Get Protected From Cyber Attack
“Be careful of saying, ‘we’ve got the best security in the world’. Doing so would be seen by hackers as a challenge.”
After almost four years of debate, the European Union passed the General Data Protection Regulation, with the objective to strengthen and unify data protection for individuals within the EU and deal with exporting personal data outside the region.
But what difference - if any - will it make specifically in India?
"It's tough, as there is no holistic legal framework/regulator in the form of data protection authority, data quality and proportionality, data transparency, etc.., which addresses and covers data protection issues in accordance with the principles of the EU Directive, OECD Guidelines or Safe Harbor Principles," says Krishnan , chief risk officer, Reliance Life Insurance Company Ltd.
“Research Company Gartner predicts there will be 6.8 billion connected devices in use in 2016, a 30 percent increase over 2015. By 2020, that number will jump to more than 20 billion connected devices, predicts Gartner. Put another way, for every human being on the planet, there will be between two and three connected devices.”
Responding forcefully to attempted security breaches is often very difficult for a variety of reasons:
¡ Identifying attackers is difficult
¡ The sheer number of attempted attacks is so large that organisations cannot spend time pursuing each attacker
¡ Law enforcement officers are often unfamiliar with information technology, and so lack the skills and interest in pursuing attackers.
¡ Budgetary constraints
National Cyber Security Policy
A policy framework by Department of Electronics and Information Technology (DeitY).
¡ Aims at protecting the public and private infrastructure from cyber attacks.
Intends to safeguard "information, such as personal information (of web users), financial and banking information and sovereign data".
Krishnan suggests that the government appoint a regulatory body to govern data confidentiality across public, private and individual parties.
A fine balance between what the consumer wants and what the country needs is most essential, as it would ensure the policy framework is transparent and guidelines are followed.
Henceforth, "No new regulation is required for India regarding data protection or data breach disclosure," he says. "The government needs only revisit its existing IT Act 2008 and impress data protection obligations upon Indian companies and find a way to help them adhere to them."