"The advent of AI can be viewed as a double-edged sword in the hands of humans, more so when we view its utility in the realm of cybersecurity. It offers powerful tools for enhancing security measures but also introduces new potential vulnerabilities."
Given the rapid digitization of critical infrastructures and personal data, what are the key gaps in current digital safety frameworks that need addressing?
India’s rapid digitization brings immense opportunities but also exposes critical gaps in its digital safety framework. The initiative to revisit the existing laws in the country is a step that needs more push from the government. The concern today is the breach/crime that occurs in the ecosystem involving the common man. It is also to be noted that limited cybersecurity expertise and investment leave individuals and organizations vulnerable. While India has a data protection law that was recently enacted, enforcement remains crucial, and data localization and mere academic compliance mandates may not guarantee security.
In the recent past, the government has emphasized Digital Public Infrastructure (DPI) investments and the participation of corporations and the public in this direction. Yet, a more coordinated move in this direction is the need of the hour. A siloed approach hinders effective cybersecurity and hence is the obvious.
Emerging technologies like Artificial Intelligence (AI) and the Internet of Things (IoT) introduce new security challenges, while the advent of quantum computing threatens existing encryption and legacy security measures. Addressing these gaps requires a multi-faceted approach. Firstly, the legal frameworks need to be updated and adapted to the evolving digital landscape. Establishing a dedicated cybersecurity agency that does not operate in siloes is crucial. At the same time, there must be a greater investment in infrastructure to foster the development of skilled cybersecurity professionals and to address the digital divide that persists across the country. Equally important is promoting greater awareness of cybersecurity risks, both among the public and within organizations. Furthermore, collaboration between the public and private sectors should be encouraged to facilitate better information sharing and more coordinated responses to cyber threats. Finally, embracing innovation will be crucial – developing specialized solutions to address the emerging security challenges posed by AI, IoT, and quantum computing will ensure that India is better equipped to deal with the evolving digital landscape.
What are the key challenges in securing large-scale digital identity systems especially in a country like India?
India today holds the best Digital Identity system, the “Aadhaar”, which is best even among the world’s developed countries. The humongous task of providing a ‘Unique Identity’ to approximately 1.4 billion people is a venture not attempted by any other country today. Securing India’s digital identity system is not without challenges. The fact that the ‘Identity’ is used for social/financial inclusion among the population is unique in the new world order and in good governance philosophy.
First, clear and flexible standards are essential to ensure new technologies meet safety, efficiency, and environmental guidelines without stifling creativity. The policy must provide a predictable long-term investment environment with incentives such as tax credits or grants for clean tech research and development. As public and private sectors work together, they can accelerate the deployment of technology, ensuring that emerging solutions – whether in energy storage, smart grids, or advanced solar – are integrated into existing infrastructure. These efforts should seek to achieve these goals with a policy framework that drives growth in renewable energy and fosters a competitive, transparent market for these cutting-edge solutions.
Today, there is a need to revisit the encryption ecosystem and the aspect of ‘encryption of data on the move’. The availability aspect of the rolled-out services using the ‘Identity’ must be accessible to all, especially the marginalized groups in India. Hence, any amount of technology intervention will seem meagre in this direction.
The aspect of servicing these initiatives and their usage should be entrusted to ‘Home-Grown’ vendors and Enterprises; this will bring in localization and trust and enable ‘plough-back’ of the money within the Indian economy.
In your opinion, how can digital forensics help combat emerging cyber threats like financial fraud, identity theft, and ransomware scams?
India, follows a regime, in which the ownership of ‘Digital Forensics’ vests with the Government Institutions; like State run Forensic Science Laboratories (FSL), etc. Therefore, Digital Forensics is crucial in the fight against evolving cyber threats. The mindset that ‘Digital Forensics’ is a post incident methodology, to solve incidents; should be given a relook. The tools and techniques to investigate, analyze, and gather evidence need to be churned out from the Indian soil, and due research and incubation within the country need to be encouraged. Today, financial frauds trace their origin to foreign-soil, especially illicit transactions, and they in-turn pass on money and crypto-currencies that is involved in these crimes. This then makes culpability, prosecution and recovery difficult.
