In News:

The World Economic Forum (WEF) recently released the Global Cybersecurity Outlook 2025 report. The report examines cybersecurity trends, key challenges, and necessary strategies to enhance global cyber resilience.

About Global Cybersecurity Outlook 2025

Produced in collaboration with Accenture, the report highlights major cybersecurity issues influenced by geopolitical tensions, emerging technologies, supply chain complexities, and cybercrime advancements.

Key Issues Highlighted

• Geopolitical Conflicts:

• Ongoing conflicts, such as the Russia-Ukraine war, have increased cyber vulnerabilities in critical sectors like energy, telecommunications, and nuclear power.
• Nearly 60% of organizations state that geopolitical tensions have impacted their cybersecurity strategies.

• Cybersecurity Readiness:

• Two-thirds of organizations foresee AI impacting cybersecurity, yet only one-third have the tools to assess AI-related risks.
• Smaller organizations face significant challenges in adopting AI-driven security measures.

• Cyber Skills Gap:

• As of 2024, there is a shortage of 4.8 million cybersecurity professionals globally.
• Only 14% of organizations have a skilled workforce to manage current cybersecurity threats.
• Public-sector organizations are notably impacted, with 49% reporting a shortage in cybersecurity talent.

• Supply Chain Interdependencies:

• Over 50% of large organizations identify supply chain complexity as a barrier to cyber resilience.
• Vulnerabilities in third-party software, cyberattacks, and enforcement issues in security standards are key concerns.

• Cybercrime Sophistication:

• Cybercriminals are increasingly leveraging generative AI tools for automated and personalized attacks, including phishing and social engineering.
• In 2024, 42% of organizations experienced phishing and deepfake attacks.

• Regulatory Challenges: 70% of organizations reported that complex cybersecurity regulations cause compliance issues.

Impacts

• Critical Infrastructure:
  • Cyberattacks on essential infrastructure, such as water utilities, satellites, and power grids, pose severe risks to public safety.
  • Example: A 2024 cyberattack on a U.S. water utility disrupted operations, highlighting vulnerabilities in critical infrastructure systems.
• Biosecurity Risks:
  • Advancements in AI, cyberattacks, and genetic engineering create risks for bio-laboratories and research institutions.
  • Incidents in South Africa and the UK underscore these threats.
• Economic Disparities: Developed regions like Europe and North America demonstrate stronger cyber resilience compared to emerging economies such as Africa and Latin America.
• Transition Issues to Renewable Energy (RE): The shift to renewable energy introduces new cybersecurity risks, making power grids attractive targets for cybercriminals.

Factors Increasing Cybersecurity Complexity

• Supply Chain Vulnerabilities: Increasingly complex supply chains create risks with limited oversight, enabling cyberattacks to spread across interconnected systems.
• Geopolitical Tensions: Conflicts have driven advanced cyber strategies targeting critical infrastructure.
• AI-Driven Threats: Generative AI enables scalable malware deployment and sophisticated multilingual social engineering attacks.
• Cyber Skills Gap: A growing 8% skills gap leaves two-thirds of organizations unable to meet cybersecurity demands.
• Convergence of Cybercrime and Organized Crime: Rising cyber-enabled fraud has attracted organized crime groups, amplifying social impact.
• Climate-Linked Cyber Risks: Energy grids are increasingly targeted due to their reliance on evolving energy systems.
• Quantum Vulnerabilities: Quantum computing poses risks to public-key encryption, which is essential for securing digital systems.

Way Forward

Strategic Investment:

• Cybersecurity must be viewed as a strategic investment rather than a technical expense.
• Governments are encouraged to modernize legacy systems and upgrade operational technologies to protect critical sectors.

Public-Private Collaboration:

• Collaboration between business and cybersecurity leaders is essential for sharing threat intelligence and enhancing resilience.
• Small and medium enterprises (SMEs) may require government incentives to enhance cybersecurity.

Skills Development: Expanding specialized training programs, certifications, and incentives is crucial to addressing the cybersecurity skills gap.

Focus on Resilience Over Prevention: Nations must prioritize resilience by enhancing response mechanisms, crisis management frameworks, and ensuring continuity of services.

International Cooperation:

• Collaborative efforts through forums like the United Nations (UN) and G20 can strengthen global cybersecurity frameworks.
• Developed nations should assist emerging economies in improving cyber resilience.

Current Framework for Cybersecurity in India

• Legislative Measures:
  • Information Technology Act, 2000 (IT Act)
  • Digital Personal Data Protection Act, 2023
• Institutional Framework:
  • Indian Computer Emergency Response Team (CERT-In)
  • National Critical Information Infrastructure Protection Centre (NCIIPC)
  • Indian Cyber Crime Coordination Centre (I4C)
  • Cyber Swachhta Kendra
• Strategic Initiatives:
  • Bharat National Cybersecurity Exercise 2024
  • National Cyber Security Policy, 2013
• Sector-Specific Regulations:
  • Cybersecurity Framework for SEBI Regulated Entities
  • Telecommunications (Critical Telecommunication Infrastructure) Rules, 2024

In News:

Government and Meta join forces for "Scam se Bacho" Campaign to tackle rising online scams.

