HOME
NEWS

8th Cyber and Data Security Summit 2024 shapes the Future of Digital Protection


By VARINDIA - 2024-05-09
8th Cyber and Data Security Summit 2024 shapes the Future of Digital Protection

Kamal Sharma, Group CEO, Kambill Systems Pvt. Ltd.; Dr. Deepak Kumar Sahu, Editor-in-chief & Publisher, VARINDIA; Roop Kumar, Category Manager – Storage, HPE India; Sudhir Sahu, Founder & CEO- Datasafeguard Inc.; Dr. Pavan Duggal, Chairman of the International Commission on Cyber Security Law; Dr. Amar Patnaik, Member of Parliament in the Rajya Sabha; Atul Kumar, Lead-Government Initiatives and Global Trade, Data Security Council of India; Sanjay Kaushik, Managing Director of Netrika Consulting India; Sourabh Gupta, Group Chief Digital and Information Officer-Gujarat Fluorochemicals Ltd; Deepak Maheshwari, Public Policy Researcher & Consultant and Dinesh Kumar, Sales Director- India & SAARC- SOTI

 

 

The 8th edition of the Cyber and Data Security Summit 2024, organized by Kalinga Digital Media, and presented by Hewlett Packard Enterprise and Intensity, was commenced with great enthusiasm at The Park, New Delhi on 9th of February, 2024. With a focus on addressing the evolving challenges of cyber threats and data security, the summit provided insightful discussions, expert presentations, and valuable networking opportunities.

The dignitaries who graced the occasion included Dr. Amar Patnaik, M.P.- Rajya Sabha; ; Mr. Sanjay Kumar Das Addl. Secretary, IT&E Dept and State CISO, West Bengal; Dr. Pavan Duggal, Chairman-International Commission on Cyber Security Law; Dr. Gulshan Rai, Former National Cyber Security Coordinator and Founder & Former DG, CERT-In ; Ms. Suchitra Maurya, CGM- Reserve Bank Of India (RBI Ombudsman); Mr. B. Shankar Jaiswal, IPS- Joint Commissioner of Police- Delhi Police; Mr. Sudhir Sahu, Founder & CEO- Datasafeguard Inc.; Mr. Kamal Kashyap, Director and Country Manager - Storage Business Unit, HPE India;  Mr. Harnath Babu, Partner & Chief Information Officer- KPMG; Dr. Pavan Duggal, Chairman-International Commission on Cyber Security Law; Mr. Atul Kumar, Lead-Government Initiatives and Global Trade- DSCI; Mr. Sanjay Kaushik, M.D. - Netrika Consulting India; Mr. Vijay Sethi, Digital Transformation and sustainability evangelist-Mentorkart ; Dr. Karnika Seth, Legal Advisor, Ministry of Defence, GoI; Dr. Rakshit Tandon, Risk Advisory, Cyber Detect & Respond Leader; Mr. Dinesh Kumar, sales Director- India & SAARC- SOTI; Mr. Jaspreet Singh, Partner- Grant Thornton Bharat LLP; Adv( Dr.) Prashant Mali, President & Founder- Cyber Law Consulting;Mr. Rohit Raman, Managing Partner & Head APAC- ETek  International Corporation; Mr. Deepak Maheshwari, Public Policy Researcher & Consultant; Mr. Saurabh Gugnani, Head IT & Security- MAX Life Insurance; Mr. Shaik J. Ahmed, V.P, Head of Information Security Risk & Governance- Mashreq Bank; Mr. Saumil Purani, V.P-IT (Infrastructure Solution & Delivery)-  Axis Bank; Mr. Shubhendu Dutta, CTO-NSE Indices and Data; Mr.  Roop Kumar, Category Manager – Storage, HPE India ; Ms. Khushbu Jain, Advocate- Supreme Court Of India; Col.(Dr.) Indrajeet Singh, Founder- Cybersleuths; Mr. Sourabh Gupta, Group Chief Digital and Information Officer-Gujarat Fluorochemicals Ltd. And Major Subhendu Mahunta, Head-Financial Crime Prevention- FPL Technologies.

Dr. Deepak Kumar Sahu, Editor-in-chief & Publisher, VARINDIA, delivered the welcome address, setting the stage for the day's proceedings. Throughout the morning session, esteemed dignitaries including Dr. Gulshan Rai, Former National Cyber Security Coordinator and Founder & Former DG, CERT-In; Sudhir Sahu, Founder & CEO- Datasafeguard Inc. and Rohit Sobti, Regional Sales Manager - North & East India, Nepal & Bhutan- FORTINET delivered and showcased their invaluable contributions to the field of cybersecurity. The summit also featured illuminating presentations and discussions from industry leaders who shared insights into the latest trends and practices in cybersecurity.

The highlight of the summit was the insightful discussion during the fireside chat sessions, the first one was between Animesh Bansriyar - Director - Solution Architect, Elastic and Arvind Jawahar Bhat, Head Managed Security Operations & iSOC- Airtel and the second fireside chat session was moderated by Dr. Deepak Kumar Sahu, Editor-in-Chief of VARINDIA, featuring Rameesh Kailasam, CEO of Indiatech.org, and Sudhir Sahu, Founder & CEO of Datasafeguard.ai, who delved into the nuances of data privacy and security in the digital age.

The summit features four tracks of panel discussions, corporate presentations, providing a platform for experts from diverse backgrounds to share insights and best practices in combating cyber threats, followed by the awards ceremony.

The first panel discussion session on "Personal Safety in the Digital World," was moderated by Dr. Deepak Kumar Sahu, and the panelists were Dr. Manjari Khanna Kapoor, Chairperson SEQURE and CPTED India; Veena Gupta, Founder & MD- Seam Risk Solution India; Jaspreet Singh, Partner- Grant Thornton Bharat LLP; Major Subhendu Mahunta, Head-Financial Crime Prevention- FPL Technologies and Dr.Rakshit Tandon, Risk Advisory, Cyber Detect & Respond Leader.

The afternoon session of the 8th Cyber and Data Security Summit 2024, unfolded with remarkable vigor and engagement. Continuing the trajectory set by the morning session, the afternoon segment explored pioneering strategies, insightful discussions, and expert insights aimed at navigating the complex landscape of cybersecurity and data privacy.

Sanjay Kumar Das, Additional Secretary of the IT&E Department and State CISO of West Bengal, captivated the audience with his talk on "PRIVACY in Cyberspace - Dilemma, Despair, and Opportunity," shedding light on proactive measures implemented by WEBEL to combat cybercrime and protect netizens in the state of West Bengal.

The afternoon session also featured stimulating panel discussions, including "Strategies for Cyber Resilience in 2024: Future Outlook," moderated by Deepak Maheshwari, Public Policy Researcher & Consultant. Esteemed panelists, including B. Shankar Jaiswal, IPS, Joint Commissioner of Police - Delhi Police; Dr. Karnika Seth, Legal Advisor, Ministry of Defence, GoI; Harnath Babu, Partner & Chief Information Officer- KPMG; Kersi Tavadia, Ex CIO- Bombay Stock Exchange and Suchitra Maurya, CGM- Reserve Bank Of India (RBI Ombudsman) shared valuable insights into fortifying cybersecurity strategies amid evolving cyber threats.

