By As the cybersecurity threat landscape in India grows more complex with AI, industry leaders have called on the government to modernize existing frameworks and policies in order to strengthen the nation’s cyber resilience.
Cybersecurity and Cyber defense
“I think we should have a dedicated ministry for cybersecurity and cyber defense instead of having an organization that is part of another ministry. As more and more of India gets digitized, cybersecurity should be priority number one for the government, for its people, and the economic stability of the country itself.
That would be the starting point,” Akhilesh Tuteja, the global head of cybersecurity at KPMG India, said at a panel discussion organized by Microsoft India on the topic of ‘Cybersecurity in the age of AI’.
The virtual event held on Tuesday, October 22, also saw participation from Satvinder Madhok, the global head of cybersecurity operations at Wipro, and Bithal Bhardwaj, group CISO, GMR Group. It was moderated by Irina Ghosh, the managing director of Microsoft India and South Asia.
What is the role of AI in cybersecurity?
While the rise of generative AI has led to its malicious use by threat actors, tech giants like Microsoft are increasingly leveraging AI in order to enhance security in its products and for its customers.
On how AI has impacted Microsoft’s cybersecurity approach, Irina Ghosh said, “Copilot for security was something that we unveiled in 2023. It is an AI driven cross-stack solution which enables defenders to upskill themselves and change their security posture from a reactive to a proactive one.”
She further claimed that Microsoft’s Copilot for Security helped users respond 26 per cent faster and 35 per cent more accurately to cybersecurity incidents as compared to what they were doing earlier.
“Today, we’re collecting about 78 trillion security signals a day, which was just about 8 trillion signals in 2021, to track threats […] These signals matter a lot to us because we cannot protect anything unless we can see,” Ghosh added.
Improving signal-to-noise ratio
Meanwhile, KPMG’s Tuteja explained that one of the key benefits of AI in cybersecurity was improving signal-to-noise ratio. Security teams are constantly bombarded with alerts and data, and AI can help to filter out the noise so that they can focus on the most important threat, he said.
He also talked about using generative AI to simulate phishing attempts. “In the past, phishing simulations used to be very basic and simple. Now, we can actually emulate the behavior of an attacker through the use of generative AI. The whole ecosystem allows us to train our people better,” Tuteja further said.
GMR Group’s Bhardwaj pointed out that AI could be used to create reports and summaries of cybersecurity incidents, saving analysts a significant amount of time. “A security analyst who’s looking at the alerts coming in from whatever platform they’re using for security, can have a conversation with the AI tool itself and ask it questions the way their leader or their manager or their CISO would ask them,” he said.
What will it take to make India secure?
Highlighting awareness as a foundation of cyber resilience, Wipro’s Madhok said that the government should create a framework that builds trust in security systems and encourages people to adopt digital technologies safely. It is important to note that an updated version of India’s National Cyber Security Policy (NCSP), 2013, has been in the works since four years.
To address the shortage of cybersecurity professionals in India, Madhok suggested that training programmers should start at the university-level. “Over 5,25,000 villages in this country and we’ve got to reach the last man standing. That isn’t an easy task for any particular person. So, this requires movement on a massive scale from the government perspective,” he added.
When asked about increasing collaboration among hackers, the panelists responded by stating that defenders were also collaborating more closely, with each other and with governments.
However, Tuteja pointed out that the difference in motivation makes it more difficult for defenders to collaborate as effectively as attackers. Hackers are often motivated by bragging rights and notoriety, while defenders are often more reluctant to share information about attacks due to embarrassment or fear of reputational damage, he said.
Microsoft’s renewed focus on cybersecurity
Last year, the US Cyber Safety Review Board had found that “Microsoft’s security culture was inadequate and requires an overhaul.” A few months later, CEO Satya Nadella announced the Secure Future Initiative (SFI) which has over 34,000 full-time Microsoft engineers working on improving the company’s cybersecurity strategy.
In July 2024, Microsoft Windows systems around the world experienced a massive outage that brought critical infrastructure such as airports, banks, hospitals, etc… to a grinding halt. The root cause of the outage was identified to be a faulty software update issued by cybersecurity firm Crowds trike. Shortly after, there were reports that Microsoft was planning to cut off the kernel-level Windows access of vendors like Crowds trike.
At Tuesday’s event, Microsoft India MD Irina Ghosh outlined the three principles of SFI: secure by design, secure by default, and secure in operations. Highlighting figures from the company’s latest Digital Defense Report, she said that the number of password attacks had risen to 7,000 per day this year as compared to 579 in 2021 with six million identity attacks happening everyday.
