Report of Chai-pe-Charcha meet held under the auspices of Cyber Watch India / IndiaWatch / Cyber Frat – Delhi / Cyber Peace Foundation on Aug 13, 2017 in New Delhi
Topic of the day:
“Cyber tryst – cyber security hopes and fears on our 71st I’Day”
33 people registered and less than 10 attended – not bad <LOL>
The meeting started off with a roundup of notable events from the year passed by and participants recalled incidents like the Yahoo data breach, DynDNS, Shadow Brokers, Vault 7, WannaCry, Fitbit, OPM, 20 cr US voter data leak, French president’s data leak, Smart TV hack, US election….
In India, notable incidents are EVM hack, Aadhaar, Ransomware, OLA data leak, BPOs, BHIM app issues, JIO data breach, Zomato, CISF bank fraud
Lookin at upcoming risks the following concern areas were identified by the participants – mobile and IOT, banking fraud, ATM cloning, insider or social engineering in bank frauds like the CISF fraud, too many messages from banks leading to message-fatigue and the possibility of ignoring an important message, attacks on CII (Power, Telecom may have not happened yet but there is high possibility)
There is a need for a Mobile App Privacy checkup considering the number of new apps coming up regularly and mobiles being used increasingly.
Other concern areas and points of discussion
– Can a national level firewall be considered and if yes then the government has to take action and industry has to get ready too. Government has to be more about what they are doing and accept failures and maybe PM can open website and directly ask for inputs and take action – this will bring a higher level of participation by the infosec community.
– In the next one year, we may see some serious incidents happening and should be prepared for the onslaught
– Brain drain and skills shortage .. one problem is that the pay to freshers is very low and no incentive is given by industry or government. In addition there is no counseling available and everyone has to learn and fend for him/her self. If freshers can be assured of a good start up pay (say 3.00 lacs per annum) this will be a great move and the problem can be sorted out
– Government should give a tax holiday for training institutions which are providing cyber security training
– There is a need for low cost and credible certifications and there is nothing being done as yet by any institute
the meet got over early since there were not too many ppl and the discussions got over soon!