Further, investigators face challenges like anti-forensic techniques and massive datasets. The difficulty also multiplies when the crime trails and leads extend beyond the geographical boundaries of India.
Emerging trends like AI, Blockchain analysis, and Threat Intelligence integration need to be looked into to facilitate the future of digital forensics. The methodology of ‘Forensics in Design’ needs to be advertised and practiced to enable quicker analysis and redressal. By embracing these advancements and addressing the challenges, Digital Forensics can effectively combat cybercrime and maintain online safety and security. Encouraging public-private partnerships in digital investigation and the provision of a Digital Forensic Framework for adherence among stakeholders within India, will go a long way in rapid response in the field of digital forensics.
How do you see AI both as a tool for enhancing cybersecurity measures and as a potential risk factor for vulnerabilities?
The advent of AI can be viewed as a double-edged sword in the hands of humans, more so when we view its utility in the realm of cybersecurity. It offers powerful tools for enhancing security measures but also introduces new potential vulnerabilities. AI can truly transform cybersecurity, thereby enhancing the capabilities and robustness of systems. The fact that the utility also poses new vulnerabilities in the cyber domain, by its use by perpetrators, is one that cannot be ignored.
As a defender, AI excels in several areas. It enhances threat detection by analyzing vast datasets to identify malicious patterns and detect malware, phishing attacks and
network intrusions. In vulnerability management, AI automatically scans systems and code, identifying potential weaknesses and prioritizing them based on risk. AI also automates repetitive security tasks such as malware analysis, log monitoring, and incident response; freeing up human experts to focus on more complex challenges. Furthermore, AI’s adaptive capabilities allow it to learn from new threats and evolving attack patterns, making it far more effective than traditional, static security solutions. Additionally, by analysing user behaviour, AI can detect anomalies that may indicate insider threats or compromised accounts, enabling early intervention to prevent breaches.
Notwithstanding, AI also presents significant risks when used maliciously. Attackers can exploit AI to develop sophisticated malware, craft highly targeted phishing campaigns, and automate large-scale attacks that can overwhelm traditional defenses. ‘AI Model Poisoning’ is another concern, where attackers manipulate training data to introduce vulnerabilities or biases into AI models; leading to inaccurate threat detection. The rise of deepfakes and misinformation, fuelled by AI, complicates social engineering attacks, damages reputations, and undermines trust in online information. AI-powered hacking tools also lower the barrier to entry for cybercriminals, enabling even unskilled attackers to exploit vulnerabilities and launch attacks. Lastly, the lack of transparency in some AI models poses a challenge, as the complexity and opacity of their decision-making processes can hinder the identification and correction of vulnerabilities or biases.
To effectively leverage AI in cybersecurity, we need a multi-faceted approach. Also, is the significance of ‘Ethics’ in its usage. The adaptation of AI should include developing robust AI security frameworks, investing in research to counter adversarial AI, promoting collaboration and information sharing, cultivating an AI-literate workforce, and providing due regard to ethical use of AI. Further, by proactively addressing the risks while harnessing AI’s strengths, we can build a safer digital world for not only India, but for the World.
With cyber resilience gaining attention, how can organizations take to build such cyber-resilient ecosystems in the face of evolving threats?
Building a cyber-resilient ecosystem is crucial for organizations in India’s rapidly evolving digital landscape. The pragmatic handholding by government agencies of those victim organizations, is a matter that needs due attention. The formation of partnership consortiums with all stakeholders is an initiative that is long overdue. This should not be restricted to executive/bureaucratic executions, but also, it should follow the ‘nuts and bolts’ approach for effective bounce-back of vulnerable organizations.
The Resilience Strategy that the organization adopts should not only address ‘preventing attacks’ but should also include anticipation, withstanding, and recovery from attacks. Organizations need to adopt robust security frameworks like NIST, OWASP and ISO/IEC 27001 and prioritize security hygiene and other cybersecurity best practices. Staying informed about emerging threats through threat intelligence and conducting regular vulnerability assessments is key.
Adopting an "assume breach" or “zero trust” mentality ensuring data backup and recovery, developing incident response plans, and adopting crisis management plans are crucial steps. Empowering employees with cybersecurity training helps reduce human error. Collaboration with industry peers, government agencies, and law enforcement is essential for information sharing and coordinated responses.
