India is entering an age of complex cybersecurity challenges.India is rapidly becoming an open-market economy. From 1997 to 2011, economic growth averaged just under seven percent. After a brief economic downturn, the economy grew again by more than seven percent in 2014 and 2015.

These positive economic developments are due primarily to a lessening of government controls on the economy with increased privatization of state-owned enterprises, industrial deregulation, and an easing of controls on foreign trade and investment.

The major source of economic growth has been the services industry — it employs less than one-third of the labor force, yet accounts for nearly two-thirds of national output. The largest segment of the services industry is business outsourcing, and the exporting of IT services and software workers.

There are a number of reasons why India has become the most popular country for outsourcing. The large English-speaking workforce is hard-working, intelligent and efficient. There is also the favorable exchange rate for money — 67.39 Indian rupees per U.S. dollar.

Additionally, the outlook for long-term growth remains solid. India has a young population, healthy savings and investment rates, and an eagerness to compete in the global-economy.

Of course, like any developing nation, India faces some significant challenges to becoming a world-class economy. These include a years-long civil litigation docket, inadequate transportation and power generation infrastructures, disparate access to high-quality basic and higher education, and an ineffective enforcement of intellectual property rights.

The coming of the Internet has also had a significant impact on India. The country is currently the third-largest online market, behind only China and the United States. As of 2016, there were more than 325 million internet users and this number is expected to reach 500 million by 2020.

Cybersecurity problems loom large

With so many internet users, and being the outsourcing hub of the world, the issue of cybersecurity is also a significant challenge. Two things that compound the problem are the fact that more people are consistently connecting online, and mammoth government projects like Digital India. The good news is that the Modi Administration is aware of the need for better cybersecurity.

The scope of India’s challenge for cybersecurity is significant. Since 2014 there has been an increase in targeted attacks on critical infrastructure industries like the financial, communications and transportation sectors. A successful attack on any of these sectors has the potential to cause significant damage to the economy and to national security.

India’s high internet penetration rate also makes it a ripe target for cybercrime. India presently ranks 3rd in global threats by source, 1st for social media scams in the Asia Pacific region and 2nd globally. In 2015 there were 60,000 ransomware attacks — 170 per day.

Complicating matters is that the threat landscape is filled with a variety of actors, including individual hackers, hacktivists, basic cyber criminals, organized crime gangs, and state sponsored attackers. There is often no set method of procedure for handling and resolving threats.

The good news is that India’s government and private enterprises are aware of the challenges they face and are taking steps to meet them.

Below are six tech-related challenges facing India today and solutions that are already being implemented.

Challenge: The Internet can be a dangerous place. As more citizens log onto the internet at work and home, and more frequently through mobile devices, they often fail to grasp the exposure they have to hackers and thieves.

Solution: Create a broader awareness on all levels, from individuals up to large enterprises. According to a recent report by the Online Trust Alliance, 90 percent of breaches could have been avoided by utilizing basic cyber security practices. Better encryption, stronger passwords, data protection during transit and at rest, modern security solutions, multi-factor authentication, data loss prevention technology and other common sense best practices can limit a host of hacking avenues.

Challenge: The Internet of Things (IoT). As more devices are connected to the net we have come to realize that the devices themselves were not designed with security in mind.

Wearable devices in particular have been a major source for hackers trying to steal personal information. The devices continuously monitor and send data on the wearer to a source. Hackers grab that data in transit and can instantly gain access to a treasure trove of sensitive information.

Solution: As India’s own industry for devices grows it’s crucial that the needs of security and privacy be considered, planned for and implemented on the drawing board — and not wait until the device is up and running. Businesses are not doing it very much at the moment, but more are beginning to put an emphasis on including at the design stage.

Challenge: Indian enterprises have increased their security budgets, but are still being hacked.

Solution: Increase encryption budgets and resources. It isn’t enough to invest in the basic business infrastructure, companies must also take appropriate steps to protect their important information. The CIIP (Critical Information Infrastructure Protection) is essential to guarding an enterprises most valued data.