B. Shankar Jaiswal, IPS, Joint Commissioner of Police - Delhi Police, set the stage with his astute overview on the future outlook of data and security landscape.

Engaging presentations by industry leaders such as Chirag Nagda, Customer Solution Architect Team Lead (India & SAARC)- Efficient IP and Rohit Raman, Managing Partner & Head APAC- ETek International Corporation underscored the importance of leveraging innovative solutions and technologies to enhance network security and address emerging threats.

The third, thought-provoking panel discussion, on "Fortifying the Financial Sector: Strategies against Cyber Threats," provided attendees with actionable strategies for protecting critical assets in the financial sector. The moderator of this discussion was Gyana Ranjan Swain, Consulting Editor- VARINDIA, and the panelists were Saurabh Gugnani, Head IT & Security- MAX Life Insurance; Umakant Tripathi, Director -Cyber security- LTI Mindtree;  Shaik J. Ahmed, V.P, Head of Information Security Risk & Governance- Mashreq Bank; Saumil Purani, V.P-IT (Infrastructure Solution & Delivery)- Axis Bank; Shubhendu Dutta, CTO-NSE Indices and Data and Sudhir Sahu, Founder & CEO of Datasafeguard.ai.

S. Mohini Ratna, Editor-VARINDIA, moderated an insightful panel discussion on "Navigating the Landscape of Data Privacy," featuring prominent experts such as Vijay Sethi, Digital Transformation, and sustainability evangelist at Mentorkart, Kamal Kashyap, Director, and Country Manager - Storage Business Unit, HPE India; Col.(Dr.) Indrajeet Singh, Founder- Cybersleuths; Dr.Damodar Sahu, Co-Founder & Chief Growth Officer- Datasafeguard Inc.; Sourabh Gupta, Group Chief Digital and Information Officer-Gujarat Fluorochemicals Ltd.; and Khushbu Jain, Advocate- Supreme Court Of India.

The session culminated with an enlightening addresses by Adv (Dr.) Prashant Mali, President & Founder of Cyber Law Consulting and Dinesh Kumar, Sales Director- India & SAARC- SOTI .

The evening session of the highly anticipated 8th Cyber and Data Security Summit 2024, presented by Hewlett Packard Enterprise and Intensity, unfolded with unparalleled energy and engagement. The session commenced with a series of thought-provoking discussions on the dynamics between CIOs and CISOs, emphasizing the importance of aligning security needs with IT development goals within organizations.

The evening session featured the keynote address by Dr. Amar Patnaik, Member of Parliament in the Rajya Sabha, who underscored the importance of preventive measures in cybersecurity, emphasizing the cost-effectiveness of preventing cyber-attacks compared to repairing the damage caused by them.

Distinguished key speakers and technology experts took center stage to share their expertise and insights. Dr. Pavan Duggal, Chairman of the International Commission on Cyber Security Law, delivered a compelling address on "Indian Cyber Legal Approaches on Cybercrime & Cyber Security - Emerging Trends," shedding light on evolving trends and challenges in the legal landscape of cybersecurity.

Roop Kumar, Category Manager – Storage, HPE India, captivated the audience with his presentation on real-time detection and protection, showcasing innovative solutions to safeguard critical data in the digital age.

Atul Kumar, Lead-Government Initiatives and Global Trade, Data Security Council of India, provided valuable insights into government initiatives and international engagement in cybersecurity, highlighting the importance of collaboration in addressing global cybersecurity challenges.

Sanjay Kaushik, Managing Director of Netrika Consulting India, delved into the emerging challenge of deep fakes in cybercrime, emphasizing the need for proactive measures to combat this growing threat.

The event concluded on a high note with a heartfelt vote of thanks by S Mohini Ratna, Editor-VARINDIA, expressing gratitude to all participants, sponsors, speakers, and attendees for their invaluable contributions and making the summit a resounding success. 

 

SPEAKERS

 

Dr. Amar Patnaik, M.P.- Rajya Sabha

Promoting innovation is necessary for the digital economy

“The primary guidance for the Government of India when introducing the 2019 bill was the substantial influence of the GDPR, which formed the basis for the 2019 Personal Data Protection Act. Prior to this, the Supreme Court had extensively referred to the GDPR in its judgments, shaping the drafting of the 2018 draft laws. The government of India incorporated many elements from these sources, leading to substantial alignment. However, during the two-year consultation period, which included involvement from the current ministers and the Ministers of State, witnesses from various sectors including educational institutions, legal firms, tech companies, and social media intermediaries provided input. The Joint Parliamentary Committee sought to adapt the GDPR to the Indian context while considering the testimony of these witnesses. The Indian context differed notably due to the emphasis on bolstering the MSME (Micro, Small, and Medium Enterprises) sector, a key driver of economic growth. Despite efforts to carve out provisions for startups and MSMEs in the 2019 Personal Data Protection Act, none were included in the final version. There was recognition, particularly by the Prime Minister, that the Indian economy's innovation and growth relied heavily on emerging technologies driven by smaller enterprises. Consequently, the decision was made to shift from the prescriptive approach of the new GDPR to a more principle-based framework in the act, leaving detailed regulations to subsequent rules.”

 

There is still a large gap between the cyber attacks and the level of preparedness required


B Shankar Jaiswal, IPS - Joint Commissioner of Police, Delhi Police

“In the last three years, the number of cyber-crimes has jumped from 10,000 to 15,000, which is very alarming. Speaking honestly, we don’t have so much resource as things is moving in an exponential fashion. Any amount of research cannot keep pace with the speed that these crimes are rising, which are doubling every three years. The trend is that, every six months we are discovering a new crime arising. Phishing is common which has been there for many years, while DDoS has been a big threat for cyber-critical physical infrastructure. Identity theft has become very common as it is generated through Artificial Intelligence and we have had many new cases involving Deep fake recently, the investigations for which are very challenging. AI and quantum computing are two things which are going to completely change the landscape of cyber-crimes and combined with technologies like Internet of Things (IoT) and Blockchain, this is going to make the online a very complex place. Ordinary citizens who are not used to technology are absolutely vulnerable to such cyber-menace and the only way this can be tackled or is through awareness, training and education. On one hand, while 5G is going to make our lives easy, it also has its own share of pitfalls. Thanks to 5G, certain crimes which could never be conceptualised earlier would now come to fore. For instance, earlier sniper attack could never be thought of being conducted remotely, but now with 5G and with minimal latency, these attacks can now be accurately planned, coordinated and conducted from a remote location. With the coming of Quantum computing, whatever encryption standards we have, will go completely haywire.”

