ETCISO Decrypt 2024 explores intersection of AI and cybersecurity, ET CISO
Decrypt 2024, hosted by ETCISO, convened India’s foremost cybersecurity experts to address the complexities introduced by emerging technologies, particularly artificial intelligence (AI). The conference was a response to the alarming findings of the World Economic Forum’s Global Cybersecurity Outlook 2024, which noted a significant decline in organizations maintaining minimal viable cyber resilience. This decline underscores the critical need for robust cybersecurity strategies capable of countering sophisticated threats.
The event kicked off with an impactful announcement by Muqbil Ahmar, Executive Editor of ETCISO, who highlighted the substantial global investments in digital transformation, expected to reach $3.4 trillion by 2026. This set the stage for discussions centered around the integration of AI into cybersecurity frameworks and the challenges thereof.
A significant concern discussed was the sharp rise in cyber threats, particularly state-sponsored attacks which have surged by 278% over the past three years, predominantly targeting sectors like automotive, government, and education. This escalation puts a spotlight on the urgent need for enhanced protective measures at both national and organizational levels.
Expert insights
Lt Gen MU Nair, National Cybersecurity Coordinator for the Government of India, delivered a special address on the evolving and dynamic threat landscape. He emphasized the critical role of AI tools in profiling and mitigating cyber threats and advocated for a collaborative approach involving policymakers, security leaders, and academia to fortify the nation’s cybersecurity resilience.
Following this, Tushar Haralkar, Principal Pre-sales Country Leader of Security Software at IBM Technology Sales for India-South Asia, addressed the vulnerabilities in hybrid cloud environments and stressed the importance of securing AI applications to protect against data integrity compromises.
Lt. General Vinod G Khandare, Principal Adviser to the Ministry of Defence, Government of India, spoke about the geostrategic issues affecting national cybersecurity. He urged attendees to exercise wisdom and vigilance, making decisions based on deep knowledge rather than external narratives.
A notable session by Ganesh Prasad, SE Lead at Imperva, emphasized the foundational cybersecurity practices essential for today’s digital enterprises. He discussed vulnerability assessment, user access management, and the necessity of implementing policy-based controls to safeguard data.
The conference also featured a panel on ‘Strategies to Tackle Cloud Vulnerabilities’, where industry leaders like Shraddha Ukalkar, CIO of Mercedes Benz; Rajesh Thapar, CISO of NSE; and Sunil Kumar KN, Chief Compliance Officer at Federal Bank, shared their insights. They discussed the transition from security by design to privacy by design and highlighted the importance of a data-centric security approach in today’s threat landscape.
Anindya Sundar Ghosh highlighted the dual nature of legacy systems which, while offering reduced connectivity risks due to their isolation from modern systems, suffer from outdated security measures that can jeopardize both functionality and security. This dichotomy underscores the need for a balanced approach to updating and securing these systems. Baidyanath Kumar pointed to the increasing adoption of smart technologies, such as SAS, and the growing emphasis on carbon neutrality within businesses. His observations emphasized the significance of integrating smart technology to stay competitive in the Industry 4.0 era, aligning business practices with sustainability goals.
Ambarish Kumar Singh remarked on the pervasive influence of smart technology across various sectors, stressing that “everything is becoming smart and culture is of paramount importance.” His statement reflects the broader implications of technology on corporate culture and operational ethics. Amit Mittal from IBM ISA – Cybersecurity discussed the critical importance of implementing robust monitoring systems for IT assets to enable organizations to detect and swiftly respond to potential threats, ensuring operational continuity and security. He also emphasized the crucial role of ongoing employee training in maintaining a secure IT environment.
Kishan Kendre advocated for maintaining basic security measures and hygiene practices, which remain essential to protecting against evolving threats. His call to adhere to fundamental security protocols provides a foundation for building more complex security strategies. Amanjit Makesh discussed the need for organizations to adopt OEM-neutral architectures, which support multiple original equipment manufacturers, thereby facilitating effective asset performance management across diverse systems and equipment.
During a panel moderated by Preethi Yeshwanth, discussions focused on the ‘Zero Trust Framework for Enterprises,’ exploring how such frameworks can effectively mitigate insider threats by tightening security protocols around user and device access. This session emphasized the evolving nature of security strategies in response to changing cyber threat landscapes.
The conference also addressed geostrategic challenges in cybersecurity, with Lt. Gen Vinod G. Khandare discussing the importance of robust and resilient cyber capabilities to prevent unauthorized access and ensure national security. A session titled ‘Creating a Cyber Resilient Enterprise’ moderated by Sneha Jha, delved into strategies for enhancing organizational resilience against cyber threats. Discussions covered the importance of visibility in preventing ransomware attacks and the potential of AI in early-stage threat detection.
Jagannath PV and Tanin Chakraborty discussed the critical role of Data Protection Officers in ensuring compliance with the DPDP Act and managing privacy in a data-driven world. These discussions highlighted the ethical dimensions and technological risks associated with AI and the metaverse. Decrypt 2024 provided invaluable insights into the multifaceted challenges of cybersecurity in the digital age. By bringing together a diverse group of experts to discuss strategies ranging from the foundational to the innovative, the conference underscored the necessity for a multi-layered approach to security, combining technological advancements with stringent governance to safeguard against an increasingly complex threat landscape.
The conference concluded with a call to action for firms to implement comprehensive AI governance frameworks to mitigate risks associated with automated and intelligent systems. Furthermore, the increasing cybersecurity skills gap was acknowledged as a critical issue, with a strong recommendation for enhanced training and retention strategies for cybersecurity professionals.
(With inputs from Salvi Mittal)