Across sectors, energy, healthcare, transport, public or private, cyberattacks are becoming increasingly common. To address this, several multinational corporations like Tata Consultancy Services (TCS) and Infosys are now ramping up their cybersecurity measures.

According to a report by the World Economic Forum (WEF), cyberattacks were the fifth-highest risk in 2020. The WEF stated that the organised cybercrime entities are joining forces and their likelihood of detection and prosecution is estimated to be as low as 0.05% in the United States and cybercrime-as-a-service is also a growing business model. 

According to Cybersecurity Ventures, a cybersecurity research firm, cybercrime damages in 2021 might reach US$6 trillion which would be equivalent to the GDP of the world’s third-largest economy. In October, India’s National Cyber Security Coordinator Lt Gen. (Dr.) Rajesh Pant informed that cybercrimes in India caused losses of 1.25 lakh crore rupees in 2019. 

According to India’s National Crime Records Bureau, cybercrimes grew by 63.5% in 2019 when compared to 2018. The report added that 60.4% of the cases were cases of fraud, signaling the need for a better cybersecurity framework.

Reports state that the Internet of Things (IoT) is also amplifying the potential cyberattack surface. The WEF estimated that there are already over 21 billion IoT devices worldwide and their number will double by 2025, while the attacks on IoT devices increased by more than 300% in the first half of 2019, and in September 2019, IoTs were used to take down Wikipedia through classic distributed denial of service (DDoS) attacks and the risk of IoT devices being used as intermediaries is expected to increase. 

Indian firms to strengthen cybersecurity

Now, to deal with the threats, top Indian IT services providers, including TCS, Infosys, Wipro and HCL Technologies have announced setting up cyber threat management centres in the US and Europe in the last couple of months. The TCS announced the launch of 10 Threat Management Centers (TMC) across the globe last month, that will focus on providing cybersecurity services to its enterprise customers.  

In the press release, TCS said that in response to heightened cyber threat perceptions and the need to secure a larger surface area on account of remote working during the pandemic, progressive enterprises are investing in enhancing their cyber resilience and adopting next-generation security technologies. “To stay close to its customers and keep their enterprises secure, while meeting data and cyber–sovereignty regulations, TCS has operationalized TMCs at Bloomington, Minnesota, US, Manchester, UK, Madrid, Spain, as well as at major Indian cities, in the last four months, TCS added. 

“Large enterprises across the world are partnering with TCS to achieve a cyber resilient posture that will help them face increasingly sophisticated and targeted attacks. Our global network of Threat Management Centres will leverage cutting edge technologies and our zero trust framework to provide rapid and expert security services locally, bringing us closer to our customers, while ensuring compliance with data protection laws,” Dr Sundeep Oberoi, Global Head, Cyber Security Practice, TCS, had said.

HCL also announced the opening of its first European Cybersecurity Fusion Center (CSFC) in Gothenburg, Sweden, in August. HCL’s CSFC is a state-of-the-art security operation and response facility, integrating multi-domain security teams, processes and cutting-edge analytics enabling organizations to detect threats faster and resolve incidents efficiently. 

HCL said that the rapid shift to remote working for many organisations, due to the COVID-19 pandemic, has led to the emergence of new threats, forcing IT teams to rewrite their security playbooks. Maninder Singh, Corporate Vice President, Cybersecurity Services at HCL Technologies, said in the press release, “Cybersecurity is a key focus for HCL, as it plays a vital role in enabling organisations to transform in a rapidly evolving world where new-age applications, cloud and IoT are defining the future digital enterprise. Our CSFC’s enable this by defending organisations’ digital assets and the Gothenburg Center is perfectly placed to effectively meet the most complex needs of our global customers.”

Infosys announced a state-of-the-art Cyber Defense Center in Indianapolis earlier this year. According to Infosys’ cybersecurity report, 83% of executives view cybersecurity as critical, yet 67% are still struggling to have security embedded. The Cyber Defense Center will provide end-to-end, real-time, 24/7 cybersecurity monitoring and protection services to support and guide American businesses in their digital transformation journey and the centre in Indianapolis is the latest addition to the network of cyber defence centres spread across North America, Europe and Asia, said Infosys.

Vijayashankar Nagarajarao, Executive Chairman at Foundation of Data Protection Professionals, said, “It is a welcoming move by Indian companies as security services have always been a possibility and so far the companies were only looking at some lower-end services like data processing. Now they feel there is a possibility of threat management as well. Probably they are seeing it as an extra service related to network management and if they have got specialisation, it is a value-added service.” 

He added that the Indian companies are following their traditional outsource kind of service support and US companies will focus on the marketing and business but still there is a need for a universal agency to deal with cyber threats. “Previously an attempt had been made to develop a treaty arrangement with multiple countries but it failed. There are some bilateral treaties currently like India and Russia has a cybersecurity treaty but there is a need for a universal agency.  It can be done internationally and may be under the guidance of the United Nations. Cybersecurity is now almost the part of global security and there are cyber wars, cyber terrorism, etc. It’s a good idea if the UN takes up such issues but as of now it is missing,” Vijayshankar mentioned. 

COVID-19 added to cybersecurity woes

The COVID-19 pandemic has further increased the probability of cyberattacks. According to the Acronis Cyber Readiness Report 2020, during the pandemic, 39% of global companies experienced a videoconferencing attack as workers depend on external apps such as Zoom, Cisco Webex and Microsoft Teams for remote collaboration while India witnessed the highest rates globally, with 66% of local companies reporting having encountered videoconferencing attacks. 

The report added that 9% of all companies are targeted by cyberattacks at least once an hour and exactly 50% of all the respondents report encountering a cyberattack at least once a week during the past three months. It mentioned that 39% of all companies encounter videoconferencing attacks and the countries like Canada, UK, Switzerland and India is among the most affected, while phishing, DDoS and videoconferencing attacks plague companies the most, with phishing campaigns at a historic peak, the report added. 

Vijayashankar added, “Cybercrimes have always been there, but the COVID-19 pandemic has increased the hacking opportunities because there is greater use of technology by people with lesser technical capabilities. The people who were not using online banking are now forced to use online banking. So, in a way, the coronavirus pandemic is an excuse for launching more technical services to people. In industries, work from home has also introduced a new threat and companies who have not been thinking about security, they have faced the music. So that is a reason why cybercrime has gone up.”