Mr Mark Micallef, Vice President, Asia Pacific & Japan, Cloudera outlines three key areas governments should focus on when implementing a cybersecurity strategy.
The opening ceremony of the Pyeongchang Winter Olympics made headlines –
but not just for outstanding performances or vibrant displays. A cyberattack on
the latest Winter Olympics resulted in a 12-hour
disruption, leaving attendees from across the globe unable to retrieve or print purchased
tickets during the momentous event 1]. The outage demonstrates
how disruptive cyberattacks can be – often much worse than a slew of frustrated
guests, especially when involving more critical infrastructure.
In 2014, the Indian government
established the National Critical Information Infrastructure Protection Centre
(NCIIPC) to regulate and protect the nation’s Critical Information
Infrastructures (CIIs). CIIs are defined by the Information
Technology Act of 2000 as vital computer resources that, if incapacitated
or destroyed, will leave a debilitating impact on national security, economy,
public health or safety across both public and private sectors .
Although many CIIs are primarily owned and operated by the private
sector, such as banks and commercial facilities, the role of government is
equally important when evaluating how best to protect organizations and industries
from attack. Here are three key areas governments should focus on when
implementing a cybersecurity strategy –
· Take charge with national recommendations
– Securing our critical
infrastructure requires coordinated efforts from various government agencies as
well as the private sector. However, governments should take the lead and issue
standards and best practices on the most effective approach.
For example, last year, the Singapore
Cyber Security Agency held Exercise
Cyber Star with 11 designated Critical Information
Infrastructures (CII) to put the country’s cyber incident management and
emergency response plans to test. This was done through a series of simulated
cybersecurity incidents, planning sessions and workshops  and served as a good
platform for the organizations and agencies to assess their cyber-readiness and
knowledge-share on best practices. Assessing the current state of readiness is
the first step to implementing an effective cybersecurity plan.
· Be aware of weak lines between OT and
IT – Operational Technology (OT) is a system that monitors and controls
physical devices and processes, such as how much electricity is generated
through transmission lines. Traditionally, these functions were run on man-operated
equipment. With the growth of Internet of Things (IoT) devices, many OT systems
are now equipped with IP addresses to enable remote access streamline control operations.
This transition means that OT and IT networks are increasingly connected and security
standards must be kept up-to-date to ensure proper barriers between the
Successful measures include improved
access control and encryption, which helps prevent hackers from gaining access
to IT networks and enables quick control of OT that could result in disruptions
or ransom of essential services like electricity, water and public transport.
· Stay adaptable as IT landscapes evolve
– A recent
study found that 92% of businesses leaders in India
believe that organizations need to adopt a digital-first mindset to drive
As such, we will soon start to witness private and public sector organizations moving
toward digitalised business models that rely on the latest advanced technology
trends. From the growth of IoT to moving into public clouds and artificial
intelligence, IT operations and security must adapt to keep pace with the
newest advancements, all while mitigating risks.
While attacks on critical
infrastructure can have dire consequences, they are akin to attacks that have already
hit other industries and can be managed with existing best practices. New or
improved technologies can also help enhance the protection of critical
infrastructure assets. Voice and video analytics platforms powered by machine
learning, for instance, provide a number of capabilities, including crowd
control, gauging expected motions and identifying objects and individuals
whether stationary or in motion.
Critical infrastructure protection is essential to the security of India.
While daily operations among the private and public sectors continue to differ,
a collective effort is required to securely build India’s digital economy and
achieve the Smart Cities Mission by 2020. Information sharing and collaboration
between the public and private sectors are equally vital to securing the nation’s
We release new articles daily on trending topics within technology and the public sector. Subscribe to have weekly digests of our articles conveniently sent to your email address.
Mövenpick Hotel and Convention Centre KLIA
One Farrer Hotel
Sheraton Towers Singapore
Putrajaya Marriott Hotel
Marina Bay Sands, Singapore
JW Marriott Jakarta