IoT cyber-attacks may double by 2025, warn experts

July 22 2022: Cyber-attacks have become a norm today with the cyber world making it easier for people to be anonymous and seek unlawful gains. The larger the usage of a digital platform, the larger the surface to attack. Cyber-attacks were projected to increase by 200 per cent year-on-year. According to the Computer Emergency Response (CERT-IN) Team data, India witnessed a three-fold increase in cybersecurity-related incidents in 2020 compared to 2019, recording 1.16 million breaches. This risky industry continues to grow in 2022 and IoT cyber-attacks alone are expected to double by 2025.
In this context, the private sector every year marks another “worst year ever” for cyber-attacks around the world, and Indian companies haven't been immune to those hacks. Businesses are facing a 200% increase in cyber-attacks as the economy takes rapid strides towards achieving the target of $1 Trillion Digital Economy. Today, it is equally important to ensure that Internet, which is presently accessed by 80 crore people and shall soon cover 120 crore people, remains open, safe & trusted and accountable
Organizations of all sizes, in virtually every industry in India, are hit by cyberattacks. “Statistics have shown that the larger the business, the more susceptible they are to an attack. Companies with 250 or more employees were revealed to be more than two times more likely to be targeted for an attack as companies between 10 and 49 employees. Then, the bigger the company, the greater the cost of downtime caused by cyber-attacks as measured in downtime, wherein the monetary cost of each inoperable hour could be devastating. Although the monetary cost of a cyber-breach is a significant problem, the effect on the brand is a whole other story. That’s especially true in sensitive industries where an attack can shake customer faith in brands and entire market segments. Today we are witnessing the need for cybersecurity across every industry sector, from energy to ecommerce,” explains Vasantha K, Chief of Staff at SecurEyes, a cybersecurity consulting, services and products company that also provides cybersecurity training and education.
Huge skill gap
That having said, there is a huge shortfall of cyber security professionals in India.
“There is a gap between well-qualified and trained cyber security aware people versus the demand.  Especially with manifold increase in online activities due to Covid during the last two years, there has been an increase in demand for cyber security professionals. India needs 1 million cybersecurity professionals – based on an estimate by Data Security Council of India,” says Prof. Srinivas Vivek, Assistant Professor, IIIT Bangalore
“According to ISACA’s new survey report, State of Cybersecurity 2022: Global Update on Workforce Efforts, Resources and Cyber Operations, 60% of Indian organizations have unfilled cybersecurity positions. 42% report their organization’s cybersecurity team is understaffed. The shortage of talent in cybersecurity is appallingly low and the outlook for the future is also weak given that the requirement of talent is growing more sharply as compared with student intake across various educational institutions who are offering education and training for this sector,” concurs Vasantha
Interestingly, the only requirement to be a good cyber security professional is to keep thinking out of the box and be willing to evolve with the needs of the business. “There is no age barrier for a career in cybersecurity. In fact, the field requires people from diverse backgrounds to bring in their very different perspectives,” explains Vasantha.
“In India the highest demand for cybersecurity professionals is in the age group of 25 to 30, followed by 20 to 25 and then 30 to 35,” adds Prof Vivek. “Computer science graduates with good GATE rank and having cybersecurity related certifications are best placed to take up Government mandated entrance exams.   Students who pass the exams are given training and then absorbed into specific cybersecurity jobs,” he adds
The need of the hour therefore is for more and more institutes to come up with cybersecurity courses and training. The challenges have also to be addressed because cyber security professionals need to understand a number of areas concurrently to be effective.  For example, they need to understand basics of cryptography, networking concepts, cloud infrastructure as well as have an aptitude for debugging and detailing.
More corporates need to allocate money for cybersecurity so that there are lesser cases of data breach, malware attacks and cyber thefts so that companies can save millions of dollars every year.