India's Response to State-Sponsored CyberattacksExperts Offer Insights on Detection, Response and Risk Mitigation
To help mitigate the risks of state-sponsored cyberattacks against India's critical infrastructure - and improve detection and response - requires industry collaboration and information sharing, root cause analysis with specialized forensics and better testing of code, a panel of experts says.
India's ability to test imported code before it's inserted into the critical infrastructure is limited, says Mathan Babu Kasilingam, CISO, Vodafone Idea Ltd. "The state should ideally participate in regulating what gets imported or tested before it gets into the systems."
Dinesh Bareja, chief operating officer at Open Security Alliance, a consortium of security practitioners, adds: "Corporates and government need to invest in research and home-grown products which give enough room for testing before it is deployed."
Brijesh Singh, inspector general of police, Maharashtra Police says, performing root cause analysis of attacks and helping organizations to become self-reliant in manufacturing hardware and defensive technologies are two critical steps.
In this video interview with Information Security Media Group, the three experts address:
- Redefining the roles of people, process and technologies in responding to attacks;
- Attributing attacks and understanding attackers' methods;
- Harnessing technologies to detect attack patterns.
Kasilingam, CISO, Vodafone Idea Ltd., has over 20 years of experience in the field, formerly serving as CISO at NPCI and head of cybersecurity solutions and operations at HDFC Bank.
Bareja is the principal adviser, IS practice, at Pyramid Cyber Security and Forensics. He also serves as the COO of Open Security Alliance and was the founder of India Watch. He has been a practicing information security and management professional for the past decade and is a security and infrastructure specialist with experience in the government and enterprise domains.
Singh is inspector general of police, Government of Maharashtra. He is the former inspector general of the Criminal Investigation Department. He is also inspector general of police - Women Atrocity Prevention and Cybercrime, a special authority created by the Maharashtra government to tackle cyberthreats.