 

As per DoT data, 97% of the mobile users in West Bengal has an internet connection


Sanjay Kumar Das, Addl. Secretary, IT&E Dept and State CISO, West Bengal

“Talking about West Bengal as a prospective market, we have many successful use cases with many vendors going and setting up shop in the state because of the potential. The population is equivalent to that of Bangladesh – around 10 crores, of which 97% of the mobile users has an internet connection. This is as per DoT data. One-third of them are having two internet connections. Redundancy is the call of the day for everyone in West Bengal. West Bengal is known for aesthetic, creative and logical thinking because we are deeply political and voice our concerns without any hesitation. The state has been involved in cybersecurity activities since 2016 and in 2017 we set up the Cybersecurity Centre of Excellence. This also happens to be the first CoE in the country on cybersecurity that looks after two verticals – awareness & skilling, and cyber-assurance, which are pre-incident verticals. Again, there are two post incident verticals – Incident Response & Management (IRM), under which there is Cyber crisis Management Plan (CCMP) and the next vertical supports the law enforcement agency in their investigation capabilities and provides the necessary tools and services like the forensics. Thousands of school teachers and lakhs of students are regularly trained on cybersecurity. The first basic training that we give is cyber-hygiene practice and cyber-skilling. All the skilling certifications are either from WEBEL or it is EC Council certified. Close to 33,000 girl students from Kolkata schools are being trained by Kolkata police under the Rani Laxmibai training program. Since 2018 we have in place a cyber-assurance plan looking after infrastructure security.”

 

Technology has a great impact on enhancing the efficiency of the system in any industry 

 

Dr Gulshan Rai, Former National Cyber Security Coordinator and Founder & Former DG, CERT-In 

“Technology is no longer a singular approach. Today we are in a converged era where we do not deal with only one aspect of technology at a time. Such kind of transformation has taken place in today’s time, though this has impacted in a large way the social development of the country. A whole lot of technologies are coming in, bringing with it a whole lot of challenges. And I would say, we are still on the tip of the iceberg. The productivity and the efficiency of the system has certainly got enhanced – be it any sector like education, defence, healthcare, etc. Like for instance in the hospitals, most of the surgeries are now robotic and the efficiency it brings in is beyond wonder. Even cataract surgeries are no longer manual ones. So, in other words, technology transformation has happened to a large extent and such is their impact that we cannot anymore envisage a society without technology. At the same time, the monitoring of this technology is equally becoming very complex. If you take the examples of the Ukraine-Russia war or the Israel-Hamas war, technology is playing a big role in it. Now technology has both a legacy as well as the modern systems in it, and at no cost you can replace those legacy systems. So going forward, we are going to see a hybrid approach, which is the merger of both the legacy and the modern systems. Another factor which we see in the emergence of the latest technology is the new products getting added up almost every day. We see start-ups coming up with innovative products based on the current technologies. The challenge here is to see that their products can seamlessly speak to the base technologies that have been implemented.”    

 

Hackers steal your PII data and write the AI program to create Frankenstein identities 
 

Sudhir Sahu, Founder & CEO - Datasafeguard Inc.  

“Synthetic frauds happen when your PII (Personally Identifiable Information) data like Pan card number, Aadhaar cad number gets stolen. Hackers then use AI program and create Frankenstein identities using your personal data. In 2023 alone, three trillion dollars were taken using synthetic fraud. By taking fake identities, fraudsters are able to open bank accounts, steal money and move them through these fake accounts. Nobody is able to track them and that is where data privacy comes very handy. If we are able to protect the PII data, we can then prevent synthetic fraud from taking place as even if a breach happens, hackers will not be able to get access to these data. Data privacy and cyber-security became relevant 20 years back when enterprises started investing in security solutions. But after Covid, there has been a huge increase in data digitization, making it easier for hackers to lay their hands on PII and PHI data. Data digitization thus gave rise to Synthetic Fraud. In 2023, the total spend on cyber-security was $175 Billion and the good news is that this spend in budget is gradually shifting towards data privacy. Again in 2023, there were 694 known data breaches that cost an average of $9.5 Million per breach to identify/contain and remediate the attack. Enterprises have failed to protect customers’ PII and PHI data and meet data privacy compliance, resulting in having to pay huge penalties. In 2021, the data privacy fines were $10B while in 2023 that has crossed to $25B. More than 300+ large companies across 30+ countries have been fined for not able to meet compliances.”

 

Modus operandi adaptation lessens the fraudster ecosystem's audacity
 

Atul Kumar, Lead-Government Initiatives and Global Trade- Data Security Council of India

“In this decade, it is imperative for individual industries, ecosystems, and national levels to embrace technology for growth and sustainability. Simultaneously, we must recognize cyber as the fifth domain following air, sea, land, and space, which is also rapidly evolving. It's crucial to address both aspects comprehensively, considering various dimensions involving regulation, technology, and ecosystem preparedness. Cyber is emerging not only as a domain of opportunity but also as a realm of cybercrime, posing significant challenges due to the escalating volume, value, and velocity of data transactions. Initiatives undertaken by the Indian government and industries to digitize processes have opened up new threads and complexities, especially with the unbundling of transaction processing. Innovations like the Unified Payments Interface (UPI) have streamlined service delivery but also exposed vulnerabilities to data aggregation and exploitation. While initiatives like the Data Protection Bill aim to safeguard against these threats, adversaries continuously exploit emerging technologies like generative AI for malicious purposes. The cross-border nature of cyber activities complicates attribution, making it challenging to identify perpetrators and discern between state-sponsored and quasi-state-sponsored activities.” 

 

Privacy is a myth


Sanjay Kaushik, Managing Director, Netrika Consulting India

“Despite the concerted efforts of Chief Information Officers (CIOs), Chief Security Officers (CSOs), and cybersecurity practitioners, who have invested billions in capital expenditure, cyber fraud persists at an alarming rate. The Reserve Bank of India (RBI) and other authorities have repeatedly highlighted these dangers through various media channels, including television and radio broadcasts. However, incidents of fraud, such as those involving impersonation, persist, as evidenced by recent news reports detailing harrowing experiences, including instances where individuals have been driven to contemplate suicide due to fraudulent schemes. Financial losses resulting from cyber fraud are indeed distressing, but the loss of life is even more tragic. Consider the case of a Chief Financial Officer (CFO) who, despite possessing considerable expertise falls victim to a fraudulent video call, resulting in a significant financial loss. These incidents raise important questions about the efficacy of existing technologies and security protocols in safeguarding against such threats.
Privacy is a myth. With the expansion of digital footprints the vulnerability of personal information increases exponentially. Despite the availability of numerous cybersecurity solutions and the diligence of CIOs and CSOs in implementing robust security measures, vulnerabilities persist, often due to the actions of entry-level employees who inadvertently compromise security protocols. Addressing these vulnerabilities requires a comprehensive approach, one that encompasses technological innovations, heightened awareness, and proactive measures to mitigate risks effectively.” 

 

Organizations should comply with the Indian Government's cyber law to avoid penalties 

 

Dr. Pavan Duggal, Chairman, International Commission on Cyber Security Law

"First and foremost, we are in a data economy. In India, if I am touching any of the seven raw materials - use of computers, computer systems, computer networks, computer resources, communication devices, and also data and information in electronic form, I am covered under the Indian cyber law. Why do we need to be bothered about cyber law, a 24-year-old legislation? The law got amended once in 2008. The law provided secondary legislation powers to the government and the government from time to time is coming up with new rules and regulations, it began with regulation in 2001, 2011, February 2021 and then this got amended as latest as April 2023.  
In case in India if you are dealing with third party data, then you are dealing with fire. According to 28 June 2022 notification of the Indian government known as IT directions, which says the moment you know about a cyber security breach, please report within six hours. If you do not report then you have automatically committed a punishable offence with one year imprisonment and fine. Now, there's a new added dimension, from 11 August 2023, the government of India has passed this new legislation called Digital Personal Data Protection Act 2023. If you do not comply with this, just be prepared to be fined from Rs 50 crore to Rs 250 crores. Here, one of the leading trends that is coming up is that we will have to start going behind the ‘Suraksha Kavach’ that the law is providing to us. The law is providing a statutory exemption from legal liability."

