ISMG Delhi Summit: Zero Trust, SOC Automation, Nation-State AttacksHighlights of Delhi Cybersecurity Summit
Nation-state attacks. SOC automation. Zero trust. Protection of critical infrastructure. These were some of the key themes that discussed at Information Security Media Group's recent Cybersecurity Summit in Delhi.
Keynote speaker Lt. Gen Rajesh Pant discussed vital issues, including the lack of collaboration between the government and the private sector, the need for a plan of action on the national cybersecurity strategy and how to empower CERT-In. "We in the government are known for making big plans. But except a few, many of these plans need better implementation," Pant said referring to the many initiatives taken by the government in the cybersecurity front.
Dr. Sanjay Bahl, director general CERT-In, and Col. K.P. Bhat, consultant and adviser, National Critical Information Infrastructure Protection Center, highlighted the need to have a "war time" mindset to respond to nation-state attacks on critical infrastructure.
Meanwhile, Dr. Gulshan Rai, former national cybersecurity coordinator, contended that the government does not have enough resources and skills to handle breach response to critical infrastructure.
"We keep talking about machine learning, but how much of it is leveraged by the government? I have been emphasising for many years now that we need to impart a course on cybersecurity and its many branches, which will help prepare a war time mindset among youngsters," Rai said.
Here's a summary of other critical topics:
- Zero Trust: Security practitioners in India are in the early stages of implementing this approach, devising ways to adopt enforcement policies.
- SOC Automation: Representatives of both the manufacturing and government sectors described how they have begun the process of automating SOCs. For example, Anand Pande, CISO at GSTN - Goods and Services Tax Network - tells me he intends to leverage machine learning. "We are still setting up processes, but SOC automation is our priority and we want to begin the process this year," Pande says.
- Convergence of IT and OT: Practitioners are still considering whether IT security can be applied to OT and how malware behaves differently in different OT environments.
- Privacy: Attendees at the event said they were anxiously awaiting a revised draft of the proposed personal data protection bill; the latest version was seen by some as giving too much power to the government.
- Crimeware as a Service: Experts spoke about how it has become extremely easy for hackers to carry out multiple cybercrimes at a minimal cost.
- Cloud: More organizations are adopting a hybrid cloud approach. But security has failed to keep pace with advancement in the cloud, some experts contend.
Watch for more coverage of this event, including video interviews.