Shortage of professionals, policy gap challenge for cyber security: Report

Shortage of skilled professionals, inadequate infrastructure, regulatory and policy gaps, and public unawareness about best digital practices are among key cyber security challenges in the country, according to a new report.

India's Sherpa for G20 and former NITI Aayog CEO Amitabh Kant unveiled the report, prepared by cyber security solutions company Lisianthus Tech, recently in Delhi.

The report noted that cyber threats are escalating in the country, with over 116,000 cyber security incidents reported in 2023, marking a significant increase from previous years.

It recorded among most notable cyber threats faced by AIIMS, HDFC and Axis banks, Indian Railways and IRCTC, Paytm, Zomato, Indian Oil Corporation, Bharat Petroleum, and National Payments Corporation of India in recent years.

"There is a significant talent gap, with an estimated shortage of one million cybersecurity professionals. Many sectors lack the necessary infrastructure to defend against sophisticated cyberattacks. Rapid technological advancements outpace existing laws and regulations, creating vulnerabilities," the report 'Challenges for Cyber Surakshit Bharat' stated.

"A general lack of awareness about cyber security best practices among users and organizations exacerbates these vulnerabilities," it added.

The report identifies Advanced Persistent Threat (APT) groups and hacktivists as significant threats to India's cyber security.

Notable groups include APT41 from China, which targets healthcare and telecom sectors, and the Lazarus Group from North Korea, known for financial and critical infrastructure attacks.

India's response includes enhancing collaboration with international cyber security agencies and improving incident response strategies.

"Strengthening international partnerships is vital for addressing cross-border cyber threats," the report emphasised.

Noting that the digital infrastructure of the country is under constant threat from various actors, including cybercriminals, state-sponsored groups, and hackers, the report said that these entities exploit vulnerabilities to launch complex attacks such as ransomware, phishing, and Distributed Denial of Service (DDoS).

The report highlighted the urgency for India to adopt a "proactive defense posture", leveraging artificial intelligence (AI) and machine learning to anticipate and mitigate cyber threats.

"Promoting public-private partnerships is crucial for enhancing our cyber security resilience," the report stated, adding that these collaborations are essential to developing a robust defence against increasing sophistication of cyber threats.