 

Under reporting giving rise to larger cyber crime business 


Adv (Dr.) Prashant Mali, President & Founder, Cyber Law 

"The financial cyber crime happening in our country is because of the grid of getting more interest, more money than the standard practices. Second is being aware of technology and frauds but yet not keeping an eye on what is happening around. Two most important policy aspects are one is there are only 321 cyber police stations in our country. Out of that there are 55 in Maharashtra, 45 in Karnataka, 35 in West Bengal and only seven in Jharkhand and it is the hotbed of all the cyber crimes. In Parliament it has been reported that 1.1 million cases of online frauds have happened in our country and the leading state was UP then Maharashtra and Karnataka. There are two policy decisions which are continuously failing, one is the apathy of police to file an FIR so justice never begins. We do end up in giving police a written complaint or there is a portal called cybercrime.gov.in. which is a forwarding portal. So, what happens is the government does not have data on how much frauds are happening. Government gets data from NCRB (National Crime Record Bureau) and it is reporting the FIRs that are registered. The conversion ratio of FIRs registering is 1.7% out of 100. One police station gets around 2.5 lakh complaints. The conversion ratio that was shown was only 5000 FIRs are being filed. 
Second is we - Corporates are also responsible because many times the cybercrime that we face is never reported. It is not reported to the regulators and the insurance companies also. Corporates are failing because of various business considerations. We do not have an actual figure of losses.
We are facing these policy related things where under reporting is giving rise to larger cyber crime businesses and this has become the most beautiful business."

 

Every crucial application requires a disaster recovery plan

Roop Kumar, Category Manager - Storage, HPE India

“The primary challenge we face with ransomware is, understanding its vast radius. We need to identify clean data and swiftly restore it to keep our operations running smoothly. Having an API to detect the vast radius quickly is crucial. Detecting the vast radius online provides insights to address application issues and ensure server integrity offline. The key is, understanding how to protect our data and maintain regulatory compliance continuously, whether applications are on-premises, in the cloud, or a combination. To mitigate the evolving threat of ransomware and ensure swift recovery, compliance with industry standards is essential. Our software runs on various platforms, including workplace applications, both virtualized and on-premises or in the cloud. Rapid recovery from ransomware is imperative for business continuity. Disaster recovery and continuous data protection plans for critical applications are vital. As data moves between on-premises and cloud environments, our software addresses these challenges, focusing on ransomware resilience as a priority. Our operational framework replicates data in real-time, detecting anomalies that may indicate ransomware encryption. By isolating critical application data, we create a cyber-secure environment, protecting against cyber threats and ensuring data integrity. Regular testing and continuous improvement are essential components of this process. Our software facilitates replication, detection, isolation, recovery, and testing in a continuous cycle, safeguarding against hybrid cyber attacks.”

 

There are lot of investments going on in the Dark Web to carry out cyber-attacks  


Rohit Sobti, Regional Sales Manager, North & East India, Nepal & Bhutan - Fortinet

“Fortinet, as a US cybersecurity leader has been driving security practices, architecture and defining our security offerings in front of the larger audience for the past 23 years or more. Not only next-generation firewall (NGFW), but Fortinet has been investing in a lot of other security technologies over a period of time; we empower more than 50+ technologies and sell them to customers through our offerings. Our support centres are functional across the globe and we have our cloud presence in 100+ areas across the world. Lot of our services are also operational using the Google Cloud Platform. Talking about the cybersecurity scenario in India, there has been a large, diversified, constant endeavour of cyber-attacks that have been maturing and have been going past the deck. Gone are the days when traditional cyber-attacks used to effect individuals or businesses; now it is an army of people or associations who are responsible for stealing data, and there are people who will probably buy those stolen data. So there is all together a parallel world, otherwise called the Dark World (Dark Web) that is constantly investing in carrying out such nefarious attacks across industries – pharmaceutical, manufacturing, or any other vertical for that matter. This is the kind of maturity in cyber-attacks that have been progressing really strongly. While there are incidents which are reported, there are still many more which go unreported – like oil refineries that were compromised where hackers breached pipelines using compromised passwords. Going forward, planned cyber-attacks are going to impact institutions, organizations and on a larger scale economies and nations.”

 

Visibility is critical for cyber security


Dinesh Kumar, Sales Director- India & SAARC, SOTI

"While most of our gadgets, the ecosystem and threat surfaces are increasing day by day and most of the devices under threat are mobile in nature. The attack surface is becoming huge and the device ecosystem is becoming very complex, IoT devices, drones, cloud, digital kiosks, even connected printers. Visibility is the most critical criteria. While visibility is the biggest challenge, so can I get a visibility dashboard? If we look at today's topic, the industries which will very well catch up in the next three to nine months in India will be healthcare. Patient data will be under threat, compliances like the DPDP Act have to be brought in place and healthcare will be one industry which will immediately have to adopt this. So, what would you require from that perspective, remote control and view, broader device support and optimize operations and also predictive intelligence of what is happening on the devices which are being used to take care of the patient. If you take that control, you can ensure at least some security from that perspective on the devices which are being deployed. Retail is another area where most of the data of users is being used and taken, that again is a cyber threat, which we can secure right from in store technology to broadest device support. Then the supply chain, the heart of any logistics, transport organization and warehousing. So whatever IoT devices and RFID devices are being used in supply chains they need that critical care so that the systems are in place and there is no threat of attacks."

 

DNS is critical for businesses


Chirag Nagda, Customer Solution Architect Team Lead (India & SAARC), Efficient IP

"DNS plays the role of resoling a domain name into an IP address. It can easily allow the users to move from DC to DR or from moving from one data center to the other seamlessly without any manual intervention. About Zero trust foundation, it's been almost a few years that every security OEMs or organizations are talking about zero trust. A decade before we used to bother more about perimeter security but today, we are more bothered about inside to outside and within the east west traffic. If one of my insiders is trying to do some mischievous activities then how do I control that? That is where zero trust comes into picture where I don't trust outsiders, I do trust employees and colleagues but at the same time I want to put a better control. The key foundations from a Zero trust perspective is visibility, where what is connected, how it is connected, what kind of traffic is running in my network, what are the mysterious activities happening? Once I have analytics, I want to do orchestration and automation. That is why everywhere AI is going on. So, looking at the very specific protocol, DNS; it is mission critical which means without DNS, you cannot live. If I have to type efficientip.com, the first thing I will do is resoling a domain name to an IP address. Then I will do HTTP, HTTPS etc. So without DNS, I cannot access any kind of application. No DNS means no business and cannot access anything on the network, it can be internal or on public domain."