Continuous improvement through regular reviews post-incident analysis and fostering a cybersecurity culture is vital for maintaining a secure ecosystem in India’s digital future.
The importance of making ‘Cyber Security and Resilience’ part of the routine Board Room agenda, is what has to be developed as a culture in our corporates today.
Looking ahead, how do you foresee the landscape of cybersecurity and digital safety evolving?
The cybersecurity landscape in India is ever-dynamic and is always under stress, with the environment under constant flux with new threats and emerging technologies. AI and Quantum Computing are poised to play a pivotal role, herein, empowering both attackers and defenders. The Cybersecurity landscape for the defender has been catalyzed due to the advent of AI and Quantum Computing. Cyber-Warriors need to upskill to identify anomalies and respond to threats in real-time. This will likely lead to an AI and Quantum Computing arms race between attackers and defenders.
The proliferation of IoT devices, edge computing, and cloud adoption have consciously expanded today’s attack surface. Securing these new environments and preventing supply chain attacks will be critical. The human element remains a key factor, with attackers continuing to exploit human psychology, through social engineering tactics like phishing and deepfakes. Building a strong cybersecurity culture and investing in user education should be the priorities of the government and corporations.
The rise of quantum computing poses a significant threat to existing encryption, necessitating the development of quantum-resistant cryptography. In the backdrop of the enactment of laws, the evolving concerns about privacy need to be tackled with caution. Increased regulation and cross-border collaboration will be vital to combat cybercrime and protect critical infrastructure. Organizations will need to adopt a holistic cyber resilience strategy that goes beyond prevention; focusing on preparedness, response, and recovery.
India should look at bringing its own encryption standards to the market for implementation. The concern here is also the backdoor hardware vulnerabilities, that come with the import or dumping of hardware into the country.
The recent adoption of Facial Recognition in many of the Authentication Modules of IT/ICT projects across India, raises concerns about the erosion of anonymity and identity theft. So is the aspect of consent and privacy. The government needs to address these concerns, with due priority.
The rapid proliferation of IT and ICT also raises a Red Flag on aspects related to ‘Massive Surveillance’. The State needs to maintain its right to surveillance due to security concerns and post-incident corroboration; yet, at the same time provide due precedence to Privacy. Constant monitoring can erode privacy, inhibiting freedom of expression. Surveillance of the data accumulated due to IT/ICT expansions, can be abused for government overreach. Privacy evangelists in India are concerned that mass surveillance infringes individual rights, and views the same as a breach of the right to privacy, thereby raising questions of proportionality, necessity, and informed consent. Balancing security and privacy require robust legal frameworks, independent oversight, and transparency to ensure the ethical and responsible use of surveillance technologies. The government needs to address these concerns.
Of late, the talk among Cybersecurity Nobles has also voiced concerns about the lack of regulatory oversight, policy paralysis, and the capability of expeditious adjudication in the overall cyber domain. The concern is also with regard to the Nation’s attitude towards Cybersecurity, Digital Safety, Privacy and the allied.
About Col. Binoj Koshy:
Colonel Binoj Koshy, retired, is an Indian Army veteran and cybersecurity/digital forensic expert with 32 years of experience. He served in various military operations and held key positions at the Unique Identification Authority of India (UIDAI), where he spearheaded technology initiatives like the private-cloud Aadhaar system, the establishment of a digital forensic lab, and the privacy certification of UIDAI.
A recognized leader in cybersecurity, Colonel Koshy has served as IT Implementer, Cyber Security Auditor, Cyber Forensic Lab Head, Officer Commanding CERT-Army, and in various Cyber Intelligence roles with Indian Military Intelligence. He has extensive expertise in Cyber-Physical Systems, Cyber Law, and governance, and has held leadership positions at UIDAI as CISO, ADG Enforcement, ADG Authentication, and Director for Northern Region, among others.
Currently, Colonel Koshy serves as the Chief Legal and Digital Officer at ESF Labs, leading digital transformation and cybersecurity solutions. Passionate about building robust systems and mentoring teams, he is committed to staying ahead of emerging cyber threats and is widely regarded as a thought leader in the field of cybersecurity and digital transformation.
1 Comment
Pingback: Digital Legacy: Can You Own Your Afterlife? - Quatro Hive