Making India Aarogya In Cybersecurity
To say that India’s digital transformation is akin to a modern-day fairy-tale would not be far off the mark. The country, which had barely 7 million internet users in 2001, is today home to over 503 million people actively accessing – making it the world’s second-largest internet user base, ahead of developed economies such as the US and behind only China. Many organisations have adopted the new normal and are practising effective cybersecurity force, where cyberattacks impact some of them and most affected are the digital services.
Going mobile: How India is becoming an increasingly digitally driven economy
Smartphones have, without a shred of doubt, been the vehicle of India’s rise as a digital-first nation. A significant percentage of the country’s internet traffic is driven through mobile, which has emerged as the primary channel for online activity. As of November 2019, 88% of Indians conducted online transactions through their mobile devices.
The current government, to its credit, has stayed on top of this trend. The launch of IndiaStack and associated applications such as BHIM and Aadhaar indicates its willingness to digitise and deliver an entire array of critical services through mobile apps. What further underscores this growing shift towards a cutting-edge digital ecosystem is the way that the nation has responded to the ongoing COVID-19 outbreak.
In March 2019, the RBI Governor asked Indians to prioritise digital payment channels such as internet/mobile banking, mobile app payments, and credit/debit cards over cash transactions. The country’s consumer base rallied magnificently behind the call-to-action. Little wonder, then, that digital payment usage has surged since the lockdown was implemented; power distribution companies operating in major metropolises such as Delhi-NCR have up to 90% of their consumers making digital payments, while 42% of Indians have professed that their dependence on digital transactions has increased substantially.
At its end, the government has been swift to leverage digital tools to mitigate the threat posed by the novel coronavirus. The ‘Aarogya Setu’ app was developed and deployed to ensure rigorous contact tracing, while state governments have set up ePass websites for unavoidable intercity, intracity, and interstate travel. Police departments in several districts have also collaborated with neighbourhood shops to provide doorstep delivery of essential goods during the lockdown.
Mobile, once again, has been the primary channel through which these interventions are delivered to citizens in this most challenging of times. This also brings up the critical issue of safeguarding private information and ensuring security of information shared online.
The Cybersecurity Conundrum: The challenges facing India’s digital infrastructure
Time and again, cybersecurity experts have raised multiple alarms about how at-risk Indian smartphone users are to threats in the digital realm. Not only is the awareness about the need for mobile security in the country incredibly low, but most smartphone users also operate their devices without paying attention to the security best practices.
Most mobile users in India also do not install a secure security application on their devices, or regularly update/patch their OS and mobile applications. With an average of 50 apps installed per smartphone, space constraints are a real challenge that often makes Indian users compromise on the one thing they consider expendable – mobile security.
What further complicates the matter is that hackers are finding novel and sophisticated ways to threaten information breach. As public sector deals with the most sensitive information, it is imperative for them to design services with a security-first approach based on robust security frameworks and privacy protection measures. It is also crucial to upgrade and rectify security patches to ensure vulnerabilities are identified and avoided.
India has been moving towards a dynamic, all-encompassing digital infrastructure that operates at the intersection of essential public services, private sector offerings, market demand, and consumer need for quite some time now. Most public and private digital payments services, for instance, are linked with UPI and utilise the Aadhaar database for their eKYC requirements. Other players, both in the public and the private sphere, are leveraging the IndiaStack architecture for swift and seamless delivery of digital services to the end-consumer.
Given such growing interconnectivity, a security breach at any one node can have a far-reaching and potentially disastrous impact on the entire ecosystem. Sensitive information belonging to end-users, organisations, and government departments can be compromised by threat actors, even as the fallout of the breach leads to a widespread disruption of services across multiple sectors.
Therefore, to protect the country’s growing digital infrastructure, the government must focus on building stronger cyber-defence capabilities by partnering with leading players in the enterprise domain. Through such partnerships, the government can test mobile apps and digital services for security vulnerabilities at all stages of development and deployment; this can ensure that the risk of a security exploit is minimised. Moreover, the extensive industry expertise of cybersecurity companies can also help it augment its own ability to proactively identify, address, and mitigate any digital threats.
Creating an interconnected digital infrastructure to cater to the varied needs of an economy, as large as India, is a lot like creating a high-rise complex. To reach greater heights, it is imperative that the foundation on which it is built must be strong. Therefore, the public sector must work with the private sector to take immediate measures to address the existing gaps in its cybersecurity readiness. After all, for India to emerge as a digital-first super economy, its digital shift needs to be complemented with robust cybersecurity. There sim
_20240617000602_original_image_49.webp)
