“coming down hard
on my employees
would have led us
nowhere.”
Arun Tiwari, former chairman & MD,
Union Bank of Indiamillion faced by Bangladesh Bank in
February 2016 led to a loss of around
$63 million by the time the bank
realised and responded to the attack.
No, the drama is real.
And it is the result of progress.
The irony is not lost on anyone,
particularly technopreneurs and
experts who know just how large the
threat is. Mark Anderson, president
of Palo Alto Networks, a $1.4-billion
network and enterprise security
company based out of Silicon Valley,
points out that over the years, the
cost of carrying out a successful
cyberattack has dropped to almost
nothing. “You can buy a cheap
computer and copy a code script
made available on the dark web by
other criminals,” Anderson told
reporters recently. “Consequently,
the number of successful attacks
has risen dramatically.”
Perpetrators of cyberattacks range
from state actors to individual thieves
looking for money or data that can
be monetised, and even hackers out
to merely prove a point. Take for
instance Russia, which is alleged
to have interfered in the 2016 US
presidential elections that brought
Donald Trump to power; or North
Korea, which was reported to have
hacked Sony Pictures Entertainment,
miffed with the depiction of its
supreme leader Kim Jong-un in a film
(The Interview) produced by them.
Closer home, increasing online
retail, the government’s efforts to
create a cashless economy (especially
post demonetisation), and the
growing number of computer and
smartphone users in a country of
over 1.2 billion people are making
India a more connected nation.
That automatically also makes it
more vulnerable to cyber threats.
But here’s the good news:
According to the 2017 edition of the
Global Cybersecurity Index (GCI)
released by the United Nations
International Telecommunications
Union, India ranks 23rd out of 193
countries in the world. The GCI puts30 | forbes india August 4, 2017India in the bracket of ‘Maturing’
countries that have “developed
complex commitments, and engage
in cybersecurity programmes and
initiatives,” according to the report.
That the country ranks ahead
of superpowers like Germany is a
positive for its digital fortress, but
the strength is relative. The fact
remains that many devices in India
are afflicted with malware. Another
report by SophosLabs, a cybersecurity
products and services company,
says that India is fifth-most prone to
cyberattacks due to malware, after
Algeria, Bolivia, Pakistan and China.
In May, organisations across
the world, including India, were
wary of a ransomware attack
christened WannaCry that hit
computers belonging to, among
others, the Andhra Pradesh police
and some state utilities in West
Bengal. This was followed by
a similar attack called Petya in
June, which impacted operations
at a terminal at the Jawaharlal
Nehru Port Trust in Mumbai,
operated by AP Moller Maersk.In a ransomware attack, malicious
emails are used to plant malware in
computers connected to a network,
in a bid to gain control over them.
These systems and their contents are
locked down (through encryption)
by the attackers, who demand money
(in the form of bitcoins) to release the
decryption key to victims. According
to Kaspersky Lab, a multinational
cybersecurity firm, India was the
third-largest target of WannaCry with
around 50,000 systems infected.
It is easy to see why cybersecurity
is no longer the sole purview of a
company’s IT team, but part of the
board-level agenda. In the India cut
of KPMG’s Global CEO Outlook 2017,
which surveyed 131 Indian CEOs, 53
percent of the respondents agreed
that their organisations weren’t
fully prepared for a “cyber event”,
and an overwhelming 89 percent
were comfortable with the degree
to which mitigating cyber risks was
now part of their leadership role.
“Cyber security is a concern all over
the world and we take it very seriously
as well,” Adi Godrej, chairman of
the Godrej Group, tells Forbes India.
“The advantage of ensuring a robust
cybersecurity policy is that it keeps
cybercriminals at bay from even
trying to attack your system, because
there is time and effort in doing so
involved at their end as well.”
Clearly, cybersecurity is no longer a
choice. “It is a must for every company
to ensure business continuity,
information confidentiality, integrity
and availability in the increasingly
digital ecosystem,” says Vimal
Kejriwal, CEO and managing director
of KEC International, the engineering
arm of RPG Enterprises. Kejriwal
says KEC is currently executing
projects across 37 countries, and
digital technologies are relied on
considerably to exchange information
between sites. “We are participating
in more and more reverse auction
as we bid for projects. We are also
leveraging e-procurement in dealing
IndranIl BhoumIk / mInt vIa Getty Ima with our suppliers. Maintaining
Ges
Cover Story / CyberSeCurity