Sonit JainJul 17, 2019 09:42:04 IST
If India’s desire to create a digitally-driven economy wasn’t already evident before, it surely became so after Finance Minister Nirmala Sitaraman presented her maiden budget. According to the proposal, companies with their annual turnover exceeding Rs 50 crore are now mandatorily required to provide digital payments options for their customers. What’s more notable is that the new budget proposes the scrapping of Merchant Discount Rate (MDR) levied on businesses for digital payments by banks and payments service providers. This is seen as a move by the government to encourage businesses to adopt digital modes of transaction (e.g., RTGS, NEFT, and UPI) and nudge India further towards becoming a less cash economy.
Much like the Indian government, Indian businesses are no strangers to digitisation either. Most enterprises have already digitised their operations, and are set to invest more in the same in coming years. Gartner estimates a 6.7 percent year-on-year increase in IT investment by Indian enterprises in 2019, which would amount to a whopping $ 89 billion. And the nationwide push for digitization is being fueled further by the proliferation of high-speed internet connectivity and smart device adoption. India is estimated to have over 800 million smartphone users by 2022, which means that every government and business service that can be digitised will be digitised to be accessible through these devices. In fact, we can already sense our increasing dependence on digitisation, thanks to the convenience of digital. From buying movie tickets to applying for new electricity connections, we have digital platforms to fulfil all our needs.
With so much riding on digitisation, it would only make sense to ensure the reliability and integrity of the digital devices, networks, as well as data. This is where both the Indian government and enterprises need to act with foresight. That’s because the nation’s digital infrastructure will become as valuable as, or potentially even more valuable than the power grid and the transportation infrastructure. And the worrying part is that the digital infrastructure, due to its inevitable connectivity to the global communications network, can be more vulnerable to both external and internal threats than the power grid and roadways.
Cyber threats like Denial of Service (DoS) and Distributed Denial of Service (DDoS) that can cripple critical services and lead to massive system shutdowns will be a major concern. And while DoS attacks have seen a decline in the first quarter have gone down in number, the number of hyper-scale attacks have increased in the second quarter of 2019. And the duration of these attacks is also increasing, with the longest attack lasting for a whole 718 minutes. Thus, even though the volume of attacks is declining, the magnitude of their impact is increasing. And depending on the criticality of the systems impacted, even a few minutes of disruption can cause massive damage.
An Ernst & Young report suggested that between the years 2012 and 2017, the cost of the total internet failures in India was estimated to be $ 186,332 every hour. That equates (approximately) to more than Rs 2 lakh lost every minute! This cost would only rise with time as more critical processes get digitised and more businesses and individuals become dependent on these processes. For businesses, the losses may be due to a halt in operations or loss of productivity. For the government, disruption of digital services due to cyber-attacks can prohibit them from providing vital services to the public. And there may be more at risk than just money if sectors like healthcare and aviation are subjected to disruptive cyber-attacks.
Thus, it is vital for business as well as government organizations to build security as a foundational element of their digitised processes. This requires both businesses and as well as the government to take the measures for ensuring cybersecurity right now, as any late would be too late, considering the rapid proliferation of digital devices and networks. Any new digital initiative should always commence with a thorough risk assessment in consultation with cybersecurity experts. And addressing these risks should be a non-negotiable requirement for such projects to kick off which must be diligently enforced for the benefit of not just the end users and customers but also the enterprises themselves.
The author is the CEO of Gajshield.