The delegates felt that organizations did not know where the data leaks were. The Cloud was put forth as another threat since it was not clear where data resided in a Cloud environment.
The government is an important sector for hacktivists because it has a repository of critical data. The delegates felt that the major area of blockage for the government was that it concealed too much.
The Check Point team mentioned that, from a security perspective, it was vital to be transparent in terms of what could happen. E.g. in 2011 an Indian organization was attacked. The organization knew that the attacker was from China. It was not revealed but the hacker tweeted it online.
There were contradictory opinions, wherein some delegates thought that it was mostly hype with instances of government organizations being attacked being given undue prominence.
According to the Check Point team, India is a major focal point for hackers. They suggested that, even if policies were in place, it did not help if there was no awareness. An effective method was for organizations to implement sensors and identify communication patterns.
According to Check Point, it had analyzed 112 organizations and found that 99% had bots on the network. These were organizations with high end security infrastructure.
During a crisis it is usually the crisis management group in the state IT department, NIC or DIT that is called upon for help. The discussion ended with a statement that security in today’s environment is all about being proactive rather than reactive.