Vinayak Godse, director general of the Data Security Council of India (an industry body established by Nasscom), is a leader in cybersecurity. He was instrumental in the development of the DSCI Security Framework (DSF) and the DSCI Privacy Framework (DPF). Godse, who headed the National Center of Excellence (NCoE) for Cybersecurity Technology and Entrepreneurship, speaks on emerging threats and opportunities in the field of cybersecurity. Edited extracts.
How was 2023 in the field of cybersecurity?
The year 2023 has been quite eventful for cybersecurity. Ransomware has emerged as a powerful threat vector, leading to ramifications across industries, especially non-BFSI and technology sectors. The increase in cases of exploitation and extortion has raised awareness among economic sectors about the importance of cybersecurity. It’s also a year of heightened privacy concerns. Generative AI has challenged some fundamental notions of security, elevating the threat landscape to a level where flaws and vulnerabilities, revealed even for a brief moment, can be exploited. It also introduced a new set of privacy concerns. In 2023, disinformation, fake news and deep fakes on the one hand, and the rise of cybercrime on the other, have left their mark. DSCI Seqrite India Cyber Threat Report highlights dominance of ransomware-as-a-service, AI-powered malware, MFA compromise or exploitation in 2023.
It is also a year in which the ecosystem comes together to counter assault campaigns at major events such as the G20 conference. The total domestic cybersecurity market in India now stands at nearly $6 billion, up from $2 billion in 2019.
What will be the main challenges and opportunities in 2024?
Advanced persistent threats and sophisticated ransomware are expected to hit economic sectors in 2024. Both would be accompanied by zero-day attacks. MFA (multi-factor authentication) fatigue, especially OTPs, will lead to an increase in social engineering attacks. AI-powered attack vectors and payloads, deep fakes, exploitation of supply chain vulnerabilities, hacktivism targeting major national and international events, diffusion of techniques used in combat to commercial sectors, increasing underground and dark network activities and targeting mobile applications would be dominant in 2024.
Increased awareness of security dangers, stricter compliance requirements and data protection obligations and responsibilities will generate enormous opportunities for security market players, both for products and services . From $6 billion, we believe the domestic cybersecurity market size will grow with a CAGR of over 25 percent.
Deepfakes have arrived in 2023. How to protect yourself?
You need to have a two-pronged approach. To begin with, don’t fall into the deepfake trap. Be skeptical of sensational content before sharing and reacting to it, pay attention to details and try to verify the facts. Secondly, for your own safety, be vigilant about your online presence, especially the visual aspects (photos and videos). Use strong passwords, enable two-factor authentication, and follow cyber hygiene practices. You should also be informed about deepfakes, the dangers they pose, the legal challenges they create, the reporting mechanism on the platforms, and quick solutions.
How prepared are we in terms of cybersecurity solutions and staffing?
The cybersecurity ecosystem is mature in India. We are present in the market of all the leading and innovative global security providers in the country.
MeitY programs such as Information Security Education and Awareness (IESA), NASSCOM-MeitY FutureSkills platform, DSCI’s professional qualifications and diversity and steering training program, CyberShikshaa, and more than 200 universities or colleges offering cybersecurity specialization would help build a skilled workforce.
Published on December 29, 2023