Since everyone can be hacked — and at some point likely will be — the most important aspect of security is protecting your data. Enterprises still need firewalls, endpoint protections, and so forth, but encryption of data is essential. That way when it is hacked it is still unreadable.

The Indian Government and more private enterprises are maintaining a continual focus on the fundamentals of security — people, process and technology. Individuals need to understand and appreciate what they can do to protect themselves and their organization from a cyberattack.

Regular training in security is required. This includes scheduled information and training sessions, constant reminders of best practices around work stations, and so forth.

Some companies are now conducting fake phishing exercises. They send a phishing email and see if employees click on it. If an employee does click on it, they instantly receive a message that it was an exercise, followed up by a short visit with a supervisor to stress best security practices.

Challenge: India has an enormous talent-gap in IT security. A 2014 Parliamentary Standing Committee on IT found that there were less than 75,000 IT professionals with the proper training to handle cyber security issues. Current estimates are that India needs an additional five Lakh cybersecurity professionals.

Solution: This is a huge opportunity for India to train cybersecurity professionals to deal with issuers in India and around the world. The solution is to invest in people. The Indian Government is regularly partnering with private organizations to support development in cyber security.

One such partnership happened in 2015 when the National Association of Software and Services Companies (NASSCOM) signed a memorandum of understanding with Symantec to, “Build Cyber Security Skills” as a way to develop world-class skilled and certified It professionals.

Challenge: Technology changes rapidly, but government cyber policies are frequently outmoded or tied to out of date technologies.

Solution: The Modi Administration has made a concerted effort to include private industry in policy making by issuing drafts of proposed policies and asking for private sector feedback. India did this last year on an encryption policy and received lots of useful feedback from local and foreign companies. The feedback enabled the government to make revisions that would make the policies more efficient and less onerous to private enterprises.

This works well because private enterprises are often the ones who own and operate critical infrastructure that needs to be protected — they know what they need to protect and how they want to do it. Being involved in the policy making process allows the best tech solution to be made regarding what is possible and indeed preferable. It helps to get the policies right!

GC-I Challenges trio of smiling businessmenChallenge: So many cyberattacks originate from outside the country. How can India protect itself and ensure that cyber criminals are brought to justice?

Solution: The government recently worked with the United States to address this issue. The US-India Cyber Dialogue 2014 discussed issues of Internet governance and focused on encryption, telecom standards and testing issues. They also dealt with reforming Mutual Legal Assistance Treaties (MLAT) – reforms that permit governments to cooperate with the investigation, extradition, and prosecution of cyber criminals.

Besides being out of date, most MLATs are not up to par with recent developments when fighting international cybercrime. Successfully pursuing cybercriminals across borders can take six months, and often takes longer. As a result few, if any, international cyber crooks are brought to justice outside of their own home countries.

More multi-national corporations are increasingly coordinating with the Indian Computer Emergency Response Team (CERT-In), the government agency that deals with cyber threats, via public/private partnerships to share information and policies and procedures as to how they identify threats and conduct malware analysis, and so forth. The idea behind such cooperation is that private businesses can contribute their expertise in stopping cyberattacks.


The Modi Administration is very tech savvy. They understand the power of technology and are determined to harness it in a manner that makes India an economic superpower. They are also increasingly removing barriers to doing business, and as a result more multi-national corporations are increasing their footprint in India. These multi-nationals see India as an important market for their products and as a contributor in the development of their technologies.

The Government is all in for technology as is evidenced by the push for Digital India, Smart Cities, and the digital empowerment of citizens. They know that the country’s infrastructure is in need of significant development and investment, and they know that this weakness in infrastructure is being overcome via digital bridging with electronic devices.

India will continue to experience growing pains in a number of crucial areas. But where there is challenge there is also opportunity for growth and advancement. These are the people who turned back Alexander the Great. I’m betting they will also succeed as a major economic player on the world stage.