Security in the age of Digital India

While both Smart Cities and Digital India will create new economic and social opportunities, they will also be creating an increasingly large attack surface for cyber criminals

When you talk to the visiting heads of the technology giants about the government’s ambitious Digital India and Smart Cities initiatives, usually the focus is around the scale of the project, the capacity to do it and eventually the conversation will move to the subject of cyber security. Nowadays,security breaches are a regular feature. So much so that the insurance giant Aetna recently announced that it was going to approach cyber security as one more business risk that needs to be managed and insured in the same way that a company manages fluctuating currency prices or the threats of lawsuits.

The integrated digital footprint created by Digital India and Smart Cities is likely to bring formidable and increasing demand on resources to defend against the multiplying threat levels and entry points. While both Smart Cities and Digital India will create new economic and social opportunities, they will also be creating an increasingly large attack surface for criminals to exploit as an initial foothold or vector into otherwise well-protected IT environments. The government initiative that seeks to transform the country into a connected economy can be successful only when the security of the connected devices is assured.

The increasing synchronization and interpretation of existing digital data and processes within government departments will require maximizing security posture while keeping critical data flowing in such a daunting threat environment.

Despite all the cyber security risks, the movement towards Digital India is inevitable. The government and enterprises realize this and efforts are on for developing better systems for maintaining security while also taking advantage of the plethora of technological applications that have exploded during the last few years. The challenge is that presently, the majority of government departments and e-governance projects are working in silos, but this cannot be the case with Digital India, an R1.13-lakh crore initiative that seeks to transform the country into a connected economy, attract investment in manufacturing, improve citizen service delivery and create millions of jobs and support business.

“As Digital India and the concept of Smart Cities takes shape, security needs to be considered as integral part rather than an afterthought. Securing data at all the times, the protection of citizen’s information at large and security of the critical infrastructure need to be ensured through strict compliance with the security policy and using modern techniques, tools and processes,” Tarun Kaura, director—Technology Sales, India, Symantec, told FE.

So far, Digital India and Smart Cities initiatives have put the spotlight back to India. Global CIOs and tech leaders are optimistic about the program, in a couple of years, they expect the country to embrace new generation technology. “There has been dramatic changes in India. The Indian government and enterprises’ willingness to look into the challenge of cyber security have substantially increased,” said Stephen DuBravac, executive vice-president, Security Weaver.

Generally, across the globe, government and businesses have been reluctant to invest in security because they have too many other projects to execute and security does not become the priority. But now there is shift; security is becoming more of a high priority task as the growing trend of digitization and using own devices is posing critical questions on how to manage security in the age of Digital India.

There is no clear answer, but it should not come as a surprise if we consider the views of someone like Bruce Schneier, the noted American cryptographer, who says, “Security is not a product, but a process.”