Global cybersecurity is becoming more reliant on using advanced, more complex safety mechanisms to resolve vulnerabilities. Governments and businesses worldwide struggle to safeguard their data and networks and prevent future crises.
At the same time, cyber threats are becoming just as complex. With each new step in cybersecurity innovation, cyber threats also gain momentum, eventually posing major security challenges for governments.
The average cost of a data breach in India has reached a record high of Rs 17.6 crore (US$2.2 million) in 2022, as reported by IBM and the Ponemon institute. Things are no different in India, as the country has undergone an extensive cybersecurity shift.
According to a press release by the Minister of State for Electronics and Information Technology, Rajeev Chandrasekhar, Indian organizations have seen over 6.7 million cybersecurity incidents by June 2022, while just over 14 million were reported for the year 2021.
While these cybersecurity challenges affect organizations across the country, they may also pose a threat to India’s nuclear systems and endpoints – a risk of global proportions. A successful cyber infiltration could compromise the security of priceless data or even tamper with the security mechanisms of India’s nuclear plants and atomic research centers.
Indian governments and organizations must work together to implement better measures for safeguarding data and improve their cybersecurity policies. Otherwise, Indian business of all sizes risk devastating data breaches, resulting in revenue loss, workflow disruption, and reputational damage.
Read on to learn how Indian organizations can overcome industry challenges to address and mitigate the cybersecurity risks threatening their data security.
Which Cybersecurity Risks Threaten Indian Organizations and Businesses?
India is improving its cybersecurity regulations and laws, to stay on par with the rest of the world. The country has invested in building robust cybersecurity safeguarding methods in business and finance, education, healthcare, as well as news and entertainment.
Hackers can threaten organizations and exploit vulnerabilities in their security systems with sophisticated cyber sabotage using viruses, malicious code, trojans, worms, and even by infiltrating physical perimeters.
Cyber criminals can also use blended cyber attacks to target and penetrate multiple endpoints and networks at the same time. Moreover, they launch small-scale attacks as decoys to set up even more powerful cyber attacks.
These cyber threats are usually a result of ongoing data breaches, phishing attempts, and fraud, where compromised information ultimately ends up sold on the dark web.
The COVID-19 Pandemic and Cybersecurity Issues
Certain deficiencies in India’s cyber infrastructure were particularly exposed during the pandemic in 2020, as organizations and businesses turned to work- from-home (WFH) models.
These issues were particularly prevalent in the Indian health sector, a major target during the pandemic, when thousands of COVID-19 test results were leaked in January 2021.
The most common cyber crimes during the pandemic were ransomware attacks and phishing scams, in which bogus emails are disguised as harmless links or files. These trending mails offered eye-catching information with subject titles related to COVID-19.
Around February 2021, a cyberattack on the data servers and systems of India's national airline service provider, Air India, resulted in the leakage of 4.5 million passengers’ personal data, passports, credit cards, and ticket information from all around the world.
According to a survey by Barracuda Networks, an IT security firm, over 66% of Indian businesses have suffered at least one data breach since March 2020.
In April 2021, Domino’s Indian pizza chain suffered a massive data breach in which the credit card data of 1 million Domino’s India’s customers was compromised and put up for grabs on the dark web. Allegedly, 13TB of customer data and sensitive details — including names, email addresses, contacts, and GPS coordinates — was leaked, as well as the personal data of over 250 employees.
Residual Cyberattacks From the Russia-Ukraine War
Indian enterprises and businesses are also intimidated by cybersecurity attacks resulting from the Russia-Ukraine conflict, which would constitute “residual cyberterrorism” amid geo-political disruptions.
Indian businesses are proactively stretching their cybersecurity measures in response to the increasing threat of state- and nation-sponsored attacks posed by the Russian-Ukraine crisis.
The Russian/Ukrainian conflict has propelled global cyber warfare to new heights, meaning no country is safe from the risk of collateral damage. Take for instance, the Petya ransomware attack of 2016 and NotPetya of 2017.
How Data Breaches and Ransomware Threaten SMBs in India
According to a CISCO study, the cost of cyber attacks against 62% of Indian startup businesses and SMBs (small and medium businesses) has reached ₹3.5 crore (over US$430,000). These cyberattack damages also outweigh the cost of investment solutions for mitigating cyber attacks.
Both SMBs and major business sectors typically face cyber threats like ransomware, sensitive information theft, and point-of-sale malware attacks.
