There are cyber attacks all over the world, including India. Such attacks in India run into millions. On account of the flood of attacks in recent times, we should focus on people, process and technology. Though there are professional firms of cybersecurity, there is also an army of ethical hackers who are certified security professionals or security researchers. They are called ‘bug bounty hunters.’ They crawl the web and scan the systems of various organisations. They alert the organisations if there is vulnerability in their systems. They are rewarded in cash or kind by the organisations. Their services are availed of, even if the organisation has its own internal security team. There are vulnerabilities on government sites too. The bounty programme was initiated in the US and Europe in the 80s. Social media companies leverage it. Some organisations do not understand the work these ethical hackers do. They are white-hat people and yet they are treated as black-hat hackers. Some companies are in denial mode. India needs 5 lac plus ethical hackers in the next five years, where as at present it has merely 70,000.
Data breaches happen mainly due to weaknesses in the technology. Though organisations spend a lot to build robust systems, they ignore the two other equally important components — human error and third-party service providers.