented an attractive target to malicious actors, and they have attacked in huge numbers. With major data breaches in the news and the continuing COVID-19 emergency to manage, what should India be doing about cybersecurity?

The cyber threat numbers in India have been quite alarming over the past 18 months. According to India’s Computer Emergency Response Team (CERT-In), the country was subjected to over 600,000 cyber-attacks in the first half of 2021. Kaspersky found that brute-force attacks against remote desktop protocol (RDP) in India increased from 1.3 million in February 2020 to 3.3 million in March 2020 as Indian workers began mass working from home (WFH). The attacks continue to grow: in July 2020, India reported its highest monthly number of attacks ever, at 4.5 million. By February 2021, we were up to 9 million attacks.

It’s a daunting situation, and one that we must address as a matter of urgency. According to a recent report by the International Institute for Strategic Studies (IISS), India has made only modest progress in developing cybersecurity policies. And this is despite some high-profile attacks: earlier this year, an Indian aviation company was the victim of a major cyberattack and data breach, which affected around 4.5 million customers. A fast-food company in India found 13TB of its customers’ data had made it onto the dark web. A payments firm experienced a data breach that dumped the personal data of 3.5 million users onto the dark web, around 8.2TB of it. The list goes on.

Legislation needs to be robust

In times like these, having robust legislation in place to defend institutions and organizations is essential. Legislation that can deal with user data breach cases or legal penalties that punish those responsible for attacks is a must-have. India has The Personal Data Protection Bill in progress, which is designed to address data breach cases, and other similar legislation must be developed. Threats continue to grow in size and significance: according to Cybersecurity vendors, an Indian organization is attacked on average 1,738 times per week in 2021, compared to 757 attacks per organization globally. The most commonly-targeted industries in India are education/research, government, insurance, manufacturing and healthcare. Earlier this year, hackers even targeted the systems of COVID-19 vaccine manufacturers. There is increasing evidence of state-sponsored actors launching targeted cyberattacks on other countries’ power distribution and utilities infrastructure, causing large-scale economic disruption.

Protecting the enterprise

The cyberthreat landscape is changing rapidly, as malicious actors seek to take advantage of changing work practices and new IT processes. And while enterprises have done their best to strengthen security over the years, it is not always simple to keep pace with the evolving threat landscape, particularly with IT budgets often being squeezed.

However, there is a range of processes and digital tools that can be deployed at the enterprise level to make systems and data more secure. Organizations need to face up to the challenge themselves and ensure cybersecurity systems are up to the task and able to pre-emptively address attacks before they become major incidents. An intelligence-led approach to security is an advisable move, and the traditional practices of employee training programs and awareness remain valuable.

Orange Cyberdefense uses a five-step approach, based around key pillars of anticipate, identify, protect, detect and respond. Anticipate to be as informed as possible about potential threats; identify potential vulnerabilities; protect with cybersecurity solutions and tools; deploy managed threat detection; and respond to any cyber incidents immediately and 24/7 to help mitigate any impact.

The secure access service edge (SASE) model is attracting attention as an effective way to streamline security. In essence, SASE is a mindset, rather than a single product. SASE transfers multiple web, cloud, data, and threat protections to security services located at the edge of your WAN, close to where your users are.

SASE redefines the traditional perimeter, replacing on premises cybersecurity systems with integrated cloud services and creates a single platform that applies unified security policies on a per session basis for granular security control. SASE gives you a unified network security ecosystem that lets your users access services securely and consistently from anywhere and helps protect you against cloud and web attacks like phishing, malware and ransomware.

Flexible identity authentication is another highly useful tool that can dramatically reduce the risk of attacks succeeding. Passwords are often leaked or hacked and subject to human error, so implementing multi-factor authentication (MFA) combined with single sign on can improve your security. Flexible applications access is another sensible move, particularly given that due to the pandemic, your employees can work from anywhere (WFA) now. A secure remote connection that enables employees to work securely from wherever they choose using an encrypted tunnel is a smart choice.

An expert cybersecurity partner is essential

These solutions fall under the umbrella of Orange Cyberdefense cloud security solutions. Cloud is now at the heart of digital innovation, and it has helped support organizations through the disruptions of COVID-19. Cloud is also set for rapid growth in India, with IDC forecasting growth at a CAGR of 22% between now and 2024. Orange Cyberdefense helps organizations secure access to the cloud and container environments with a comprehensive cybersecurity portfolio.

In India we also have an Orange Cyber Security Operations Center (CyberSOC), which is on hand to assist our customers with cybersecurity expertise 24/7. We also stay on top of all the latest threats and emerging risks via the Orange Security Navigator 2021, our regular report that leverages our expertise to give our partners and customers the “big picture” on cybersecurity. Despite the rapid rise in cyber-attacks in India, the shortage of skilled cybersecurity professionals in India is 9% higher than the global average: basically, Indian companies are trying to defend themselves with a shortage of skilled cybersecurity professionals. There has never been a more vital time to work with an expert cybersecurity partner.

If you would like to talk further about cybersecurity, the issues discussed in this blog, or any digital transformation issues in India, please contact me.

Saurabh Sanghoee
Saurabh Sanghoee

Saurabh Sanghoee drives the Orange Business “Network-Native Digital Services company” strategy in India. He has over 25 years’ experience across various disciplines in the ICT industry, and Saurabh is passionate about simplifying digital journeys for enterprises. He has represented Orange at various national and international forums as a speaker on topics covering digital disruption, cloud, collaboration, IoT, networks and security. Saurabh has a degree in engineering with a specialization in telecommunications.