Key Details

• The "Scam Se Bacho" initiative aims to create a safer, more secure digital India by empowering users to protect themselves against growing cyber threats, contributing to the resilience of India’s digital progress.
• Objective: To combat rising online scams and cyber frauds by promoting digital safety and vigilance across India.

• Partners:
  • Meta (formerly Facebook)
  • Ministry of Electronics and Information Technology (MeitY)
  • Ministry of Home Affairs (MHA)
  • Ministry of Information and Broadcasting (MIB)
  • Indian Cyber Crime Coordination Centre (I4C)

Purpose and Vision

• Goal: Empower Indian citizens with the knowledge and tools to protect themselves from online scams and cyber threats.
• Strategic Focus:
  • Foster a culture of digital safety and vigilance.
  • Align with the Digital India initiative, which has seen extraordinary growth in digital services, including 900 million internet users and leadership in UPI transactions.
  • The campaign aims to build a national movement to safeguard citizens, emphasizing the importance of cyber literacy and digital security.

Key Points

• Growing Cybersecurity Threats:
  • India has seen a surge in cyber frauds, with 1.1 million cases reported in 2023.
  • The government is committed to addressing these threats through stronger cybersecurity measures and enhancing digital literacy.
• Meta’s Role:
  • Meta’s global expertise in online safety will be leveraged to equip citizens with the knowledge to prevent cyber scams.
  • Meta’s collaboration with the government aims to extend the reach of the campaign nationwide.

Features of the "Scam Se Bacho" Campaign

• Nationwide Reach:
  • The initiative targets India’s 900 million internet users, making it a comprehensive national effort.
• Government Support:
  • Backed by key ministries to ensure alignment with national digital and cybersecurity goals under Digital India.
  • Whole-of-government approach to raise awareness on cyber safety.
• Educational Focus:
  • The campaign emphasizes educating citizens on how to recognize and prevent online scams and threats.

In News:

• India has achieved Tier 1 status in the Global Cybersecurity Index (GCI) 2024, published by the International Telecommunication Union (ITU), with an impressive score of 98.49 out of 100.

Role-Modeling Country: This accomplishment places India among ‘role-modeling’ countries, reflecting a strong commitment to cybersecurity practices globally.

Assessment Criteria: The GCI 2024 evaluates national efforts based on five pillars:

• 1. Legal Measures
  2. Technical Measures
  3. Organizational Measures
  4. Capacity Development
  5. Cooperation
• Evaluation Methodology: The index utilized a comprehensive questionnaire comprising 83 questions, which cover 20 indicators, 64 sub-indicators, and 28 micro-indicators, ensuring a thorough assessment of each country's cybersecurity landscape.
• Tier Classification: The GCI 2024 report categorized 46 countries in Tier 1, the highest tier, indicating a strong commitment across all five cybersecurity pillars. Most countries fall into lower tiers, either “establishing” (Tier 3) or “evolving” (Tier 4) their cybersecurity frameworks.

Key Achievements

• Global Standing: India ranks at the top level of global cybersecurity rankings, showcasing its dedication to enhancing cyber resilience and securing its digital infrastructure.
• Government Initiatives:
  • Robust Frameworks: Establishment of comprehensive frameworks for cybersecurity and cybercrime laws.
  • Sectoral Support: Implementation of Sectoral Computer Incident Response Teams (CSIRTs) that provide technical support and incident reporting across various industries.
  • Educational Integration: Cybersecurity has been integrated into primary and secondary education curricula to foster informed digital citizens.
  • Public Awareness: Targeted campaigns have promoted secure online practices across multiple sectors, including private industry and academia.
  • Skill Development and Innovation: The government has provided incentives and grants to enhance skill development and promote research within the cybersecurity sector.
  • International Collaborations: India has engaged in numerous bilateral and multilateral partnerships to strengthen its capacity-building and information-sharing efforts.

About the International Telecommunication Union (ITU)

• Overview: Established in 1865, the ITU is the United Nations specialized agency for information and communication technologies, becoming a UN agency in 1947.
• Membership: ITU has 193 member countries and over 1,000 associated organizations, including companies and universities.
• Functions: ITU coordinates global radio spectrum allocation, sets technical standards for telecommunication, and works to improve ICT access in underserved communities.
• India's Involvement: India has been an active ITU member since 1869 and a regular participant in the ITU Council since 1952.