The exponential rise of India's digital economy to $800 billion by 2030 is anticipated to be driven by expanding internet penetration and technological innovation. The convergence of financial services and innovative technologies has introduced concepts such as paperless financing, Neobanking, WealthTech, InsurTech, Buy Now Pay Later (BNPL), making a customer’s experience more intuitive, personalised and empowering. With the Indian government's emphasis on establishing a cashless society and the RBI's use of blockchain to introduce a digital currency soon, the ‘Digital India’ initiative is on the right road.
Rising cyber frauds: A cause for concern
By 2026, India is expected to have adopted digital payment systems at a rate of three times the global average, with a value of US$1 trillion. But with the rapidly increasing menace of online theft, it is time to make online transactions risk-free and protect users from cyber fraud. According to the US-based cyber security company Norton, India experienced over 18 million cyberattacks and threats in the first three months of 2022. That’s over 200,000 cyber-attacks daily. Today, our digital connectivity makes us easily consume, exchange and store digital information, which often falls in the hands of fraudsters. That’s where Zero Trust Network comes into play.
Securing cyberspace with zero trust
Zero trust is used to secure businesses in the cloud and mobile environments. Zero trust's fundamental tenet is straightforward: Never trust, always verify. The verification process is one of the critical aspects of the zero trust approach, where every access request is thoroughly evaluated in real time before granting access. This process greatly simplifies network security initiatives compared to the early 1990s, which was dependent on a centralised data centre, which required a resource-intensive method of determining access control across many dimensions.
Least-privileged access, a fundamental tenet of zero trust, states that trust should be created depending on context (e.g., user identity and location, endpoint security posture, application or service being requested), with policy checks at each stage. Zero trust enables secure digital transformation by utilising business policies to link users, devices, and apps securely across any network.
This network must be implemented by companies that deal with highly confidential or private information. The possibility that user information will end up in the wrong hands and be misused is very likely if there are no stringent safeguards in place.
Additionally, protecting sensitive data must be a top priority to avoid expensive fines and reputational harm due to rising legal obligations and cyber threats. Zero trust aids in preventing contemporary cybercrimes that might be committed through unmonitored or uncontrolled VOIP systems, Wi-Fi, cloud, and WAN, among others. The ability to deploy single sign-on (SSO) systems that significantly reduce the number of passwords end users need to remember is a crucial component of zero trust.
The threat prevention process was compartmentalised in traditional security frameworks. This implied that every security tool had its configuration and ran independently of the others. Certain infrastructure elements were more vulnerable when security tools were lost on the network or misconfigured. Zero trust is helpful in this aspect since it allows for creating a universal policy that can be applied throughout the entire organisation. The potential for security vulnerabilities or gaps in certain portions of the infrastructure becomes much less likely as security policy is deployed and managed in a much more efficient manner from the administrator's perspective.
Read about Risk Based Authentication
The future of cyber security
In 2021, India was the third-largest victim of expanding cybercrime with five significant data breaches. Over 150 million users were affected and now their private information is floating around in cyberspace, making them vulnerable to the growing threat of online theft and fraud. Safeguarding critical infrastructure and data is, therefore, essential. In that respect, zero-trust systems can be viewed as a form of insurance against lost or stolen data.
Debanjan Chatterjee heads Decision Sciences at Bureau. This column was first published in Tech Circle. Read the original article here