InfoSecBulletin Cybersecurity for mankind
India has made strides in cybersecurity by clarifying ministerial roles in September 2024 and implementing a National Security Directive that limits telecom infrastructure procurement to trusted sources. It is also considering similar protocols for other vital sectors like power.
To address the shortage of cybersecurity professionals, the government is investing in education by adding cybersecurity modules to school curriculums and offering specialized BTech and MTech degrees in the field.
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
GitLab Releases Security Update For Multiple Vulns
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
The Quality Council of India (QCI) is developing minimum security standards for networked devices to enhance security in the device ecosystem nationwide.
A Shift in Threat Patterns:
Chakravarthy T. Kannan, Secretary General of QCI, noted a shift in cyberattacks from urban centers to smaller cities. Now, 50% of cyber incidents happen outside the top 10 metropolitan areas, unlike before when 80% targeted just 20% of key markets.
Mandar Kulkarni, Microsoft’s National Security Officer, stated that his team tracks 600 million cyberattacks each day, primarily focused on identity-based threats. He mentioned that simple steps like multi-factor authentication could prevent 99% of these attacks. Additionally, he highlighted that since March 2024, Distributed Denial of Service (DDoS) attacks have evolved from volume-based to more complex application-level threats.
Cybersecurity: A Growing Market Opportunity
At CyberComm 2025, Suprakash Chaudhuri, Country Head of Digital Industries at Siemens Ltd and Co-Chair of FICCI’s Technology Committee, discussed the financial aspects of cybersecurity. He noted that India’s cybersecurity market is expected to grow from USD 5.56 billion in 2025 to USD 12.9 billion by 2030, with a compound annual growth rate (CAGR) of 18.33%.
“Cyberattacks are cheap, fast, and highly profitable for perpetrators. Yet the impact they leave on businesses and governments is devastating,” Chaudhuri remarked.
He emphasized the need for proactive threat detection, solid policies, and workforce development. Businesses should use advanced technologies like AI for threat intelligence and encourage collaboration across sectors to combat complex cyber threats.
The Road to Data Protection:
India is advancing in data protection. In January 2025, the government released draft rules under the Digital Personal Data Protection (DPDP) Act, 2023, for public feedback until February 18. These rules seek to establish clear guidelines for managing personal data.
India has reached a major milestone in its ten-year effort to establish data protection laws. The DPDP Act reflects the recommendations of a 2011 expert committee headed by former Delhi High Court Chief Justice A.P. Shah.
The draft suggests a phased rollout. Rules for the Data Protection Board will take effect immediately, while consent management, notice requirements, and government data access will be implemented gradually.
Strengthening India’s Cybersecurity Future:
India faces significant cybersecurity challenges due to its many connected devices, growing digital economy, and changing threats. A comprehensive strategy needs cooperation among government, industry, and academia.
India is building a secure digital future through policy frameworks, trusted supply chains, educational initiatives, and industry solutions. Success relies on the active involvement of all stakeholders.
As Lieutenant General Nair aptly put it, “Cybersecurity is not just a technological challenge; it is a mission-critical priority that demands collective action.”
