Reasons Behind the Fact that Cyber Security is Crucial for Government

The UK government admitted in 2007 that the details of 25 million people (almost 40% of the population) had been lost by its revenue and customs department. This caused a great scandal and the prime minister had to apologize to the country.

Fast-forward to 2010—India is an exploding economy, and, furthermore, the government agencies have an inmense volume of information that many would like to have! The information government institutions are accumulating is growing quickly and substantially. Also, the availability now of filing tax returns electronically prove that information is becoming digitized more and more. This leads to the government spending more also on IT infrastructure. For example, the government intends to spend a mind-blowing Rs 10,000 crore, or 3% of the annual plan budget, on project relating to egovernance in 2010-11.

The government produced its biggest egovernance program last week, Aadhaar, and the Unique Identification Authority of India (UIDAI) plans to issue around 100 million unique 12-digit numbers by the end of fiscal year and, by 2014, 600 million. Representatives from UIDAI will establish uniqueness of individuals by collecting demographic and biometric information. This data will be housed in a centralized database and will be gigantic and very, very valuable.

It’s no wonder most government enterprises have begun to work like the biggest businesses when it comes to IT. From this we can see that the threats they have to deal with are also increasingly like the ones in big companies. Most of us would agree that the most efficient way to hurt a country’s defenses is by attaining what’s most valuable to that country: its information. From what we can see in the media, new age cyber criminals are focusing their attacks on vulnerable areas that are putting large IT environments exposed to the danger of infiltration. For example, Pakistani and Chinese cyber spies continue to try and hack into computer systems in India; enemy intelligence agencies attempt to steal secrets from defense departments by using computer storage media (CSM) devices like CDs, removable hard drives and pen drives.

So what is needed, then, at this point? Cyber attacks, says Shantanu Ghosh, vice-president, India product operations, Symantec India, can be classified in two ways. They are attacks against information and attacks against infrastructure. Many times the attacks will come about as a combination of these two types. More often than not, even if the infrastructure is what is being focused on in an assault, there will be some compromise of information that is a part of the overall attack.

What is needed in today’s government is to prevent anyone from attaining their valuable digital information.

Classified government information needs to be protected from internal and external risks. These days, hackers are targeting four essential areas of vulnerability that are placing tech-capable government environments exposed to compromise: IT policy that is insufficiently enforced, infrastructure and information that is insufficiently protected, and poorly-managed systems.

As the rate of information growth speeds up, infrastructure for it is developed more and more, and organizations adopt new platforms for them. Then the organizations involved realize they have more on their hands to manage than they ever did. Now they need to pay their fullest attention on security continuity that will help them to always respond to changes from within and without.

Some suggestions: First of all, and most importantly, these organizations need to be aware that questions regarding cyber security are not an exotic topic any more that focus mostly on spam e-mail and frozen PCs, but can have a very serious effect and, therefore, need to be considered very seriously.

Second, security is not just about an anti-virus software and firewalls.

Security should be adjustable, mobile and adaptive. Mainly, though, security should have depth. There need to be multiple layers of protection so that attacks can be seen, stopped and prevented.

In other words, what is needed now is a strategy for IT security that is well structured and enables government entities to protect their information. These entities now need a security strategy that is up-to-date with the fast paced movement of operations and isn’t simply confined to stopping the malware attack of the day.

To read the Financial Express article, click here: