With more and more Indians going online and generating never-heard-before kind of data, hackers have turned their focus on a country with over 450 million smartphone users and more than 550 million Internet users. The country has 366 million Internet subscribers in urban locations and 194 million in rural areas, says the latest report by Telecom Regulatory Authority of India (TRAI).
According to Sophos Senior Security Advisor John Shier, organisations are struggling with phishing and other user-focused attacks in India. “Most people don’t believe that computer-based training (CBT) is effective and are looking for ways to improve their defenses against users being tricked into inviting malicious attackers into their network,” Shier said in a statement.
A KPMG report in April revealed that nearly 86 per cent of the consumers in India are concerned about eavesdropping of their conversations or theft or misuse of their messages through their devices. “The proliferation of connected and IoT devices will have a cross-sector impact on areas around data security and privacy. In response to this, regulators will need to establish mandatory data security requirements,” said Atul Gupta, Leader-IT Advisory and Cyber Security Leader, KPMG in India.
Around 87 per cent of the consumers are concerned that retailers will misuse or improperly distribute their information. According to Gauri Bajaj, Director, Cybersecurity (APAC), Tata Communications, the adoption of cybersecurity remains a key challenge.
“The recent spate of cyber attacks only highlight the security risk that takes place both within and without the organisation. It is imperative that employees are sensitised to the risk of security breaches and trained to respond in such a scenario,” Bajaj said.
Not just phones, wearable devices like smartwatches are the next frontier for cybersecurity. “The future of wearable tech in the world of AI and predictive technology will be highly individualized, data-driven and analytics intensive. One of the bigger applications of this will continue to be in the healthcare and fitness sector.
“However, what is key to make this happen is also building a holistic ecosystem that tracks, guides and designs individualized plans for each individual, at a low cost,” said Vishal Gondal, CEO and founder GOQii.
It isn’t enough to have an IT security team and having a strong culture around security is the next step in maturity for security awareness programmes, say experts. “Use a unique, complex password for banking and other financial online accounts. For others, use a password manager to keep them organised and readily available. Use Two-Factor Authentication (2FA) when available to provide an extra layer of security on accounts,” Shier said.
Be wary of clicking on emails from unknown sources or deals that look too good to be true. Cyber criminals use look-alike spam to lure in victims with links to bogus websites. Businesses should train employees on how to “spot a phish”.
“Use a layered business security strategy to provide protection at multiple levels to avoid attacks from different angles. Be wary of IoT devices on any network. Change factory default passwords immediately out of the box,” the Sophos executive added.