Security. Is Good Enough, Good Enough?

March 4 is Rashtriya Suraksha Diwas (National Security Day), dedicated to all the security forces (policemen, commandos, guards, army officers, para-military forces) responsible for monitoring and securing our country so that 1.34 billion Indians can sleep peacefully. This day, India pays tribute to the hard work and bravery of heroes involved in the nation’s security, often unsung.

But, is security only physical?
Picture this, a person walking on the street can be attacked, physically harmed and his wallet robbed. But there is also the chance that a hacker can steal this unsuspecting person’s digital identity, let’s say, Facebook, and empty his or her bank account, without physically harming the person. Loss of wallet or money from a bank account is quite damaging to an ordinary citizen.

Transpose this scenario to that of the nation’s security and which could be of gargantuan proportions. Last year, ISIS made global headlines for releasing an exhaustive ‘kill list’ that included the names, email addresses and home addresses for over 8000 average people. Data is likely to become the cause of the next war if not protected.

We often underestimate the sheer volume of data that is generated daily. As per a leading report, we create 2.5 quintillion bytes of data every day. Imagine what it takes to keep so much data safe and what a potential breach of personal, corporate and national security can do to any economy.

So how secure are we in India? I’d like to believe that we are safer than we think. Consider this, last year, 3.2 million debit cards were compromised in India with over 600 customers losing around Rs. 1.3 crore due to the breach. That’s a worrying situation but, if it’s taken in context – India has more than 700 million debit cards in circulation, so, the breach is a mere 0.45%! A big thank you to all those who are working hard to protect the remaining 99.55%.
Governments across the world have long woken up to the reality of the threat posed by data theft.

The European Union has drafted General Data Protection Regulation (GDPR) that gives more control over what happens to a country’s data, and has made it easier to launch complaints about any misuse of information. In India, Sections 43A, 69 and 72A of the IT Act embody the law on data protection. The IT Amendment 2008 states that corporates are liable to the extent of “Unlimited Liability” for failure to implement, reasonable security practices to protect sensitive personal information. India has also set up Data Security Council of India (DSCI), a premier industry body on data protection by NASSCOM® that is working towards setting up best practices, standards and initiatives in cyber security and privacy.

Policy-makers, businesses, and citizens have to continually stay alert to potential threats – just as we try and stay out of dark alleys, while also staying tuned to the continually evolving nature of technology which makes any single solution work lifelong. There is no simple answer to this.

Data Fabric of a Smart City: One thing is clear, for India to evolve into a truly digitized economy, a data security backbone/protocol is imperative. India needs secure data center management and systems that help increase security of critical infrastructures such as financial institutions, transportation systems and hospitals. The framework should include risk management solutions that provide holistic, in-depth approach to secure data collection, sharing and storage. Data management will be the foundational key to unlocking value from connected devices across future smart city ecosystems.

Salutation. So, this March 4, let’s take a moment to thank all our security forces - the unsung heroes who help India stay autonomous and its people and their information/ data, safe.