Cashless economy will face increasing cyberthreats.
India needs to urgently build capacity to fight cybercrime, which is an increasing threat as the country goes for cashless economy, says industry body ASSOCHAM.
“What we urgently need is serious effort in capacity building and setting up high-end cyber labs that are capable of critically inspecting every IT component before these are deployed in critical infrastructure across industry sectors,” said Mr. D S Rawat, Secretary General ASSOCHAM.
“There is an ever-growing threat to the economy, financial sector, key government departments and infrastructure set-up, which in turn leaves internal security at risk,” he pointed out.
Moreover, cyberthreats will only rise as India is seeing a shift towards a cashless economy. The types of cyber security incidents such as phishing, scanning, website intrusions and defacements, virus code and denial of service attacks will continue to grow, according to a study by ASSOCHAM and PwC.
The number of incidents occurring in banking systems has increased in the last five years.
In October 2016, an ATM card hack hit Indian banks, affecting around 3.2 million debit cards.
Hence, efforts are needed to enhance cyber security as businesses and citizens embrace this new digital wave, said the study.
Securing the hyper-interfaced environment, each ecosystem player will need to create multiple application programing interfaces (APIs).
While this will deliver a seamless experience to customer, there is also a risk of malware injection through such APIs.
With faster proliferation of interfaces, protecting APIs will become critical to ensure malware and persistent threats do not propagate through such untrusted/ untested APIs, it pointed out.
Any threat that impacts such a user can potentially proliferate and bring the entire financial services ecosystem to a standstill.
As the ecosystem continues to be interconnected and overlapping, cybercriminals will try to exploit possible lapses and, hence, strategies need to be built to deal with such eventualities, according to the study.
Given this interdependence on the all the players of the financial ecosystem, it becomes crucial to identify any anomaly at a pace which mirrors real time or near real time.
Once an anomaly is identified, containing it is of paramount importance before it spreads and crosses a point where the damages have transcended organisational boundaries and services.
Stakeholders, including third-party vendors, who are responsible for managing the networks and infrastructure have limited understanding with respect to security risks and vulnerabilities associated with OT and CT systems.
While IT systems are monitored heavily for security purposes, monitoring of OT and CT systems is limited to process efficiency and performance. Hence, logs and events are not collected and correlated.
Specific crisis management or incident response for OT and CT systems is different from that for traditional It system. Security plans specific to OT and CT are missing, thus increasing the potential impact of the incident.
ASSOCHAM paper said that by identifying cyber security flaws and issues, decision makers will be better placed to implement appropriate security controls, design additional secure architectures, monitor targeted attacks and maintain effective cyber resilience for their IT, OT and CT networks. fii-news.com