InfoSecBulletin Cybersecurity for mankind
India has made strides in cybersecurity by clarifying ministerial roles in September 2024 and implementing a National Security Directive that limits telecom infrastructure procurement to trusted sources. It is also considering similar protocols for other vital sectors like power.
To address the shortage of cybersecurity professionals, the government is investing in education by adding cybersecurity modules to school curriculums and offering specialized BTech and MTech degrees in the field.
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
CISA Warns Active Exploitation of Apple iOS Security Flaw
Massive IoT Data Breach Exposes 2.7 Billion Records
SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild
AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors
Lazarus Group Unleashes New Malware Against Developers Worldwide
Daily Security Update Dated : 15.02.2025
Salt Typhoon to target Bangladeshi Universities, One identified
The Quality Council of India (QCI) is developing minimum security standards for networked devices to enhance security in the device ecosystem nationwide.
A Shift in Threat Patterns:
Chakravarthy T. Kannan, Secretary General of QCI, noted a shift in cyberattacks from urban centers to smaller cities. Now, 50% of cyber incidents happen outside the top 10 metropolitan areas, unlike before when 80% targeted just 20% of key markets.
Mandar Kulkarni, Microsoft’s National Security Officer, stated that his team tracks 600 million cyberattacks each day, primarily focused on identity-based threats. He mentioned that simple steps like multi-factor authentication could prevent 99% of these attacks. Additionally, he highlighted that since March 2024, Distributed Denial of Service (DDoS) attacks have evolved from volume-based to more complex application-level threats.
Cybersecurity: A Growing Market Opportunity
At CyberComm 2025, Suprakash Chaudhuri, Country Head of Digital Industries at Siemens Ltd and Co-Chair of FICCI’s Technology Committee, discussed the financial aspects of cybersecurity. He noted that India’s cybersecurity market is expected to grow from USD 5.56 billion in 2025 to USD 12.9 billion by 2030, with a compound annual growth rate (CAGR) of 18.33%.
“Cyberattacks are cheap, fast, and highly profitable for perpetrators. Yet the impact they leave on businesses and governments is devastating,” Chaudhuri remarked.
He emphasized the need for proactive threat detection, solid policies, and workforce development. Businesses should use advanced technologies like AI for threat intelligence and encourage collaboration across sectors to combat complex cyber threats.
The Road to Data Protection:
India is advancing in data protection. In January 2025, the government released draft rules under the Digital Personal Data Protection (DPDP) Act, 2023, for public feedback until February 18. These rules seek to establish clear guidelines for managing personal data.
India has reached a major milestone in its ten-year effort to establish data protection laws. The DPDP Act reflects the recommendations of a 2011 expert committee headed by former Delhi High Court Chief Justice A.P. Shah.
The draft suggests a phased rollout. Rules for the Data Protection Board will take effect immediately, while consent management, notice requirements, and government data access will be implemented gradually.
Strengthening India’s Cybersecurity Future:
India faces significant cybersecurity challenges due to its many connected devices, growing digital economy, and changing threats. A comprehensive strategy needs cooperation among government, industry, and academia.
India is building a secure digital future through policy frameworks, trusted supply chains, educational initiatives, and industry solutions. Success relies on the active involvement of all stakeholders.
As Lieutenant General Nair aptly put it, “Cybersecurity is not just a technological challenge; it is a mission-critical priority that demands collective action.”
