Cyber security breaches are increasingly impacting businesses, and more worryingly in the critical government sector. Over 50 government websites were attacked in 2022-23, with eight of them resulting in data breaches, as stated by the government in the Rajya Sabha in February 2023.

Earlier security preparation was largely concerned with assessment and assurance. Security risk assessment, gap analysis, vulnerability assessment, penetration testing, compliance verification, and audit would occupy most of the attention. Resources were primarily dedicated to them.

The digitisation push, evident almost in every aspect now, has wider import for government in terms of financial inclusion, the need for better public service delivery, and improving economic asset utilisation. Some 2,311 agencies issue documents to citizens; DigiLocker stores 5.6 billion of them.

More than ₹24.8-lakh crore has been transferred through the Direct Benefit Transfer (DBT) mode since 2013, with ₹6.3-lakh crore in FY 2021-22 alone. More than 1,668 services and over 20,197 bill payment services are already on the UMANG app and e-District mission mode project has brought 4,671 e-services online.

Expanding footprint

The expansion in digital footprint gives rise to the possibilities of security attacks. Cyberspace is being used to carry out covert operations, steal sensitive information, and erode critical sector security. Campaigns are both quick and noisy, and stealthy.

We saw an example of this during the G20 New Delhi Summit. Stealthier ones are more devastating. They deploy advanced tactics, now increasingly involve zero-day attacks.

The underlying infrastructure on which public services are delivered is becoming more complex and disaggregated. The reliance on external ecosystems is expanding as a greater number of APIs are published, data sharing is advocated, and interconnectedness is embraced.

The volume and velocity of public service delivery applications developed and deployed are increasing rapidly. We already have one of the largest digital databases in the world. The Digital Public Infrastructure spearheaded this transformation.

Exploiting weakness

The security threat landscape has evolved to a point where even a rare weakness is likely to be exploited. Getting hold of that one situation which can potentially create security ramifications has emerged as a critical goal of security preparedness and response. This pursuit has contributed to the development of enterprise security technologies and operations, ensuring swift organisational responses that prevent attackers from lingering within the network, exploiting, and extending their reach.

Security preparedness should shift away from excessive emphasis on assessment and assurance, seen largely in the government and public sector. Real-time management of problems should take priority in the sector. Technology should get the desired attention. Use cases that demand technology capabilities should be carefully thought of. Government and public sector need to overhaul their security operations for achieving continual excellence that match the advancements seen in the attacks. Action-oriented security should adopt and experiment with AI/ML, automation and orchestration technologies to elevate manageability, contextuality, agility, and governance.

Response should be meticulously planned. Efforts should be made to make it systematised, coordinated, and multidimensional. Such security preparedness demand swift augmenting of capabilities and services. Other IT and digitalisation plans can wait, but security cannot.

What we do in making cyber security work in the government and public sector would have a bearing on India achieving its goal of becoming a trillion dollar economy.

The writer is CEO of Data Security Council of India