 

Organizations need to be proactive to avoid cyber risks


Rohit Raman, Managing Partner & Head APAC, ETek

"Whatever we do, we are going to be hacked. So how we can fight back, recover something which we've already lost? There has been a bit of work that we have been attempting to do with the customers, with the experience of over three decades. We have realized the struggle that our industry and communities are facing. It’s an attempt to talk about how to become proactive in the present scenarios.
There are three critical functions in an organization – business, IT and cybersecurity. Out of these three functions business has always been the priority. Then comes the vision for IT and at last comes cybersecurity which is completely ignored. When we approach the board for cybersecurity, the common objection that we face is what’s the hurry.
But when we expose them - what is happening today, the incidents and the attacks that are increasing every day - that is the challenge we are trying to solve.
To solve that problem which is required to be done is proactiveness which means anticipating the future. In terms of cyber security, we know what are the risks that we can encounter and prepare against those risks today so that we no longer talk about resilience and recovering data. It cannot be 100% guaranteed, but it is possible by becoming proactive."

 

Improving compliance with data privacy laws is crucial to lower cybersecurity risks

 

Deepak Kumar Sahu, Editor-in-chief & Publisher, VARINDIA  

"With the rapid growth of digitalization and increased reliance on technology, cybersecurity in India has become critical. The Indian government has recognized this and taken several initiatives to address the challenges posed by cyber threats. We have recently witnessed alarming instances of AI-generated frauds, such as deepfake media, which pose significant risks, including identity theft, phishing scams, and cyber-bullying. These incidents underscore the urgency of addressing emerging cybersecurity threats.
Cloud security breaches have also been on the rise, with a study revealing that 39 percent of businesses experienced a data breach last year. In the same survey, 75 percent of companies said more than 40 percent of their data stored in the cloud is sensitive. The consequences of such breaches are severe, impacting a company's reputation and customer trust. In 2023, the cybersecurity space witnessed transformative changes, with the rise of ransomware attacks, IoT vulnerabilities, and sophisticated social engineering tactics. AI and machine learning have also played a significant role in shaping the cyber ecosystem.
As we look ahead, the weaponization of technology presents new security challenges, especially in the realm of AI for military purposes. Organizations must continue to invest in talent, technology, and tools to thrive in this complex landscape."

 

FIRE - SIDE CHAT SESSION - I

Opportunities and Challenges in Security operations

 

Arvind Jawahar Bhat, Head Managed Security Operation & iSOC, Airtel

Emerging Trends in Technology and Security

“The landscape of technology is evolving rapidly, and I'll describe it based on my observations over the past five years. Traditionally, security was understood to rely on three key pillars: people, process, and technology. However, in the last two years, additional pillars have emerged. One crucial addition is security automation, followed by AI and ML. These three new pillars are essential because the nature of attacks customers face now demands these capabilities within their operations. 

With attacks evolving and digitalization progressing, approximately 80% of customers are transitioning to the cloud. A recent trend involves the emergence of new generative AI, which fuels cyber attacks such as deep fake videos and the production of new malware. This signifies a significant shift, where security operations, previously reliant on people, process, and technology, must now incorporate automation, machine learning, and AI generation into their operations for the next five to ten years.

Another notable change that I foresee is the emergence of what I perceive as a singularity. In my observation, within any enterprise, there are typically 30 to 40 security components. What I'm noticing is a rising trend towards consolidation, where people are increasingly interested in streamlining their security infrastructure. Partners and OEMs, including Elastic, are actively pursuing this direction, aiming to offer singular products that cater to diverse needs. This trend is likely to be a topic of discussion for the next five years.”

 

Animesh Bansriyar  
Director - Solution Architect, Elastic

Adaption to evolving conditions in a Tech-Driven Environment

“We collaborate with numerous security partners and managed security service providers. For sizable enterprises, investing in security entails more than just acquiring the appropriate tool sets or products; it also involves assembling the right team of individuals. People play a crucial role in security operations for all entities, be they large enterprises or SMBs. 

While large enterprises can establish their in-house setups, smaller customers or SMBs, unable to afford independent security operations, must engage with the appropriate managed security service providers. This aspect is integral to the ecosystem; it encompasses not only software but also the essential components of people and processes.

Setting up and operating security operations has become increasingly complex due to the intricate ecosystem. There exists a multitude of threat vectors and various types of protective software, contributing to the complexity. Consolidating all these elements into a single platform, which Arvind accomplishes, proves highly beneficial. Moreover, the world is evolving, particularly with the rise of AI. While we extensively leverage AI for defense purposes, attackers also exploit the same technology. Thus, security remains a perpetual cat-and-mouse game that has persisted for decades and will likely continue, especially as we delve further into AI.” 

 

FIRE - SIDE CHAT SESSION - II

Securing enterprises against data privacy
 

Sudhir Sahu, Founder & CEO, Datadafeguard.ai
 

Synthetic fraud needs to be addressed otherwise $10 trillion will be lost by the end of 2025

This is a question for today's age that so much of money is being stolen by synthetic fraud and what can we do to stop it? How is it happening? Data privacy and synthetic fraud are both related subjects. If the data cannot be stolen, synthetic fraud cannot be inflicted. Why is it linked, because data privacy helps reduce data breaches. It protects the PII data which is necessary to create synthetic identities which is also known as Frankenstein identities which means it is a fake identity. It is someone’s Aadhar card number, anyone else’s PAN Card number, somebody else's home address and again somebody else's phone number, email ID. Using AI algorithms, hackers write this data. After they breach the data, they collect it or buy it from the dark web and write AI algorithms to create fake identities and they create millions and millions of them. They apply for credit cards, bank account numbers, do wire fraud, terrorism funding and all kinds of other activities. Two of the largest examples around the world is the PPP loan which was a multi-trillion-dollar loan which the Federal Government started in the US. $232 billion were stolen by creating fake companies. So, imagine to what extent these hackers can go to perfect the act of creating Frankenstein identities which look so real that they actually open bank accounts so the money can be taken into the bank account then they bounce it off of 300 different servers around the globe and the money ends up primarily in Eastern Europe because the synthetic fraud originates from there and many of those countries have perfected the act. Sometime back in 2018 I went to Estonia which is an Eastern European country, Tallinn is the capital and has thousands of universities where hacking is taught and also, they teach how to create synthetic identities. These are funded by the mob syndicate from Eastern European countries. Synthetic fraud is such a large industry, in 2023, $3 trillion were stolen and if nothing is being done then more than $10 trillion will be lost by the end of 2025.
 

Rameesh Kailasam, CEO, Indiatech.org
 

As India is digitizing fast, it needs to be secure faster 

I work on ease which means ease of living, doing business, kind of continuing your life, access to mobility everything. If you look at today’s generation, they want everything on the swipe of a screen or a click of a button. Gone are those days when people used to physically come out and do things. The connected world has made it very possible for having an ease in your life. With this growing ease there is a growing concern of the fact that as India is racing fast. We have a good collaboration of government, citizens and industry working together to live a connected life. In fact, we were the first to automate government to citizens in a range of areas. Businesses actually D2C (direct to customer) is happening now. We always had B2B (business to business) because the D2C was a physical world for us. Now, the government moved ahead, so government to citizen services happened faster. I remember when I was part of AP Government, E-Seva was the first which connected citizens with the government. India is rapidly digitizing and with that there is a comfort factor that all of us are getting used to. The part that we need to fix quickly is the security. If there is no security, the day it gets broken we will be in chaos because we are getting used to this new lifestyle of living in a connected environment where right from your travel tech to mobility tech to food tech to delivery tech to edutech everything is digitized. The moment one of us experiences breach and our trust will be broken that day. It is a big danger point not only for the startup ecosystem, the investor ecosystem but also for the entire country. If you look at it from the government standpoint, it is also building the digital public infrastructure. Whether it's UPI, ONDC, everything that the government is pushing from an industry standpoint to go into the digital world, all of that is a kind of a security checkpoint. One other thing is that 20 years back we were discussing critical infrastructure protection, today we transact on the banking system digitally, book tickets digitally, and we are getting all our services digitally. All this data is sitting in different places and an attack on one of them is something that can completely break this trust factor and therefore as India is rapidly digitizing fast, it needs to secure it faster.

