Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management

Cybersecurity Coordinator Offers Data Protection Bill Update

Rajesh Pant Calls Security 'An International Team Sport'
Cybersecurity Coordinator Offers Data Protection Bill Update
Lt. Gen. (Ret.) Rajesh Pant, national cybersecurity coordinator at India's Prime Minister's Office

In the continuing effort to counter rising cyberthreats, India will roll out the latest draft version of its proposed Data Protection Bill by early 2021, says Lt. Gen. (Ret.) Rajesh Pant, the national cybersecurity coordinator at the Prime Minister's Office.

See Also: Panel | Cyberattacks Are Increasing — And Cyber Insurance Rates Are Skyrocketing

Pant, who spoke at Information Security Media Group’s Virtual Cybersecurity Summit: India & SAARC this week, said the long-delayed bill would require Indian companies across all industries to report data breaches to the data protection authority.

Pant said the legislation will seek to address the issues of privacy and security, as is the case in the EU’s General Data Protection Regulation and the California Consumer Privacy Act.

He also called for collaboration on cybersecurity between government agencies and the private sector, but also among nations.

"Cybersecurity … is a team sport. In fact, it is an international team sport, where unless you collaborate, unless the threat intelligence is shared, the solutions will not come out," Pant said.

Other speakers at the event included Randy Trzeciak, director of the CERT Insider Threat Center at Carnegie Mellon University; Justice B.N. Srikrishna, a former judge at the Supreme Court of India and chairman of the country's Data Protection Committee; and Sujit Christy, group CISO at John Keells Holdings.

Ransomware Surge

The recent surge in ransomware attacks across India can be attributed to the switch to remote operations by many organizations throughout in response to the COVID-19 pandemic, Pant told summit attendees.

More hack-for-hire gangs and others are seeking to capitalize on security loopholes created by the switch to remote operations, he added (see: Hacking-for-Hire Group Expands Cyber Espionage Campaign).

"Because of what has happened with the pandemic globally, the use of online services increased in the first nine months of this year. This, in turn, has resulted in global losses to cybercrime of $2 trillion," Pant said. "The threat actors that are involved in these cybersecurity threats include individuals, such as script kiddies or seasoned hackers. Then there are cyber mercenaries, people you can hire and who are available on the dark web."

Attacks in India

Since the start of the pandemic in early January, several large Indian organizations have been hit by ransomware attacks.

In October, for example, Dr. Reddy's Laboratories, a multinational pharmaceutical company based in India that's working on testing a COVID-19 vaccine, sustained a ransomware attack. The incident forced the firm to shut down plants in India, Brazil, Russia and the U.K. to prevent further spread (see: Indian Pharmaceutical Company Investigates Security Incident)

In the same month, Haldiram, a snacks manufacturer, suffered a ransomware attack in which attackers encrypted files and demanded a ransom, according to the Times of India.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.