Balsingh Rajput, Superintendent of Police (Cyber), said it was important for the law enforcement authorities and businesses to punish individuals using technology to cause damage and not the technology
Speakers at a cyber security conference on Thursday said private organisations must find a balance between setting the law into motion and managing their reputations in the face of constant threat from cyber attacks. On the first day of the Cyber Security Summit organised by the Confederation of Indian Industry, the panelists insisted on the need for India to move on from IT security to cyber security. “We don’t have a cyber security mindset. We are only doing IT security. People still don’t understand cyber risks to an organisation,” said Nilesh Mhatre, Chief Information Officer, HSBC India.
Sankarson Banerjee, Chief Technology Officer at the National Stock Exchange, said that hackers had also evolved to a point where they are able to harness the computing power of state-level actors. “We are approaching a point where organisations will be attacked and get damaged. Organisations need to be able to restore themselves and build resilience to attacks,” he said.
Balsingh Rajput, Superintendent of Police (Cyber), said it was important for the law enforcement authorities and businesses to punish individuals using technology to cause damage and not the technology. “We need to kill the mindset of the person using the technology. It is important to understand the hacker’s mindset and his motives. A person won’t stop using technology to cause damage unless there is deterrence,” he said.
Rajput added that it is also important for organisations that are hit by cyber attacks to inform law enforcement immediately instead of worrying about preserving their reputations.
“If you are only protecting your reputation, you are losing the trust of clients. But for business continuity, a one-time loss of reputation will help to regain client trust. When a fraud takes place, unless you put the law into motion, deterrence will not take place,” he said.
Earlier in the day, Meena Hemchandra, executive director, RBI, also stressed on the need for organisations to invest in systems to respond effectively in the face of cyber threats.
“While focusing on cyber security for organisations, it is important to have crisis management plans in place thus you know when and how you can react in a given situation,” she said.