 

Panel Discussion : (Session I) Personal Safety in the Digital World

Dr. Deepak Kumar Sahu, Editor-in-Chief, VARINDIA; Dr. Manjari Khanna Kapoor, Chairperson SEQURE and CPTED India; Veena Gupta, Founder & MD, Seam Risk Solution India; Jaspreet Singh, Partner, Grant Thornton Bharat LLP and Major Subhendu Mahunta, Head-Financial Crime Prevention, FPL Technologies

 

Dr. Deepak Kumar Sahu, Editor-in-Chief, VARINDIA

Personal safety in the digital world is crucial in today's interconnected age. Navigating the online landscape can be daunting but with the right knowledge and habits you can significantly improve your security and wellbeing. We rely on the internet for communication, information, entertainment and much more. However with the convenience of the digital realm comes the potential of threats to our online security and privacy. Protecting your digital world is essential to ensure your data, identity and online activities remain safe.


Dr. Manjari Khanna Kapoor  
Chairperson SEQURE and CPTED India

My focus of work is on security by design in the physical world, mostly the design of buildings and the built environments we live in. In that context, I was introduced to the word CPTED which is Crime Prevention Through Environmental Design and today it is in the third generation that is being interpreted in different ways. As the crime and the focus of crime shifts from physical domain to digital domains so should CPTED. I am also representing the International CPTED Association here so there is a divided view, security designers and security scientists across the world are a little divided on exactly how CPTED gets interpreted in the cyber context. Some of them say that cyber CPTED is an oxymoron. but there are others who are doing a lot and there are different ways, versions, interpretations.  

Veena Gupta  
Founder & MD, Seam Risk Solution India

We have been talking about data privacy, data protection, the digital world is evolving every day by adding on new applications and it is basically adding on new risks in our life. Digital safety is becoming more complex than anything else. Every day all of us individually use almost thousands of apps which includes Paytm, Financial Resources etc. Women do use beauty and social media apps more often than men. So, this is putting us in more risk and thanks to AI. If I think about a blue sapphire the next day, I have a free voucher. The minute you think, you have things in front of you in the way of a platter where you get free things. This puts us every day at risk and we are the ones who are creating cyber crimes. So cyber crimes are happening on humans and who are doing this - humans itself.

Jaspreet Singh  
Partner, Grant Thornton Bharat LLP

As you design a house you keep a safe because you wanted to put your jewels there not that it would never get burgled but you wanted to make sure that whoever is the thief has the maximum amount of difficulty in reaching there. That is what corporate security, whether physical or digital security is all about. How should your crown jewels be safeguarded? Someone who is pursuing you today will have access to such data. This is more from the standpoint of corporate security he finds the weakest link and exploits it. A YouTube video demonstrates that someone went to CP, gave someone a phone number, gave them Rs 200, and stated, ‘Share whatever OTP comes on this number with me.’ That is the level of awareness we are discussing. The larger issue arises when anything goes wrong because we are clueless about what to do. If deepfake becomes available on Facebook tomorrow, you can probably ask people where they're going, how they're going to make a formal complaint, and how they're going to report it, and they won't know. I believe there is a need to increase awareness, whether it is on a business or personal level. 


Major Subhendu Mahunta  
Head-Financial Crime Prevention, FPL Technologies

When you talk about privacy, we have this Data Privacy Act coming up and we are waiting for regulations to be set in force. While the government is trying to really work upon all these parameters it is an individual responsibility to ensure that your data is protected. You have applied for credit cards or bank loans, how many of you have actually read the terms and conditions. You are compromising your financial security there and you do not read it. Suddenly, due to some exigency you falter on payments and your father or sister gets a call, how fair is it? It is not fair at all. That means you have compromised the information, you have not read the entire details. So that is what the entire concept of Data Privacy and Data Protection Act and I am expecting the consent to come up very clearly which prohibits individuals, which prohibits the data processors and data fiduciary to have a control not to take more information than what is expected out of you.

Dr. Rakshit Tandon 
Risk Advisory, Cyber Detect & Respond Leader

Digital safety is important because now we are into a digital explosive world. I would use the word digital explosion because today we are getting dependent on technology in every phase of our life. So, in that case it is very important for us to understand the basic nuances of cyber hygiene, keeping devices and operating systems safe, what apps are you installing, what permissions are you giving. Every second month you will see a warning coming from the Government of India about updating your Apple and Android devices, they have vulnerabilities and now it is becoming mandatory for all companies which are jumping into IT solutions which first bring security by design.  

 

 

Panel Discussion : (Session II) Strategies for cyber resilience in 2024: Future outlook

Dr. Deepak Kumar Sahu, Editor-in-Chief, VARINDIA; Dr. Karnika Seth, Legal Advisor, Ministry of Defence, GoI; Deepak Maheshwari, Public Policy Researcher & Consultant; B Shankar Jaiswal, IPS – Joint Commissioner of Police, Delhi Police; Suchitra Maurya, CGM- Reserve Bank of India (RBI Ombudsman); Harnath Babu, Partner & Chief Information Officer- KPMG and Kersi Tavadia, Ex CIO- Bombay Stock Exchange 

 

Deepak Maheshwari  
Public Policy Researcher & Consultant

When we are looking at anything related to cyber resilience obviously we do have National Cyber Security Policy which was in 2013, 3rd of July and then on 2019 the consultation process started from the National Cyber Security Coordinators Office on 3S which was for the National Cyber Security Strategy -  Secure, Strengthen and Synergize. They received a lot of inputs, in fact the Prime Minister also had mentioned on 15th August 2020 that we will have a National Cyber Security Strategy soon and hope that in 2024 at least we should have a new National cyber security strategy. Exactly 11 months back from today which was on 9th March 2023 Minister of State for Electronics and IT made a presentation in Bangalore on Digital India Act, a very broad outline.

Dr. Karnika Seth  
Legal Advisor, Ministry of Defence, GoI
Proactive steps are taking both from legal and regulatory side
The legal and regulatory environment in India has progressed. It has definitely been a sea-change right from the time when I actually started practicing law in the year 2000. We know how technology really speeds up and lawyers are actually trying to catch up with the technology. In my view, technology has led us to a position where we cannot afford to be lazy anymore. We are actually taking proactive measures both from the legal and regulatory side, not only the institutions, the policy changes or the legal landscape, the way the contours of law are changing now, the whole matrix is about to be revolutionized. We are one of the world's largest contributors of IT in the whole world. At this juncture, the way we have managed to bring out the decriminalization of laws for example the liberalization of the IPC, the CRPC, the Evidence Act, the DIA Act, the Telecom Bill. We are already discussing the UN Convention on cyber crime are underway.