Ransomware is a type of malware that encrypts a user’s files or access to their system until they pay a certain amount of money. This is common in SMBs, as these businesses don’t typically have security awareness, cybersecurity knowledge, or the means to avert and deal with such threats.
IDC’s 2021 Future Enterprise Resiliency and Spending Survey found that ransomware incidents had risen in 83% of businesses in India, while only 21% of businesses in Asia/Pacific saw a rise in cybersecurity incidents.
These staggering statistics are encouraging Indian enterprises and small businesses to reconsider their approach to cybersecurity.
What Is the Indian Government Doing to Prevent Cyber Crime?
According to a 2019 press release by the Press Information Bureau of the Government of India for the Ministry of Home Affairs, the Indian government has been attempting to take the right steps towards stronger cybersecurity for all Indian sectors, businesses, and organizations.
The report includes guidance for:
- Establishment of the National Critical Information Infrastructure Protection Center (NCIIPC) for the protection of critical information infrastructure in the country.
- Mandating organizations to report cyber security incidents to CERT-In.
- Conducting regular cyber security simulations, drills, and exercises in the Indian government and other critical sectors to form a better cyber security posture and preparedness.
- Spreading awareness about cyber crimes, capacity building, and regular training programs for network and sysadmins, as well as Chief Information Security Officers (CISOs), to improve the safeguarding of IT infrastructure.
- Improving cyber forensics to speed up cyber attack investigations.
Additionally, the Indian Government has launched www.cybercrime.gov.in, an online portal for reporting cyber crime. Any Indian civilians, law enforcement agencies, businesses, or organizations can file complaints about various cyber crimes.
The Central Government also implemented a framework for the establishment of the Indian Cyber Crime Coordination Center (I4C), which is tasked with handling cybercrime issues in a “comprehensive and coordinated manner.”
The New CERT-IN 6-Hour Cyber Reporting Policy
In April 2022, the government introduced a new guidance, ordering organizations to report any detected cyber incidents or data breaches to CERT-IN (Indian Computer Emergency Response Team India) within a six-hour deadline.
Though these strong mandates were supposed to relieve cybersecurity efforts, the new directions sparked controversies amongst Indian businesses and stakeholders, as they argued that the narrow six-hour deadline is not enough for a proper cybersecurity incident analysis.
This is contrary to CERT-EU, wherein the EU’s GDPR (General Data Protection Regulations) mandates that European organizations should report cybersecurity incidents within 72 hours — just enough for a detailed report.
Why VPNs Pulled Their Operations in India
Entities and organizations covered by the rules are forced to maintain IT and communications logs of all ICT systems for 180 days.
The problem with this is that Virtual Private Network (VPN) service providers have a strict no-logging policy, causing many VPN operators to pull their business operations in India.
VPN providers speculate that these new strict norms may cause more harm than good, through significant privacy issues, and larger-scale data loss incidents and data breaches.
How Can Indian Businesses and Organizations Mitigate Cyber Security Threats?
Despite the government’s measures, cyber crime still runs rampant, as India is constantly facing serious DDoS (Distributed Denial of Service) attacks, phishing, spoofing, credit card, and online transaction fraud.
To solve this ever-increasing issue of cyber threats and reduce cybersecurity risk in India, there are many different methods, approaches, and steps to be taken not only by IT experts but by all staff members of organizations and businesses.
Here are 8 essential strategies and proactive measures that any Indian business can take to prevent cybersecurity threats and mitigate cybersecurity incidents:
1. Create Strong Passwords
One of the most fundamental steps in improving an organization's cybersecurity posture is implementing strong passwords and credentials in their systems.
Weak passwords are responsible for 80% of data breaches in companies. With the advances in password cracking technologies, hackers are able to exploit even the smallest gaps to guess, predict, and crack organizations’ passwords in order to gain access to their systems.
Indian organizations need to have passwords that:
- Contain at least nine characters;
- Contain alphanumeric characters;
- Don’t contain any personal info;
- Are unique and have not been used previously.
Moreover, organizations should discourage password-sharing practices among staff members to reduce insider threats.
Indian organizations with bring-your-own-device (BYOD) policies should also advise iOS users to enable the Security Recommendations feature for an overview of their password hygiene.
2. Deploy Multi-Factor Authentication
According to a 2020 Microsoft report, Indian organizations are investing more heavily in integrated security solutions, such as multi-factor authentication, in response to the pandemic’s volatile threat landscape.
