Hyderabad: “Every 15 seconds there is a significant attack of ransomware and cyber crooks are trying to loot the people. It has been estimated that Rs 6 lakh crore was lost due to cyber crimes, and only 10 per cent of these crimes are being reported,” said J. Satyanarayana, chairman, UIDAI addressing the Global Cyber Security Conference in Hyderabad on Wednesday.
It is of paramount importance to protect our data, and the first important thing is identification of what we are trying to protect. Once any malware is detected, we should be able to respond to it and recover and mitigate the loss, Mr Satytanarayana said.
Security and privacy are two sides of the same coin. If your website/software is secured, your privacy is also protected, he reasoned.
Mr Satyanarayana who was involved in formulating the national cyber security policy, 2013, said, “If I had to write a policy for cyber security today I would write it totally differently as the type of responsibility has changed significantly.”
He said we cannot imagine a world without the Internet. What helped the snowballing growth of the Internet was its global reach. One can access websites anywhere in the world, and it can be used for all purposes; it doesn’t confine itself to any particular field.
Approximately 1.9 billion websites are present on the Internet and it has a unique identification for each and every website.
Free innovation is another reason for the growth of the Internet — no licence is required. It has simple standards, and collaborations helped its growth. These characteristics are very helpful, he said.
He chaired the committee formed to create implementation framework of the National Health Stack and submitted its report, the National Digital Health Blueprint report to the Ministry of Health, which is based on ecosystem technology and has got a good response from citizens, Mr Satyanarayana said.
“We are moving from an IT system to Digital Ecosystem technology. So we should formulate our cyber security policies taking into consideration the digital ecosystem. Significant and new capabilities for addressing cyber security strategies are required,” he added.
While drafting a cyber security policy five things should be taken into consideration: identification, protect, detect, respond and recover. Identification is very important, we should know what we are trying to protect. And think of protection measures like what hardware and software is to be used and how do we address, respond, recover, and mitigate the loss.
Secure by design should be of paramount importance. Security against Website Intrusion and malware, malicious code, phishing, DDoS attacks, website defacements, unauthorised scanning activities and vulnerable service should be taken care of in the design itself, he said.