Harnath Babu  
Partner & Chief Information Officer- KPMG

There is lack of cyber preparedness when compared to digital adoption 

One thing which has happened in the last couple of years, especially in our country is that digital push has been very extensively taken up by the government. Certainly, Covid also pushed many of the organizations to move towards digital, which means that there is a lot of digital footprint getting created within the country. There also have been some of the policy changes that have come in from the government from a digitization perspective. This has eventually pushed a lot of organizations and consumers, i.e, the citizens of the country to start embracing and adopting digital.  Internet got more democratized, then the Aadhaar and various other policies and interventions from the government came in, which is pushing the common man and organizations to go towards digital. This is obviously the right thing to do when the economy is growing faster. The country has aspirations and is looking forward from a future perspective. I think all these are the foundation stones for the future. But the question is, have we taken the right steps to also protect ourselves as we are progressing faster? It is like you are accelerating on the car but did you check on the brakes. If we compare with the rest of the western world, the evolution happened over a period of time. Technology has also come into the western world but I think our adoption rate has been far higher. This is primarily because we are a very large country and the number of touch points from a technology point is also very high. But if we take a step back and see, are the organizations prepared today to be completely cyber safe, we do not know at this point in time.

 

Kersi Tavadia  
Ex CIO- Bombay Stock Exchange
A comprehensive education system is required

"The job of CISO is very tough nowadays. Earlier he was a villain to the internal users, now he is a villain to the regulator also. He is a hero for all the vendors because they keep giving him and confusing him with a lot of tools. When I was in BSE, we built up one of the first SOCs in the country. In that job role I asked the consultants to give me one dashboard where I can see everything and all the top consultants in the country were unable to show a sample.

Unfortunately, many training programmes and educational institutions now offer cybersecurity courses without a background in IT. This is completely incorrect; at the absolute least, you are training someone to practise, but what is he practicing on? When I have been interviewing people from a cybersecurity school and ask him the question of active directory, ‘How will you fix it?’ They said that was not in their curriculum. So, all the regulators, policy makers need to have a comprehensive education system."

Suchitra Maurya  
CGM- Reserve Bank of India (RBI Ombudsman)

“The importance of cybersecurity and the digital protection framework is very much emphasized”
As far as the resilience of the regulated entities that we have, what I would like to say here is that this cannot be cyber resilience and cannot be a prescriptive issue because it is constantly evolving so we have to set guidelines for how to go about it. This is a risk for the bank and it can affect the balance sheet. We have issued guidelines to the banks. Earlier it used to be a back room or an operational activity, now we have made it a boardroom activity. The board is responsible to proactively assess the risks and find ways to mitigate the risks and implement, monitor the implementation and continuously check for vulnerabilities in the system and proactively work. So, the importance of cybersecurity and the digital protection framework is very much emphasized. We monitor that they are testing and they are also reporting guidelines that the incidents have to be reported so we check that apart from certain it is to be reported to the Reserve Bank and we examine and monitor the subsequent mitigation and strengthening in of the systems that is what we do. 

 

 

Panel Discussion : (Session III) Fortifying the Financial Sector: Strategies against Cyber Threats

Gyana Ranjan Swain, Consulting Editor- VARINDIA; Saurabh Gugnani, Head IT & Security- MAX Life Insurance; Shaik J. Ahmed, V.P, Head of Information Security Risk & Governance- Mashreq Bank; Saumil Purani, V.P-IT (Infrastructure Solution & Delivery)- Axis Bank; Shubhendu Dutta, CTO-NSE Indices and Data and Sudhir Sahu, Founder & CEO of Datasafeguard.ai.

 

The third, thought-provoking panel discussion, on "Fortifying the Financial Sector: Strategies against Cyber Threats," provided attendees with actionable strategies for protecting critical assets in the financial sector. The moderator of this discussion was Gyana Ranjan Swain, Consulting Editor- VARINDIA, and the panelists were Saurabh Gugnani, Head IT & Security- MAX Life Insurance; Shaik J. Ahmed, V.P, Head of Information Security Risk & Governance- Mashreq Bank; Saumil Purani, V.P-IT (Infrastructure Solution & Delivery)- Axis Bank; Shubhendu Dutta, CTO-NSE Indices and Data and Sudhir Sahu, Founder & CEO of Datasafeguard.ai.

Enhancing Personal Information (PI) Security through Layered Defense Strategies

Saurabh Gugnani  
Head IT & Security- MAX Life Insurance
“As others have mentioned, you are critically encrypting the personal information (PI) on which you can build something. If you stop the attack at the first layer, you are preventing a variety of attacks from occurring. If, however, you say that the attack is still occurring, you can use layered approache using technologies such as MFA, phase ID, or MIGN. Even though you have all the necessary safeguards in place, if someone is still sending out attacks and compromising your system, you can construct the procedures using a tiered approach and do everything to lessen the influence on a bigger group of people. At the end of the day it is awareness which is very much predominantly required because in any case first level of defense is the end users.”

Preventing Unauthorised Access and Reducing User Authentication Challenges in Banking Applications

Shaik J. Ahmed  
V.P, Head of Information Security Risk & Governance- Mashreq Bank
“Users have difficulties while using banking applications because banks wanted to make sure it was only you before providing amenities. Hackers gain direct access to systems by using various methods, disguising themselves as users, and using other things to gain control of legitimate facilities. Although the tokenization of the system will change, they will adhere to the same rules as the users. The person is not known to the system; authentication is all that is needed. Because of this, we must safeguard our credentials and prevent unauthorized access. Whether or not you have a ten-factor authentication system in place, anybody can access your account if your login details are public.”

Protection of Personal Information reduce the chance of Unauthorised Disclosure

Saumil Purani  
V.P-IT (Infrastructure Solution & Delivery)- Axis Bank
“If you share your PAN card or Aadhar card data to unauthorized partners without keeping validity or making a document explicit that becomes saleable data. Data which is available on Darkweb is saleable data. Hackers take these data and build their engines to send random messages. If anyone responds to that knowingly or unknowingly are the ones who are trapped. Since we have one of the largest economies and more people are joining digital platforms every day, many of them are not yet fully tech-savvy and are unaware of the risks. Therefore, even though we have developed some of the best technological solutions for defense and protection, if a user clicks or provides a top-secret password without thinking twice, all of your security precautions are nullified.”

Achieving Smooth Transactions and Cyber Resilience through Capital Market Strategy

Shubhendu Dutta
CTO-NSE Indices and Data
“In the context of discussing industry- or organization-specific strategies, the strategy that I'll be discussing here is for the capital market as a whole. In the context of the industry, we currently have about 14 crore Demat accounts. These are the possible investors in the market; each month, we add about 14 new investors to examine the magnitude of the situation as it stands. Therefore, the most important thing for this business to assure is that all investors, or potential investors, should be able to complete their transactions without any problems; otherwise, they aren't considered industrial. The most crucial aspect of strategy is making sure that an operational and cyber resilience framework is in place and consistently working.”

