State of Cyber Security in India and Switzerland
By Janina Keller, Junior Manager – Entrepreneurship and Innovation, January 2016
Nowadays, we shop online, have sensitive business information on our business servers and enter personal information on social networks. However, how secure are these data? How do startups handle cyber security? And how do (digital) cultural differences between India and Switzerland influence cyber security?
A focus group including Swiss Professor Solange Gheranaouti, as well as Indian cyber security specialists discussed these topics at swissnex India on January 27, 2016.
Cyber Security not a priority of startups
The Indian startup experts agreed that cyber security is not a top priority for (IT) startups – for two main reasons: Firstly, for most of them, cyber security does not seem so essential. Providing a satisfying user experience and being able to cover the basic costs seems more important in the beginning. “Most of the startups will not take cyber security seriously until it fails at one point” says the founder of IoT Bangalore Nihal Kashinath. Additionally, Nishil T Koshy, founder of Kfx Labs mentioned that most of the startups at the moment gear-up for cyber-leak disaster management rather than prevention. Here, we critically have to ask ourselves, when is the right moment to start thinking about it?
Secondly, startups often miss a basic understanding of cyber security. This is exactly where the startup Appknox of Harshit Agarwal and Amit Subodh comes into play. They are generating security summary reports to identify possible leaks in mobile apps.
Numerous experts of the focus group agreed that several payment methods on e-commerce platforms are not secure (enough). Bastien Wanner, a Swiss PhD student in the field of cyber security, raised the question of whose interest it is in to have unsecure e-commerce platforms: Obviously, it can be neither in the interest of the consumer, nor the provider. Harshit Agarwal answers by explaining that India is only in the beginning of the cyber security process and people are not (yet) aware how vulnerable they are. Furthermore, it is difficult for the consumer to track back to where the leak actually was and identify the insecurity.
Hence, at the core we really have to ask ourselves, who is accountable for cyber security? Is it the responsibility of the app producer, the government or even the consumer? The group agrees that this is clearly a shared responsibility between the different stakeholders – they all need to be educated about cyber security.
Largely, and on a global scale, a culture of cyber risk assessment and mitigation needs to be developed and embedded into our daily lives to increase the overall cyber security.