Cyberattacks in the country caused financial damages to the tune of about USD 500,000 to Indian companies in the last 12-18 months, says the 2018 Annual Cybersecurity Report released by Cisco in February 2018. The report said that security is getting more complex and the scope of breaches is expanding.1
In the public sector threat landscape, adversaries are becoming increasingly adept at evading detection while attacking networks. They have shown the capability to damage public services and infrastructure by weaponizing the very technology that benefits our society as a whole. They are attempting to do this by destroying sensitive data or holding it for ransom at every level of government or by taking critical infrastructure for utilities, transportation, public safety, and defense offline.
Over the past year, it has become clearer within the threat landscape of the public sector that there is a need to adopt end-to-end, threat-centric cybersecurity approaches that provide deeper visibility across networks. Doing so can greatly improve the security of private citizen data and provide a more secure environment across the entire attack continuum. By building “cyber resiliency” into government networks, the public sector can withstand attacks that may otherwise create significant damage.
Cisco has the largest global footprint vis-à-vis internet infrastructure, giving us the deepest insights into data in motion. Analysis of threats is intrinsic and it produces a powerful perspective to manage and neutralize attacks. This translates to complete coverage from cloud to the endpoint, including the web, network and email.
'Secure India' is Cisco’s initiative to focus on our capabilities in the areas of security and trust, promote cybersecurity engagements with the governments, public sector agencies and private enterprises, and support a trustworthy, transparent and accountable environment in India’s digital transformation.
Complementing these efforts, CDA has invested in a couple of public sector and national initiatives on cybersecurity:
MoU signing with Dr. Ajeet Bajpai, DG – NCIIPC on 8th Jan 2018
Cisco has established a Threat Intelligence Co-operative Framework through MoUs with CERT-In (Indian Computer Emergency Response Team) and NCIIPC (National Critical Information Infrastructure Protection Centre) to:
Security Operations Centre (SOC)
Cisco has setup up a SOC to provide a broad range of services, from monitoring and management to comprehensive threat solutions and hosted security that can be customized.
Cisco has three other SOCs worldwide, located strategically at Poland, the U.S. and Japan. This allows Cisco to provide 24-hour service using a “follow the sun” model and secondary/ tertiary peering with other SOCs in government and critical infrastructure enterprises.
Organizations can use a cyber range to create a training centre for current staff or as an incubator to test and evaluate advanced technologies. This testing ground can then be scaled across the enterprise to create employees that are experts in digital security techniques and processes. This tactic develops staff who are collaborative, agile, analytical and creative, resulting in improved enterprise commitment to digital security dexterity and boosting organizational resilience.
Validating the efficacy of the cybersecurity program's practices, the deployed technology and the competencies of the cybersecurity team is not an easy task for security and risk management leaders. However, cyber ranges — simulation platforms that enable organizations to train and develop cybersecurity expertise and manage workforce planning — are becoming more frequently deployed to address enhanced security training and validation requirements. Cyber ranges can be used to foster new skills and competencies to prepare for digital business models.
Cisco has setup up a Cyber Range at Gurugram to educate and support government, public and private sector customers and partners in combating evolving cyber threats. This platform is now being extensively leveraged to build cyber competencies and assess cyber-readiness.
Dr. Gulshan Rai, National Cyber Security Coordinator, GoI, inaugurated the Cyber Range Lab at the Cisco India Summit 2017
Cyber Range provides a synthetic war-gaming environment for learning the latest methods of vulnerability exploitation and the use of advanced mitigating tools and techniques.
According to Gartner, "the unemployment rate for cybersecurity professionals is zero. An analysis from the U.S. Bureau of Labor Statistics showed that there were 209,000 cybersecurity-related jobs that were unfilled in the United States during the calendar year 2015."3
As the realities of digital business sink in, this shortage may expose organizations to undue risk that may increase the likelihood of a breach, causing ramifications for the organization in terms of data, monetary and brand reputation loss.
CDA is enabling India to address this talent gap faster with the help of the following initiatives:
To foster cybersecurity research and education, Cisco has invested in a Cyber Security Chair at the International Institute of Digital Technologies (IIDT), Andhra Pradesh. This investment will also enable research in cybersecurity relating to IoT.
Cisco NetAcad has recently launched courses in cybersecurity at multiple levels of competency leading to CCNA Cyber Ops certification. This initiative is already over-subscribed and has the potential to address the need for large scale cyber-skilling in India.
Reference: