Over the last few years, with the rise of artificial intelligence and machine learning, there has been a significant change in how cyber-attacks occur and how companies are ramping up their defence mechanisms. Cybercriminals are leveraging advanced technologies to launch more varied and sophisticated attacks, while defenders are also utilising AI to respond to threats more proactively and efficiently. According to the latest Microsoft Digital Defense Report 2024, password attacks are on the rise, with 7,000 password attacks blocked per second over the past year, and Microsoft customers alone facing more than 600 million cybercriminal and nation-state attacks daily, ranging from ransomware to phishing to identity theft. “To put into context what we are seeing, if cybercrime were literally a country, it would have the third-largest GDP in the world, growing at about 15% annually, which is faster than India’s economy,” says Irina Ghose, managing director, Microsoft India and South Asia, while hosting the first edition of Microsoft Security Dialogues. Microsoft collects about 78 trillion signals per day, a significant increase from just eight trillion in 2021 and 65 trillion last year.
Akhilesh Tuteja, Global Cybersecurity Head, KPMG explains how the threat landscape is evolving. “Cyber security mimics the physical world's problems. So, if you look at what the viruses were, they were like vandalism. Somebody comes and breaks your glass, they don't get anything, but you lose something. Then you started to see a lot of denial-of-service attacks, which was basically somebody has bombed you, so you can't get out. But now it is kidnapping (ransomware). So, all of these are in some ways, manifestations of physical crime into the digital world.”
He also acknowledges that one big shift in the last 24 months is that India is becoming very fast, economically rich, as well as digitally rich. As more and more people are getting added to the digital landscape, they do not have the education or awareness of knowing what to do in case of a cyber attack. For instance, ransomware remains a critical cybersecurity concern. Microsoft observed a 2.75x year-over-year increase in human-operated ransomware-linked encounters, where at least one device in a network was targeted. Although these encounters have risen, the percentage of organisations that are ultimately ransomed (reaching the encryption stage) has decreased more than threefold over the past two years.
With enterprises being targeted with new age AI tools, CIOs are being challenged like never before. Satvinder Madhok, CTO & global head of Technology Infra, Wipro shares the challenges being faced by organisations. He says, “Cybersecurity is now getting platformised - multiple security systems are going to come together and potentially be able to show us the cyber security threats that we have on potentially one single stream and is still human-manageable. Second is the introduction of the AI into this mix, making it even more complex, even faster, and trying to outpace all the threats and the bad actors to make sure that we keep our system secure. Thirdly, as anybody can work from anywhere, the physical dependency on geography is gone. The way forward for us is to take all three together and make sure that we have a cohesive plan to keep our organisation secure and the country secure.” As a result, the company can approach security by design. “No matter which client we engage, we start with security by design, and the designing principles based on security will continue right until it is operationalized. There is no letting go of anything, and it becomes a cultural shift.” He adds, with 2,32,000 employees in Wipro, the company has trained everybody as a part of mandatory training in terms of security, to be aware and educated.
The Indian government has also issued sectoral guidelines for most industries, making cyber-attacks a regulatory risk for organisations. CEOs must pay attention not only to regulatory guidelines and compliance but also to the importance of cybersecurity in boardroom discussions. Businesses are now proactively prioritising security, creating a security-first culture.
Bithal Kumar Bhardwaj, Group CISO, GMR Group says, “Stop treating cybersecurity risk as a technology risk. It's a business risk in today's context. So, the moment you place it as a business risk, the whole paradigm shifts for an organisation how they would approach towards securing that particular asset or an organisation. A simple trick is to make sure you talk to the right people in the organisation and ensure that cybersecurity is mentioned in the annual report of the company. It starts from there on, once you have a mention of cyber security annual risk recognised by the organisation in the public forum, from there on, it is about making sure that you bring in a competent partner, get the assessment done of an organisation, and you make sure that you go and pitch it out to your boot. Once you have tabled the risk to your board from there on, everything is very, very simple, because the management responses have to be trapped at different committee levels, for any organisation.” He further adds that organisations should try to create a tool or a reason to start talking about cyber security. For instance, GMR, which is into airports and power plants, has conceptualised and built a phygital twin – physical and cyber security coming together and miniaturised a particular asset. The company has miniaturised the operational technology and IoT technology on a table – a physical model where people can come and touch and feel and understand how cyber security really works. “It's, in a way, an entire city or a nation, critical infrastructure put on a table, and you can actually touch, feel, and learn from that. So, initiatives like those, pattern management will start a motion within the organisation where people would love to come, see, and learn, instead of pushing it.”
The power of generative AI is also being leveraged to enhance security. Microsoft, for instance, introduced Microsoft 365 Copilot, which combines large language models (LLMs) with data from Microsoft Graph and the Microsoft 365 apps. Ghose explains, “It’s an AI-driven cross-stack solution that enables defenders to upskill themselves and shift from a reactive to a proactive security posture.” She adds that 97% of security professionals using Security Copilot want to continue using it, as it provides significant support in their roles.