India's first CISO called upon the industry to spend part of CSR money to create awareness about the challenges
The government cannot thwart the cybersecurity challenges alone. Businesses must come forward to collaborate with the government and spread awareness about cyberscecurity challenges, said Dr Gulshan Rai, National Cyber Security Coordinator, National Security Council and India’s first Chief Information Security Officer. He was answering questions from security professionals participating in an Open House as part of the CyberSecurity Roadmap conference organized by CSO Forum, a 9.9 Media publication.
“Every business should share their incidents with CERT-in. And CERT-in is within its rights to take punitive action if it does not happen, but law is the last recourse,” he said.
“How many of you do report? Do you mean to say that there is no incident?” he asked. He reiterated that the Government can only facilitate but the industry should come forward to cooperate.
“CERT-in has its own resource crunch; yet, they try their best to respond quickly,” said Dr Rai, who headed the organization before taking up his current responsibility. However, he expressed satisfaction that the trust between CERT-in and the industry has been growing of late.
Dr Rai even went a step further by urging the private businesses to invest some of their Corporate Social Responsibility (CSR) fund on spreading awareness about the challenges of security.
“How many of you have contributed from your CSR funds to an event like this, which helps in creating awareness,” he asked. “CIOs are not able to get a good hearing with the board,” he said.
Cooperation was a recurring theme in Dr Rai’s talk as he extended it to creation of skilled manpower in the area of cybersecurity. He said the industry and academia need to work together to create the skilled workforce. “Only the government cannot achieve this objective,” he added.
“We have identified 26 areas where we badly need skilled people,” he said. He said the higher education institutions are not yet ready to conduct these short, skill training workshops.
Answering a question from Krishna Kumar, COO of B2B Tech, 9.9 Media who was moderating the Open House session, he said the encryption debate in India has little participation from the technology people. Referring to the Apple vs FBI battle around encryption in the US, he said this is a very sensitive issue and we need to have a balance.
“When anything happens, everyone abuses police, but how can they investigate if they do not have access to data?” he asked. He, however, refused to take sides in the Apple vs FBI debate. He, however, lauded the way the US society is going about the issue.
“That is the country that teaches moral responsibility to the world. Let’s see how it evolves there,” he said.
He identified five major cybersecurity threats of 2015. Identity theft, Ransomware, Heartbleed vulnerability, Cyber espionage and Denial of Service attacks, according to Dr Rai, were the top cybersecurity threats of the year.
Before the Open House, in his brief address, Dr Rai said that no one entity/department owns cyber security, as everyone one’s their respective data and protecting that data is their responsibility. So, they are all concerned about cyber security. “It is time board management works very closely with the CIOs on this,” he said.
Before that, Dr Rai and Vikas Gupta, Publisher of CSO Forum and Co-founder, 9.9 Media, jointly inaugurated the conference by lighting the ceremonial lamp.