How Zero Trust is shaping the future of cybersecurity in India

Technology innovations have led to the evolution of Industry 4.0, which is primarily powered by the Internet. Businesses are now realizing the importance of data and analytics, artificial intelligence (AI), machine learning (ML) and DataOps for enhancing processes and collaborating with people. Moreover, with 5G roll out, wireless connectivity and augmentation of systems will also be greatly advanced. This rising need for automation and data exchange has made digital transformation a necessity rather than an option, as evidenced by the changing dynamics of business.  Initiatives like Digital India and its suite of initiatives like Centre of Excellence for IoT, Cyber Swachhta Kendra, National Digital Literacy Mission and DigiSevak by the Government of India have thus paved the path for India’s digital transformation. And the shift in the business landscape induced by the Covid-19 pandemic has further triggered this  transformation. 

In the coming years, rapid technological advancements will only increase IT spends among organizations across multiple industries. By the end of 2022, spending on digital transformation technologies will reach an estimated $1.8 trillion. However, this journey  is not child’s play and has challenges that define the state of India’s IT infrastructure. It presents challenges like cultural mindsets, inefficient change management, budget constraints and lack of proper IT skills. Another major challenge, which calls for maximum attention from businesses and IT teams, is cybersecurity threats. 

A cybersecurity attack can typically involve attack vectors such as malware, phishing, spamming, spoofing, spyware, trojans and viruses, stolen hardware, and distributed denial-of-service (DDoS) attacks. According to a report by the Indian Computer Emergency Response Team (CERT-In), more than 6.74 lakh cybersecurity incidents were reported this year (up to June). 

In this dynamic business environment and with everyone conducting their business online, every business, regardless of size, can be the target of cybersecurity attacks. 

Such an attack can originate not only from outside an organisation but also from its own network of employees. Moreover, remote working has led to an exponential growth in these incidents. With employees working remotely, often from personal or unmanaged devices, companies are unequipped with solutions to enable visibility and policy setting around how users interact with internal resources, the Internet and sensitive data.  According to a report, ‘Data security in the age of Zero Trust 2021,’ conducted across Australia, India, Japan, Malaysia and Singapore, the Asia Pacific region saw a 54% increase in cybersecurity incidents in a span of 12 months. 

It’s no surprise that with technology evolving, cyber attackers are also getting proficient at stealing data and other sensitive information. Zero Trust is the natural answer to these attacks. The term, originally coined by John Kindervag, an analyst at Forrester Research, runs on the principle of ‘Never Trust, Always Verify’. A Zero Trust model is a security framework that requires strict verification of any device or person trying to access information on a private network inside or outside of a network perimeter.

The very essence of a Zero Trust security framework lies in looking at every person or device through a suspicious eye, unlike the traditional IT network security framework which works on the castle-and-moat concept. However, before any organization can look to implement Zero Trust, it is essential for everyone to be properly aware of it. 

With an increase in the number of cybersecurity incidents, businesses in the Indian ecosystem have realised the need for a cybersecurity framework, like Zero Trust, that can protect them. 

Currently, India is witnessing investment in Zero Trust security in sectors such as fintech, auto, e-commerce, entertainment and D2C. According to a study, ‘Data security in the age of Zero Trust 2021,’ 62% of respondents indicated that they have adopted a Zero Trust strategy, however, 90% of those indicated they only adopted Zero Trust over the last 12 months.

Apart from securing data and credentials, there are other aspects where Zero Trust can be advantageous:

  • Eliminates use of VPN: A VPN works by routing your device’s internet connection through your chosen VPN’s private server rather than your internet service provider. Since users are required to verify their identity at each step, the solution also removes the need for VPNs. 
  • Increased productivity: A Zero Trust security model can significantly accelerate productivity of an organisation by allowing teams to work from anywhere since digital assets and other credentials are at a lesser risk of being harmed.
  • Transparency: The model can specifically help in tracking unusual behavior in the assets being accessed at an early stage, which increases transparency and mitigates data breaches.
  • Data protection and authenticity: The solution asks for verification at every step, which keeps data safe from being stolen or harmed. This reduces the risk by making evaluation of infringements easier to track.
  • Greater reliability: Zero Trust runs on the principle ‘Trust No One and Nothing’, so the person or device is asked for verification before gaining access to a resource. This increases the reliability of the data that is being accessed as no alterations can be made without verification.

Though the concept of Zero Trust is no longer theoretical, it is still in its early stage of awareness and adoption in India compared to other countries. In the shift to a dynamic digital future, businesses should understand that the potential of becoming victim to cybersecurity attacks is also rising. A good cyber security framework like Zero Trust can help organisations protect valuable data and play a key role in shaping the future of cybersecurity in India.



Linkedin


Disclaimer

Views expressed above are the author’s own.



END OF ARTICLE


Leave a Reply

Your email address will not be published. Required fields are marked *