Worldwide data, information pilferage and economic intelligence gathering through the use of Internet has redefined security needs and strategies to combat growing threats
With the rise in e-Governance across India and the establishment of State Data Centres that meet the information requirements of the citizens, threats to the government vertical has risen manifold. Leakage of confidential information through spyware, viruses, phishing, pharming and other blended threats is brought to the fore. There is no better example than the discovery of spyware, originating from China in the Ministry of External Affairs itself the impact of which can be immense, considering that spyware sends out at regular intervals to the attacker.
Indian enterprises today are in the process of either establishing or reinforcing their security architecture. The increasing usage of IT by government department and for online transactions by banks and other financial institutions has given a boost to the demand for security solutions.
Over the last several years, phishing, and subsequent identity theft, is proving to be one of the biggest threats plaguing the Indian Internet space. Enterprises are now seeing the real potential of security solutions and infrastructure and they are moving towards leveraging them to accelerate business productivity.
With the Government of India taking major initiatives to make the country e-Ready by initiating various e-Governance implementations there is an increasing need to create trust by educating the transacting parties about the confidentiality and integrity of their messages. This requires identification and authentication of transacting parties.
From a consumer point of view, it isn't anymore about someone siphoning your password with a keylogger or a phishing attack. Professional cyber criminals are adopting various methods which include, hacking consumer's online accounts to study behavior and obtain information and then using this information for launching a fraud attack. Internet users of social networking sites have also become soft targets for future threats.
Looking at the international scenario in US, securing your network against attacks is not only good practice but is also mandated by laws such as Sarbannes-Oxley (SOX), PCI-DSS, HIPAA, GLBA and more. All these regulations require detailed reporting and an audit trail to show that you have indeed complied with the letter of the law. The intricacies of these regulations are as follows.
GLBA is an important regulation in the banking and insurance industry and governs various activities of financial institutions. HIPAA concerns itself with privacy and security of electronic patient data in hospitals. PCI-DSS regulates security in the credit card and retail industry. A company processing, storing, or transmitting payment card data must be PCI-DSS compliant.
Digvijaysinh Chudasama , VP