Multi-factor authentication (MFA) is a key security mechanism within a zero-trust architecture. MFA adds an extra layer of security to corporate accounts in the event employee credentials are compromised.
Users must enter an additional factor of authentication, e.g., a one-time password or code from an authenticator app to successfully log in.
Even if a hacker has an employee’s username and password, they aren’t as likely to have access to the additional authentication factor.
3. Encrypt Data
Data encryption is crucial to improving Indian organizations’ IT infrastructure security and plays a major part in security risk mitigation strategies.
Instead of saving their data in a text format, Indian organizations must ensure their sensitive data is encrypted. Encryption renders data unreadable, preventing bad actors from compromising sensitive information even if they gain unauthorized access to internal systems.
4. Create Backups
Creating regular weekly or monthly backups is also an important method of safeguarding information.
With effective back-up practices (like the 3-2-1 rule), organizations can both safeguard their data and prevent complete data loss if a security incident occurs. Data loss is a
The 3-2-1 rule is a backup strategy that advises having three copies of crucial data, with two of the same backups being stored on different hard drives in separate locations, and one in an offsite location that’s not connected to the other two in any way.
5. Regularly Update Systems and Software
In August 2022, the Indian government issued a high-priority warning for Windows users, asking them to update their devices immediately. The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology (MEITY), alerted that the new Windows operating systems have a severe vulnerability and advised users to update their systems to the newest patches.
Additionally, in September, Microsoft added new patches in their updates that resolve over 60 vulnerabilities to their systems, including two zero-day flaws, five critical vulnerabilities, 57 high-priority vulnerabilities, and one for moderate and low-priority bugs.
These events are crucial reasons why Indian organizations should take software and system updates seriously. Regular, if not monthly, updates are required to keep cyber security and digital security standards to date.
Not only do regular OS system updates have new features for better workflow, but they also resolve crucial bugs and security flaws that may be exploited by bad actors who use malware codes to effortlessly exploit these vulnerabilities.
Organizations can invest in a patch management system that can help with regular and automatic updating of their systems. A complete attack surface management solution, like UpGuard, continuously monitors for third-party software vulnerabilities which are exposing organizations to cyber threats.
6. Install Firewalls
Indian organizations have the option to use firewalls to better defend their networks from cyber attacks. Reliable firewall software can improve security and protect your systems from brute force attacks and prevent irreversible damages from cyber security incidents.
Additionally, Indian organizations can use firewalls to:
- Monitor their network traffic;
- Promote and encourage better data privacy policies;
- Detect and identify suspicious activity;
- Prevent complex spyware from unauthorized access to systems.
7. Manage the Attack Surface
The attack surface includes all the hardware, software, SaaS services, and cloud assets that are accessible from the Internet that process or store an organization’s data.
Attack surface management (ASM) involves the continuous discovery, inventory, classification, prioritization, and security monitoring of these assets.
Organizations use this visibility to identify cyber threats that could facilitate data breaches and data leaks. Additionally, organizations may also use automation to effectively visualize and manage their attack surfaces.
Capable ASM solutions, like UpGuard, automate the five main steps of attack surface management:
- Asset Discovery;
- Inventory and classification;
- Risk scoring and security ratings;
- Continuous security monitoring;
- Malicious asset and incident monitoring.
8. Manage Third-Party Vendor Risks
Many Indian organizations rely on third-party vendors to perform critical business functions. However, vendors don’t necessarily follow the same strict compliance requirements as highly-regulated industries, like healthcare and finance.
Supply chain attacks and third-party data breaches are an increasingly common occurrence worldwide. Sub-par cybersecurity standards expose your organization to threats originating from the vendor network.
To properly address third-party risks, Indian organizations must implement an effective Vendor Risk Management (VRM) program which can provide security teams with critical insights into vendors’ security postures.
Advanced VRM solutions, like UpGuard, automate the critical Vendor Risk Management processes, such as:
- Performing risk assessments before onboarding vendors to determine if their levels of risk are worth taking on;
- Continuously monitoring the third-party attack surface for cyber threats and vulnerabilities affecting your vendors;
- Tiering vendors based on their level of risk and business impact to prioritize remediation efforts;
- Regularly assessing vendors’ regulatory compliance throughout the lifecycle with routine security questionnaires.