Cybersecurity: Is India Getting it Right?Bareja on Overcoming India's Persistent Challenges in Cybersecurity
The demand in India for cybersecurity is burgeoning - reaching critical mass toward the next step in the market's evolution to global maturity levels. But are the government and industry and making the right moves? Persisting challenges with capacity, skills, infrastructure and legislation indicate that there are many shortcomings, says security thought leader Dinesh Bareja, COO of the OpenSecurity Alliance and founder of India Watch. Even as the threats evolve and multiply, age-old challenges remain and are making themselves more keenly felt, he argues. (Also read: New Strategies to Address Security Skills Gap)
"While the general consensus is that there is a broad increase in awareness around these issues - which I agree with - I don't think enough is being done, or in the right manner," Bareja says in an exclusive interview with Information Security Media Group. "I see that there is a lack of a structured approach and an acute need for strategic thinking in the domain."
Bareja worries that the situation is dismal. The much sought after economic emancipation and innovation technology is expected to bring to India's development agenda is a double-edged sword. Increasing technology adoption also means an increasing vulnerability to cyber risks as the attack surface increases, he notes. But he believes that India still can become a global leader in cybersecurity if the right connections are made. (Also listen to: ISF on Asia's Security Challenges)
The talent, know-how and experience is all available, he says. What is needed is a push to break free of existing approaches that stymie the entire system. Unless there is strategic thinking on cybersecurity, all efforts will bear little fruit, as the system continues to fight itself, he argues. What's required, he says, is a holistic approach centered on governance, communication and strategy - and firmly rooted in the reality of India today.
He believes that the inability of existing system to deal with cybersecurity issues today, and subsequent challenges to enterprises, citizens and society as a whole, have resulted in unique expertise and a wealth of experience in the country that needs to be leveraged properly and connected to India's cybersecurity story.
In this interview (audio link below photo), Bareja shares his candid insights on the ills plaguing the Indian InfoSec domain and the many opportunities for improvement. He discusses:
- Why the numerous Indian cybersecurity initiatives may not be bearing fruit;
- The government's approach to policy and legislation in cybersecurity in India;
- Systemic deficiencies in the ecosystem that need to be addressed;
- Breach disclosure in India.
Bareja, a prominent Indian security thought leader, is the principal adviser, IS practice, at Pyramid Cyber Security and Forensics; the COO of the OpenSecurity Alliance and founder of India Watch. He has been a practicing information security and management professional for the past decade, and is a security and infrastructure specialist with experience in the government and enterprise domains. He has served as an advisor to the Jharkhand State Police's Cyber Defense Research Centre, and has also advised the Bombay Stock Exchange. He is the founder of the Indian Honeynet Project, and a mentor and advisor with the Ground Zero Security Conference and Cyber Peace Foundation.