GST rollout: Experts warn of cyber threats, recommend firewall for systems

Experts opined there could be a rise in the number of security incidents post GST implementation

As the country is gearing up to usher in the Goods and Services Tax (GST) from next month, experts have cautioned that the government as well as firms should firewall their systems to deal with increasingly more complex cyber threats.

Billed as the country's biggest taxation reform since independence, the Goods and Service Tax (GST) is expected to kick off from July 1.

Experts opined there could be a rise in the number of security incidents, if the government and private players do not prepare themselves adequately to address the potential cyber risks around the GST.

PwC India Partner and Leader (Cyber Security) Sivarama Krishnan said there are several threats that companies could get exposed to as a result of the new tax regime.

Threats as a result of data leak, unauthorised changes to master data and involvement of third parties who will have access to a company's data, are set to increase.

"Companies need to modify their IT architecture with a focus on the GST. Hardening and security configurations of the systems that will be used in the end-to-end technology landscape will be required," he said.

Ansh Bhargava, Senior Consultant, Taxmann.Com, was of the view that since the GST Network (GSTN) will be recording the data of 8 million taxpayers each month, "it is imperative that this sensitive financial information be safeguarded against malicious attacks or security breaches in every possible way".

"It is of utmost importance that the cyber security unit is not only capable of detecting security threats but also conducting fraud investigations and forensics whenever needed," he said.

On cyber threats, Rohan Khara of mobile wallet company MobiKwik said even small glitches can mean major disruptions, which is why his company has set up a robust technology infrastructure to handle billions of transactions.

"We even use predictive analytics that can forewarn of cyber issues," he said.

The expert from PwC further said that in order to de- risk themselves, companies must adopt new approaches to cyber security, governance and monitoring processes.

"The GST requires restructuring of the IT processes. If operationally security aligns with business objectives, it will enable a seamless GST process," Krishnan said.

Rajeev Banduni, Co-founder and CEO GrowthEnabler advised that with the rushed timeline of implementation, suppliers and buyers should assess the information security practices of the Application Service Providers (ASP) and GST Suvidha Providers (GSP) while processing for GST implementation.

"These end-devices of ASPs and GSPs could be the next target of cyber terrorists," he cautioned.