New Strategies for Battling CybercrimeFront-Line Practitioners Outline Top Challenges, Strategies
"Speaking at a conference on data security is like giving health advice at a conference of cardiologists."
See Also: 2016 State of Threat Intelligence Study
So said Brijesh Singh, the CISO for the Indian state of Maharashtra, in a keynote speech at Information Security Media Group's inaugural Data Breach Summit Asia Oct. 28 in Mumbai.
Conference speakers covered a range of breach-related topics, ranging from intrusion detection and cyber-insurance to scarce security budgets and battling cybercrime.
As the inspector general for India's Crime Investigation Department, Singh shared his insights with the event's attendees, hailing from across India and Asia. Singh, who's also a liaison officer with Interpol, said the fight against cybercrime demands that police and businesses work together.
"The threat is evolving in such a manner that it would be impossible for law enforcement alone to tackle it," he said. "All of our traditional models of policing, they don't work here."
Echoing other presenters throughout the day, however, he also noted that because few organizations in India must report any data breaches they suffer to authorities, the full extent of India's data breach problem remains unknown. "The reported figures you see may not even be 1 percent of what is happening," he said.
Threat Intelligence Warnings
In break-out sessions, attendees broke up into five groups, rotating between tables where they focused on a discussion topic for 10-minute periods. At one discussion focused on advanced persistent threats, for example, some delegates said that "low and slow" and difficult-to-detect threats are an increasing concern. Some of the security professionals also admitted to finding internal breaches that had persisted for months before being detected.
Many attendees also said they expect the number of sophisticated cyberattacks to continue rising, especially in light of the Indian government undertaking a massive digitization effort and Indian manufacturing beginning to pose more of an economic threat to China, thus increasing the likelihood of online espionage against Indian organizations.
To better detect attacks, many attendees say they would like to adopt threat intelligence feeds. But Siva Sivasubramanian, chief of security for global telecommunications firm Bharti Airtel, based in New Delhi, India, cautioned that to be effective, threat intelligence must involve more than just subscribing to threat-intelligence data feeds. "It's a painstaking piecing up of information," he said.
Furthermore, acting on that information can potentially cause disruption. "Every piece of threat intelligence we get, to make it into an action, you're going to disrupt the fabric of your organization," Sivasubramanian said.
Cyberwar Will Target Businesses
Meanwhile, the imperative to improve security defenses continues to grow, especially at the private firms that now comprise the majority of India's critical infrastructure - ranging from energy and water supply to transportation and banking, said Raghu Raman - president of risk, security and new ventures for Mumbai-based Indian conglomerate holding company Reliance Industries. The firm owns a variety of companies in the energy, textiles, retail and telecommunications sectors, among others.
In a "Spotlight Session on Cyberwar" focused on India, Raman, a former captain in the Indian Armed Forces, predicted that geopolitical conflicts will increasingly include an online component that targets India's critical infrastructure. But as in many other countries, the vast majority of India's critical infrastructure is owned by the private sector, meaning that future conflicts may well target corporations, which need to get their security house in order. "The battlefield of the future is going to be corporations," Raman said.