Setting Data Privacy first leaves Compliance Measures in place for better protection

Sudhir Sahu  
Founder & CEO of Datasafeguard.ai
“You put yourself first by putting data privacy compliance into practice. If the data is protected at the source, and if the breach occurs as mentioned, you will need to go through five steps to log into your bank account. However, Hackers can complete this process in less than ten seconds because they are utilising automated technology, or a bot. This is possible because they have already gathered the data and have been preparing for months. This is due to the preparation that they have been doing by stealing our data and creating the pipeline. Since the bad actors have been planning to steal our private information for many years, if we block access to it, they won't be able to obtain it in any manner, shape, or form.”

 

Panel Discussion : (Session IV) Navigating the landscape of Data Privacy 

Dr. Damodar Sahu, Co-Founder & Chief Growth Officer- Datasafeguard Inc.; S. Mohini Ratna, Editor-VARINDIA; Vijay Sethi, Digital Transformation, and sustainability evangelist at Mentorkart; Sourabh Gupta, Group Chief Digital and Information Officer-Gujarat Fluorochemicals Ltd.; Kamal Kashyap, Director, and Country Manager - Storage Business Unit, HPE India; Khushbu Jain, Advocate- Supreme Court Of India; Col.(Dr.) Indrajeet Singh, Founder- Cybersleuths and Dr. Deepak Kumar Sahu, Editor-in-Chief, VARINDIA

 

S. Mohini Ratna, Editor-VARINDIA, moderated an insightful panel discussion on "Navigating the Landscape of Data Privacy," featuring prominent experts such as Vijay Sethi, Digital Transformation, and sustainability evangelist at Mentorkart; Kamal Kashyap, Director, and Country Manager - Storage Business Unit, HPE India; Col.(Dr.) Indrajeet Singh, Founder- Cybersleuths; Dr.Damodar Sahu, Co-Founder & Chief Growth Officer- Datasafeguard Inc.; Sourabh Gupta, Group Chief Digital and Information Officer-Gujarat Fluorochemicals Ltd.; and Khushbu Jain, Advocate- Supreme Court Of India.


S. Mohini Ratna
Editor-VARINDIA
“Today’s topic in this session ‘Navigating the Landscape of Data Privacy’ is a vast and constantly evolving topic. India has reached a watershed movement with the enactment of the data protection act that is DPDP act, which undoubtedly marks a defining moment in India's technological trajectory signifying a resolute commitment to securing citizens rights in the digital age while also bolstering the nation's cyber security infrastructure. Te DPDP act represents a significant milestone in India's digital journey aiming to strike a balance between fostering innovation and protecting individual privacy.”


Vijay Sethi  
Digital Transformation, and sustainability evangelist at Mentorkart

“The majority of businesses don't take any action when it comes to cyber security. There would be a security policy, but it would not be followed by 90% of people. There will be firewalls with half of the passwords being the standard ones, but an act is about to happen. A new regulation is on the horizon that would compel businesses to prioritize cyber security over data privacy. This means that instead of the government handling all of this data privacy-related work, the government agency will force businesses to handle cyber security and safeguard my data.”


Kamal Kashyap  
Director, and Country Manager - Storage Business Unit, HPE India

“The DPDP bill will undoubtedly contribute to the acceleration of the digital transformation because it provides a framework for the organizations that may not have been doing it for a variety of reasons. These reasons may have included inertia, a lack of awareness, or a host of other factors, but now that the organizations are planning their next step in the digital transformation, they will incorporate this into the architecture of their technology framework, which will be extremely helpful because it is usually beneficial to receive some broad guidance to ensure compliance with all regulations.”


Col.(Dr.) Indrajeet Singh, Founder- Cybersleuths

“Our data is being stolen, and we are genuinely unable to apprehend the offenders. The impending DPDP ACT represents a fundamental shift. Knowing who owns your data is possible with the data ownership right. Now that you are aware of the criminal's identity, you can apprehend them. In the last IT Act instance, we were attempting to gun down the offender even though we didn't know them. However, as part of the DPDP ACT, things are reversed.”


Dr. Damodar Sahu  
Co-Founder & Chief Growth Officer- Datasafeguard Inc.

“As a customer or citizen, I expect the government or an organisation to secure my data, as that is how it truly contributes to the expansion of our economy. In the unlikely event that a data breach occurs and hackers obtain my personal information, even though it is useless to them, my confidence in the government and enterprise will increase. Even when the hackers steal my useless info, if my data is fully redacted before a data breach occurs in any database. My confidence in the government or business will increase in that scenario, and the economy will undoubtedly grow as a result. Use of the complete reduction of data before data breach happens is necessary.”

Sourabh Gupta  
Group Chief Digital and Information Officer-Gujarat Fluorochemicals Ltd.

“DPDP introduces us to fundamental hygiene, so it is not that people were not practicing that level of cyber hygiene; rather, it all depended on whether or not certain industries were subject to regulations. Some industries were subject to regulations, either because of foreign legislation or because their parent firm was based in the US or Europe, where GDPR and other laws were common. Although they were practicing that level of cyber hygiene, that was not the case in India at the time, and now it varies from company to company. We have the chance to clear such things up and prepare the country for the upcoming years in order to be ready for 2040, thanks to the DPDP Act. The DPDP will shortly be into full effect.”


Khushbu Jain  
Advocate- Supreme Court Of India

“Talking about the digital economy, we are heading towards digital India, which will become the fifth largest digital economy in the world when all of these things are taken into consideration. However, when we discuss security and safety, the world becomes incomplete when digital threats emerge, which is why we see that privacy is the foundation for all security measures because without privacy, trust grows and cybercrime occurs. To see that as a holistic approach, we see DPDP emerging, which only discusses the most fundamental cyber security issues.” 

 

Winners in CDS 2024


A highlight of the evening was the awards ceremony, recognizing outstanding contributions and innovations in cybersecurity solutions. The awards, based on feedback from end-users, acknowledged companies for their excellence in cloud security, IoT security, unified endpoint management, network security, and more.

Awards category and winners

BEST COMPANY INTO CLOUD SECURITY SOLUTION - ELASTIC TECHNOLOGIES INDIA PVT. LTD.
BEST COMPANY INTO IOT SECURITY SOLUTIONS - CHECK POINT SOFTWARE TECHNOLOGIES INDIA PVT. LTD.
BEST UNIFIED ENDPOINT MANAGEMENT COMPANY - SOTI INDIA PVT. LTD.
BEST COMPANY INTO NETWORK SECURITY - Cisco System India Pvt. Ltd.
BEST COMPANY INTO XDR SOLUTION - PALOALTO NETWORKS
BEST SD-WAN SOLUTION PROVIDER - FORTINET TECHNOLOGIES INDIA PVT. LTD.
BEST IDENTITY & ACCESS MANAGEMENT (IAM) SOLUTION - OPENTEXT
BEST COMPANY INTO ZERO TRUST SECURITY- FORCEPOINT INDIA PVT. LTD.
BEST COMPANY INTO ENDPOINT CYBERSECURITY- SENTINELONE
BEST DISTRIBUTOR INTO CYBER SECURITY SOLUTIONS - RAH INFOTECH PVT. LTD.
EMERGING VALUE ADDED DISTRIBUTOR IN INDIA - SATCOM INFOTECH PVT. LTD.
BEST DATA PROTECTION & DISASTER RECOVERY SOLUTION - ZERTO-A HEWLETT PACKARD ENTERPRISE COMPANY

Delegates in the event 

SOLUTION DISPLAY KIOSKS

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA