Category: Feature

REDEFINING THE ROLE OF SECURITY IN THE CORPORATE WORLD ANIL PURICMD, APS Group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. “In a world of rising risks, security is the new RoI” Introduction In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains. It makes a bold move and great sense to transform the corporate mindset – from viewing security as a cost center to appreciating it as a strategic investment that protects profits, fuels resilience, and builds competitive advantage in the global market. “When security leads, losses retreat” 1.Understanding the Legacy Perception: Security as a Cost Center Security was traditionally viewed as a non-productive overhead. Historically, security was confined to physical guarding, with minimal alignment to strategic business goals. This perception relegated it to a cost on the profit and loss account without tangible contribution to revenue or growth. Security budgeting is often reactive and not outcome-linked. Corporate boards often allocate security budgets after an incident, making it reactive rather than preventive. There’s minimal linkage between security inputs and organizational outcomes or profitability. RoI of security investments is difficult to quantify. Unlike marketing or production where inputs and outputs can be directly measured, the returns from security (e.g., prevention of incidents, reputation protection etc.,) are intangible. This causes reluctance in investing significantly in security measures – poor integration with business strategy. In many organizations, security functions operate in silos without integration with operations, HR, finance, or IT, further weakening their strategic relevance and visibility. 2.Evolving Threat Landscape: A Paradigm Shift in Risk Perception “Every breach avoided is revenue protected – security is silent profitability“ Rise of hybrid and complex threats Modern threats are no longer isolated – cyber and physical threats now converge. For instance, a disgruntled insider can physically access a server room and launch a ransomware attack. This hybrid nature makes security far more strategic. Globalization and expanded risk perimeters Global supply chains, remote operations, and digital platforms mean that organizations now face risks from multiple geographies, jurisdictions, and threat actors – ranging from state-sponsored espionage to transnational crime networks. Political, economic, and environmental risks Geopolitical tensions, trade wars, climate-induced disasters, and pandemics like COVID-19 have demonstrated how non-traditional threats can cripple operations and cause massive financial losses. Regulatory tightening and compliance pressures From GDPR in Europe to India’s Digital Personal Data Protection Act, and evolving ESG norms – security and privacy compliance have become core to business licensing, investor trust, and global market access. Increased accountability of C-suite and Boards Security breaches now result in reputational damage, legal scrutiny, and even removal of CXOs. Leadership is increasingly accountable for lapses in data protection, crisis management, and employee safety. “Security transforms from expense to asset the moment a threat is blocked” 3.Security as a Profit Protector: Strategic Reframing Loss prevention equals profit protection Security measures reduce theft, fraud, and operational disruptions – translating directly to cost savings and enhanced margins. Retail chains globally invest heavily in surveillance and analytics to prevent inventory loss (shrinkage). Security sustains business continuity and investor confidence A well-secured environment ensures minimal operational downtime during crises, assuring investors and clients of organizational resilience. For example, firms with robust Business Continuity Plans (BCP) performed better during the COVID-19 lockdown. Brand trust is rooted in security and compliance Customers, regulators, and stakeholders are more loyal to companies that protect their data, ensure safe workplaces, and comply with laws. A breach in security can wipe out years of brand building – as seen in high-profile data leaks. Security mitigates legal and regulatory penalties Failure to implement adequate security can lead to lawsuits, sanctions, and insurance claim denials. Proactive compliance with security standards (e.g., ISO 27001, ISO 18788) reduces liabilities. Cybersecurity is a competitive differentiator In sectors like BFSI, IT, and e-commerce, robust cyber defense systems enhance customer confidence, driving sales and global competitiveness. “No margin is safe without protection – security defends the bottom line” “In today’s volatile, unpredictable, complex, and ambiguous (VUCA) world, corporations face a wide range of threats – cyber, physical, reputational, and geopolitical. Security, once considered a passive cost burden, is now being redefined as an active protector of profits, business continuity, and corporate reputation. With rising incidents of cyberattacks, insider threats, industrial sabotage, and disruptions caused by natural disasters and civil unrest, the role of corporate security has expanded from guarding gates to safeguarding value chains” 4.Case Studies: Global and Indian Examples Target Corporation, USA. A 2013 data breach led to 40 million customer credit card details being stolen. The company faced $200 million in losses and lost customer trust. Since then, they have invested heavily in cybersecurity, positioning themselves as an industry leader in retail security. Tata Consultancy Services (TCS), India TCS integrates information security within its project lifecycle, ensuring client data protection and compliance with global norms like GDPR. This has made it a preferred vendor for Fortune 500 clients. Taj Mumbai 26/ 11 Attack Response During the 2008 Mumbai attacks, security and hotel staff protected guests and facilitated emergency evacuation. Their preparedness became a global case study in disaster response and resilience. Amazon’s Security Architecture Amazon deploys AI-driven surveillance, warehouse robotics, and encrypted data architecture to ensure smooth operations even under peak demand. This contributes directly to customer satisfaction and profitability. “In today’s corporate battlefield, security…

Technological advancement has ushered in a new wave of innovation and efficiency – but it has also opened the door to vulnerabilities that cyber attackers are eager to exploit. With billions in damages and reputational costs at stake, businesses must evolve their security posture to match these emerging threats. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond. Attacks on operational technology will increase No longer content to target IT, cyber attackers are increasingly taking aim at critical operational technology (OT) systems. Prominent examples like the Colonial Pipeline [i] and MGM Grand [ii] attacks demonstrate the way that threat actors are now more focused on completely shutting down facility operations instead of just stealing information. This shift shows how cybercriminals and state-sponsored groups are evolving their tactics to inflict a more direct, crippling impact on business operations globally. In 2025, protecting OT systems from these types of targeted, disruptive attacks will be a major cybersecurity challenge for industrial organizations. Cybersecurity regulation will intensify Globally, governments are recognizing the systemic risks posed by attacks and are taking a more active and collaborative role in driving cybersecurity best practices. This will significantly impact the way that organizations approach security. For instance, there are now regulations like the European Union’s NIS2 Directive [iii] that can hold executives personally liable if appropriate security measures are not implemented at their organizations. This will drive stronger collaboration among government and the C-suite, boards and cybersecurity leaders. As cybersecurity continues to evolve in 2025, organizations around the world will have to rethink their approach to protecting their most critical assets and operations. Here are five cybersecurity trends to watch in 2025 and beyond In the U.S., there are new SEC rules [iv] that require prompt reporting of cyberattacks to provide greater protection for investors. Meanwhile, Australia is set to implement stringent cyber regulations of its own through the Security of Critical Infrastructure (SOCI) Act [v] . Though SOCI was first enacted in 2018, the grace period for compliance ended in August 2024. This means that going forward, Australian organizations in critical infrastructure sectors will now be required to comply with this enforceable regulation or face potential fines. Overall, organizations across the globe will have to closely monitor evolving government regulations and align their security strategies accordingly to avoid penalties and reputational damage in the coming year. Asset visibility will improve In 2025, a key cybersecurity challenge for organizations, particularly building operators, will be gaining full visibility into the myriad connected assets on their networks. Many building owners struggle to identify all the connected devices, from security cameras to HVAC systems to access control panels, which make up their OT infrastructure. Without a clear understanding of their complete asset inventory, organizations are unable to effectively defend against threats. Attackers who gain access to unmonitored systems can disrupt critical building functions and cripple operations. Honeywell’s Cyber Insights is an OT-focused solution designed to help provide building operators with near real- time visibility into their full asset landscape. It delivers the comprehensive asset discovery and management that is essential for protecting OT environments in 2025 and beyond. AI’s role in security will grow In 2025, there will be greater reliance on AI-powered solutions to enhance cybersecurity capabilities. For example, in the building operations space, AI can be used to automate patch management and mitigate disruptions. Instead of simply deploying patches, AI can analyze the risks and impacts, and selectively apply patch updates in a way that minimizes downtime. AI is also enhancing security monitoring and incident response. For example, AI can help in analyzing log data to quickly identify true threats and prioritize the most critical issues. This allows organizations to eliminate false positives and respond to incidents faster and more effectively. OT security expertise will be in demand As cyberattacks are increasingly targeted at OT systems, organizations are recognizing the critical need for security teams to deeply understand OT infrastructure and its unique vulnerabilities. Traditional IT personnel often lack the specialized knowledge required to secure OT assets like HVAC, access control and building management systems. Going forward, security leaders must make sure that their teams can identify and mitigate risks across the full IT-OT convergence. This includes understanding OT communication protocols, equipment architectures and the potential cascading impacts of disruptions. Without comprehensive OT security expertise, organizations remain dangerously exposed to attacks that could cripple critical systems and operations Read more

Sudhakar Aruchamy Chief Technology OfficerEverestIMS Technologies Artificial Intelligence isn’t just another tech buzzword – it’s a runaway train barreling through the global technology landscape, tearing up the tracks of convention and leaving a trail of awe, disruption, and existential questions in its wake. In 2025, AI’s fingerprints are everywhere – from the networks humming beneath 5G cities to the autonomous drones delivering medical supplies in war-torn Ukraine, from the AI-crafted climate models guiding Pacific Island nations against rising seas to the deepfake controversies rocking democratic elections worldwide. This isn’t a quiet evolution – it’s a seismic shift, and the world is still scrambling to catch up. The Global AI Arms Race: Innovation Meets Chaos Start with the numbers – AI investment is forecast to approach $200 billion globally by 2025 (Goldman Sachs). Beijing’s state-backed push has birthed AI-driven surveillance systems so advanced they can predict social unrest by analyzing crowd behavior, while Silicon Valley’s tech giants – Google, Microsoft, and xAI – counter with models like Grok, Deepseek and Manus AI powering everything from chatbots to quantum computing simulations. Meanwhile, Europe’s AI Act, now in full swing, tries to rein in the chaos with strict ethical guidelines, but enforcement feels like a game of whack-a-mole against a flood of innovation. Artificial Intelligence isn’t just another tech buzzword – it’s a runaway train barreling through the global technology landscape, tearing up the tracks of convention and leaving a trail of awe, disruption, and existential questions in its wake In Africa, AI is a double-edged sword. Startups in Kenya are using it to optimize solar grids for off-grid villages, but the continent’s digital divide means many are left out of the AI boom – exacerbating inequality while others reap the benefits. Across the Middle East, AI-powered oil extraction algorithms are slashing costs for Saudi Aramco, but they’re also raising alarms about job losses in an already volatile region. This isn’t just tech; it’s geopolitics, economics, and culture colliding at warp speed. AI’s Tech-Space Makeover : From Networks to Creativity Dig deeper, and AI’s reshaping the tech stack itself. Take networks – like those powered by EverestIMS Technologies Infraon IMS, are using machine learning to predict failures, allocate bandwidth, and fend off cyber threats in real time. 5G’s rollout, now covering 60% of the globe, relies on AI to manage its insane data throughput, but it’s also creating new vulnerabilities – DDoS attacks doubled last year, with AI both the culprit and the cure. In the future, Infraon IMS will enhance its capabilities to drive self-optimizing systems, enabling intelligent automation and adaptive performance improvements. Then there’s the creative frontier. The 2024 Writers Guild strike over ‘AI replacement’ fears showed the human backlash brewing. In music, platforms like Suno use AI to generate chart-topping tracks, but artists like Billie Eilish are crying foul, accusing the tech of stealing soul. Meanwhile, in gaming, NVIDIA’s AI-driven DLSS 4.0 is rendering photorealistic worlds in real time, but it’s also sparking debates about accessibility – can every gamer afford the hardware to keep up? The Ethical Quagmire: AI’s Dark Mirror AI’s promise is intoxicating, but its shadow looms large. Deepfakes – once a niche trick – went mainstream in 2024, with AI-generated videos swaying elections in Brazil, and the U.S. The tech’s so convincing that even seasoned fact-checkers are stumped, eroding trust in digital media. In China, AI surveillance is tracking citizens’ every move, raising Orwellian alarms, while in the West, facial recognition controversies – like the U.K.’s scrapped live facial recognition trials – are forcing a reckoning over privacy versus security. Climate tech, too, is a mixed bag. AI models predicting sea level rise are saving lives in the Maldives, but their energy hunger – data centers now consume 4% of global electricity – is accelerating carbon emissions unless paired with renewable grids. And let’s not forget the jobs question – McKinsey predicts 800 million jobs could be automated by 2030, with AI-driven logistics and manufacturing already displacing workers in Detroit and Shenzhen. The tech boom is brilliant, but it’s also brutal. The Human-AI Frontier: Who’s in Control? What’s most mind-bending is how AI is forcing us to redefine ‘intelligence’ itself. In 2025, xAI’s Grok 3, Deepseek and Manus AI aren’t just answering questions – they are sparking philosophical debates, writing poetry, and even advising CEOs on strategy. But as AI creeps into decision-making – think AI judges in Estonia’s courts or AI doctors diagnosing patients in rural India – we’re grappling with a core question: Who’s in the driver’s seat? Humans or machines? Philosophers like Kate Crawford warn we’re sleepwalking into a ‘technological unconscious,’ where AI’s black-box algorithms make life-altering choices we can’t fully understand or audit. Yet, innovators like Demis Hassabis at DeepMind argue AI could solve humanity’s grand challenges –cancer, climate change, even interstellar travel – if we harness it right. The tension is palpable: AI’s a tool, a threat, and a mirror, reflecting our hopes and fears back at us. Start with the numbers – AI investment is forecast to approach $200 billion globally by 2025 (Goldman Sachs). Beijing’s state-backed push has birthed AI-driven surveillance systems so advanced they can predict social unrest by analyzing crowd behavior, while Silicon Valley’s tech giants – Google, Microsoft, and xAI – counter with models like Grok, Deepseek and Manus AI powering everything from chatbots to quantum computing simulations. Meanwhile, Europe’s AI Act, now in full swing, tries to rein in the chaos with strict ethical guidelines, but enforcement feels like a game of whack-a-mole against a flood of innovation. The Road Ahead: A Call to Shape the Future So, where does this leave us? AI’s not slowing down – it’s accelerating, reshaping tech, society, and our very notion of progress. In Japan, AI-powered robots are caring for an aging population, while in South Korea, AI-driven urban planning is reimagining Seoul’s skyline. But the stakes are sky-high – if we don’t address the ethical gaps, digital divides, and job disruptions, we risk a world where AI’s…

Aditya Khemkha In a defining move that signals the rise of a more secure, self-reliant, and quality-assured surveillance ecosystem, the Ministry of Electronics and Information Technology (MeitY) has introduced a new compliance requirement for the CCTV industry in India. As per the official gazette notification dated April 9, 2024, MeitY has made STQC certification mandatory for all CCTV cameras – whether manufactured, imported, or sold across the country. This change falls under the updated Electronics and Information Technology Goods (Compulsory Registration) Order, 2021, and mandates compliance with Essential Requirements (ERs) and BIS certification (IS 13252 Part 1). All non-compliant models will be barred from sale or distribution post April 9, 2025. The decision marks a pivotal shift in India’s approach toward surveillance technology, one that reinforces national security, data privacy, cybersecurity resilience, and consumer trust. Understanding STQC: The new quality gatekeeper for CCTV Standardisation Testing and Quality Certification (STQC) is a set of quality assurance frameworks developed by MeitY. STQC focuses on rigorous technical validation to ensure electronics, especially security and surveillance equipment, meet defined standards of safety, reliability, and performance. It goes beyond functional efficiency and delves deep into the core of cybersecurity, hardware resilience, and data protection protocols. STQC certification for CCTV cameras demands comprehensive testing of encryption mechanisms, firmware integrity, secure communication protocols, and physical robustness, setting a new benchmark for surveillance products in India. Key provisions of the mandate ● Universal Applicability: All analog, IP, and speed dome cameras must obtain STQC certification under IS 13252-1 (IEC 60950-1) standard. ● Cybersecurity by Design: Every certified product must comply with stringent ERs, including:• Secure communication via TLS/ HTTPS. • Enforcement of strong, unique passwords. • Disabling of debugging/ test ports in shipped devices. • Uniformity in firmware versioning and patch management ● Tamper-Resistance & Physical Security: • Devices must feature secure enclosures • Physical ports must be access-controlled or locked • External interfaces must be designed to deter unauthorized access ● Certification Deadline: Effective from April 9, 2025, all non-certified models will: • Be removed from the BIS license databases • Be ineligible for new model approvals • Face prohibition from manufacturing, sales, or imports within India A boost for Atmanirbhar Bharat & indigenous innovation The STQC mandate is not just a regulatory milestone; it is a strategic enabler of India’s ‘Atmanirbhar Bharat’ vision. By enforcing stringent quality and cybersecurity parameters within the national ecosystem, the regulation actively discourages substandard, foreign-dumped products and opens new doors for domestic manufacturers and indigenous innovations. For Indian brands, the path forward is not just about compliance, but about leading with conviction, capability, and country-first commitment. CP PLUS: At the forefront of India’s secure surveillance revolution India’s leading surveillance brand, CP PLUS, has long believed that surveillance is not just about watching –it’s about protecting, preventing, and preserving. With a well-established ecosystem of design, development, and manufacturing facilities in India, CP PLUS is uniquely positioned to meet and exceed STQC standards. Having already invested significantly in R&D, firmware security frameworks, and hardware hardening protocols, CP PLUS is fully equipped to align its product portfolio, including IP cameras, analog cameras, PTZ solutions, and smart edge devices, with the new STQC requirements. From encryption standards embedded into every transmission to physical designs engineered for tamper resistance, CP PLUS products are built with a vision to offer trustworthy, high-integrity surveillance for every Indian household, institution, enterprise, and government body. This proactive compliance readiness, backed by decades of market leadership, positions CP PLUS not just as a manufacturer but as a national partner in security sovereignty. Impact on the surveillance ecosystem The introduction of STQC compliance brings with it significant ramifications, some challenging, but many promising, for the surveillance industry at large: Enhanced Security and Trust: With encrypted data transfers, consistent firmware, and tamper-proof designs becoming mandatory, consumers and institutions can trust their surveillance systems like never before. Operational Challenges for Some Manufacturers: The path to compliance is not without its hurdles. From obtaining testing approvals to updating legacy firmware, and from redesigning physical components to aligning supply chains, the industry must prepare for transformation at all levels. Supply Chain Realignment: Manufacturers relying on imported, non-compliant components may face disruptions. India-based supply chains, however, will benefit from renewed focus and investments. A Rise in Standardization and Benchmarking: The move encourages surveillance systems to be assessed on standardized parameters – enabling fair comparison, consistent performance expectations, and better buyer awareness. The way forward: Standardised, secure & sovereign India’s move to mandate STQC certification for CCTV cameras is more than regulatory enforcement, it is a declaration of security independence and consumer dignity. In an age where surveillance systems can be the first line of defense against everything from local crime to cyber intrusion, ensuring that every device is secure by design is not just prudent, it is essential. By championing this regulation, MeitY has created a model for proactive, pre-emptive cybersecurity governance, one that puts India in the global spotlight as a nation where digital trust is engineered into every device. And with brands like CP PLUS leading the way, the future of surveillance in India looks indigenized, intelligent, and impregnable. Read More

By Milind BorkarMD, Systematica Suyog Security Consultants(Sr. Consultant & Security Expert) As technology evolves very fast from year to year, it becomes a challenging task to determine the requirements to build a secure, robust and almost fool proof system that will fulfill all basic security parameters. These parameters will vary for each new system as the same parameters cannot be applied across the board for all systems. A robust system that meets the security requirements for any new and or green field project, the following points will drive the decision-making process. We will use a CCTV system as an example As one can see there are several factors that influence the decision-making process in building a security system. We will briefly go over each one of them in the following sections Budget and time available As in any and every sphere of life the available budget is the key factor. Based on the available budget and time available, a determined effort needs to be put in place to first build a project specific requirements document. Several trade-offs will need to be considered if the project requirements cost exceeds the available budget. This could be an iterative process that will consume time and money in the planning phase. Each new or green field project or an update/ refresh cycle of an existing deployment must go through this elaboration process to avoid nasty surprises in the implementation/ build phase. Site survey Conducting a site survey is the basis of building a security system. This phase is the most critical where a thorough site survey is conducted to determine security vulnerabilities. Along with this a determination needs to be made as to what other systems are required to complement the main CCTV system. The illustrative airport diagram should give a very good idea of the other security components that need to be explored. Once this information is gathered and documented, then this information becomes the driving force for subsequent phases of the project. We will use the following diagram to highlight all the components that constitute a surveillance/ security system. We have used an airport as a used case. A typical airport is a super-set of any security deployment The best way to illustrate the process of building a security system is through an example. We are using an airport as an example as it has a super-set of inputs that can be applied to any security system design. The following color-coded table is used to distinguish the various inputs/ requirements received from the customer. The following table is a standard template that can be used to capture security requirements. These inputs are used to design the entire security system which can then be used to calculate the cost of the implementation. Using the above inputs from the customer and the respective BOQs for each airport, a complete design can be derived. The following table shows the output of the design process for 24 airports. Each airport has the same security requirements but BOQs are different Once the design is completed to a 90% level of the target specification, the budgetary process can be started. Several vendors, RFQs etc. will be involved to go through an iterative process. This process will vary for each geographical region and must be considered. Without going into the details that vary for different geographical regions the important point to consider is the vendor selection process as it has a significant impact on the quality, robustness and overall cost of the system. Customers desirous of building a security system can engage subject matter experienced consultants who can guide and evaluate all the variables/ entities in the decision-making process. Cost optimization through simulation A security system design, implementation and build out are a complex system with many sub-systems that need to work with each other flawlessly. Every care must be taken in the early phases of the project as many variables are involved which can have a significant impact on the overall cost. One of the ways to help this process is to run a simulation based on the customer inputs. Through experience the ‘SYSTEMATICA SUYOG SECURITY CONSULTANTS’ has determined the following: ● The customer knows what he wants but does not know how to get there. ● Almost all vendors over sell their products and services which do not benefit the customer in any way. ● A consultant is required in all cases to systematically guide and evaluate all the options available to provide the highest performance at the lowest cost to the customer. The SYSTEMATICA SUYOG SECURITY CONSULTANTS provides consulting services through all phases of the project. They have built a proprietary ‘Design Engine’ as well as a proprietary ‘Simulation Engine’ through years of experience dealing with customers and their security requirements. We at SYSTEMATICA SUYOG SECURITY CONSULTANTS always put the customer FIRST and provide professional consultancy services. We will now go through a simulation for one of 24 airports. We will show how our simulator determines the highest performance at the lowest cost. The following graph illustrates this. The X-Axis shows the percentage of cameras running video analytics (VA). The Y-AXIS shows the cost in a standardized format. The DELTA between the lowest cost and the highest cost is 3X. VA stands for Video Analytics; VMS stands for Video Management Software. The GREEN line is the overall COST with the other colored lines that sum up to the overall GREEN line cost. Impact of Cost of Running Video Analytics for 24 airports ● Percentage of cameras running Video Analytics is the only single tactor that influences overall CCTV system design and hence overall Cost. ● Can Apply same Design Template across all airports as far as Video Analytics is concerned. ● Each Airport has unique characteristics because of different BOQ camera quantities and functionality grouping of cameras. ● If one uses a Single Design Template per airport then we run the risk of under served or over served airports unless a thorugh analysis is done….

Prashanth G J, CEO, TechnoBind Solutions Traditional cybersecurity defenses are no longer sufficient in an era where attackers exploit identity vulnerabilities rather than breaching network perimeters. Cybercriminals increasingly rely on stolen credentials, privilege escalation, and social engineering to infiltrate enterprise environments undetected. As organizations embrace digital transformation, securing the identity layer is imperative to building a resilient cybersecurity posture. Enterprises must shift their security focus inward, starting at the identity layer to build a resilient cybersecurity posture. The identity layer: The new frontline of cybersecurity The rise of cloud computing, hybrid work environments, and an increasingly interconnected digital ecosystem has rendered traditional firewalls and network defenses less effective. Attackers are bypassing these barriers through credential theft, phishing, and privilege escalation, gaining unauthorized access to critical business systems. Identity is now the primary attack vector. According to Verizon’s Data Breach Investigations Report nearly 74% of all breaches involved a human element such as stolen credentials, phishing, or social engineering. This statistics underscores the urgent need for enterprises to place identity security at the core of their cybersecurity strategy. Why identity-centric security is non-negotiable 1. Zero Trust Requires Identity Verification The Zero Trust model operates on the principle of ‘never trust, always verify.’ Identity and access management (IAM) is fundamental to this approach, ensuring that only authenticated and authorized users can access sensitive resources. Without strong identity controls, organizations risk unauthorized access and data breaches. 2. Insider Threats and Privilege Misuse: Insider threats – whether malicious or accidental – pose a significant risk. Implementing identity governance solutions helps enterprises monitor and control access permissions, reducing the chances of privilege abuse. The principle of least privilege (PoLP) ensures users have only the access they need to perform their roles. 3. Regulatory Compliance and Risk Management: Data privacy laws like GDPR, CCPA, and India’s DPDP Act mandate stringent identity and access controls. Enterprises failing to implement robust identity security measures face regulatory fines, legal repercussions, and reputational damage. Strong IAM frameworks help businesses remain compliant and mitigate security risks. 4. Phishing and Credential-Based Attacks: Cybercriminals are using advanced social engineering tactics to trick employees into divulging credentials. Multi-factor authentication (MFA) and passwordless authentication methods, such as biometrics and behavioral analytics, significantly reduce the success rate of these attacks by eliminating reliance on static passwords. 5. Cloud and SaaS Expansion: With businesses increasingly adopting cloud and Software-as-a-Service (SaaS) applications, managing access across multiple platforms has become a challenge. Identity as a Service (IDaaS) and Single Sign-On (SSO) solutions streamline access management while enhancing security through centralized control and monitoring. Building a strong identity-centric cybersecurity strategy To transition from perimeter-based security to identity-first security, enterprises should adopt the following best practices: ● Implement Strong Authentication Mechanisms: Enforce MFA, adaptive authentication, and password less login to strengthen identity verification. ● Adopt Identity Governance and Administration (IGA): Continuously monitor and manage user identities, roles, and access privileges to prevent unauthorized access. ● Deploy Privileged Access Management (PAM): Secure privileged accounts and enforce just-in-time (JIT) access to critical systems. ● Utilize AI-Driven Threat Detection: Leverage artificial intelligence and machine learning to detect and respond to anomalous identity behaviors in real time. ● Educate Employees on Identity Security: Conduct regular cybersecurity awareness training to mitigate phishing and social engineering risks. Read More

Dr Rajiv MathurPartner, MIGS Global Consulting Pvt. Ltd. In recent times, the debate around long workweeks has sparked conversations across India. When industry stalwarts like N. R. Narayana Murthy and S. N. Subrahmanyan suggested extended work hours, and Hon’ble Union Minister Piyush Goyal urged startups to aim higher, their words were not meant to be taken literally. Instead, they serve as a clarion call for young entrepreneurs to embrace hard work, innovation, and resilience. Before, we pass our judgement on their statements; let us learn a bit about them: India stands at the cusp of a transformative era. With aspirations to become a $5 trillion economy and the third-largest global power, the road ahead demands more than just effort – it requires vision, determination, and a relentless pursuit of excellence. The spirit of hard work Narayana Murthy’s journey exemplifies the power of perseverance. From humble beginnings, he built Infosys into a global IT giant. His call for a 70-hour workweek is not about overburdening employees but about fostering a culture of dedication and ambition. It’s a reminder that success often demands going the extra mile. Similarly, S. N. Subrahmanyan’s leadership at L&T showcases the importance of pushing boundaries. His advocacy for a 90-hour workweek reflects his own commitment to excellence. Under his guidance, L&T has executed some of the most challenging infrastructure projects, setting new benchmarks for the industry. A vision for the future Minister Piyush Goyal’s recent remarks at the Startup Mahakumbh resonate deeply with India’s entrepreneurial spirit. By urging startups to move beyond grocery delivery apps and focus on high-tech sectors like AI, robotics, and semiconductors, he is challenging the nation to think big. His message is clear – to lead the world, India must innovate and invest in cutting-edge technologies. Goyal’s vision is not about dismissing the achievements of existing startups but about inspiring them to dream bigger. His emphasis on deep-tech innovation aligns with India’s goal of becoming a global leader in technology and sustainability. The path forward The essence of these leaders’ messages lies in their shared belief in India’s potential. They are not advocating for unsustainable work practices but are encouraging a mindset of continuous improvement. Their words are a call to action for young entrepreneurs to rise above complacency and strive for greatness. Narayana Murthy: Known as the ‘Father of the Indian IT Sector,’ Mr. Murthy co-founded Infosys in 1981. Under his leadership, Infosys became a global leader in IT services, pioneering the Global Delivery Model. His vision and ethical leadership have inspired countless entrepreneurs. He has received numerous accolades, including the Padma Vibhushan and the Padma Shri. S. N. Subrahmanyan: As the Chairman and Managing Director of Larsen & Toubro, Mr. Subrahmanyan has been instrumental in transforming L&T into a global engineering and infrastructure powerhouse. With a background in civil engineering and business management, he has led iconic projects like the Statue of Unity and the Ayodhya Ram Mandir. Piyush Goyal: A seasoned politician and Union Minister of Commerce and Industry, Piyush Goyal has played a pivotal role in India’s economic reforms. Known for his strategic vision, he has spearheaded initiatives such as the Production Linked Incentive (PLI) schemes and the Startup India Desk to support entrepreneurs. As India marches towards its ambitious goals, the youth must embrace this spirit of hard work and innovation. The journey to becoming a global powerhouse will not be easy, but with the right mindset, it is achievable. The debate around long workweeks and the push for innovation is not about numbers or hours – it’s about attitude. It’s about believing in the power of dreams and the strength of determination. As Narayana Murthy, S. N. Subrahmanyan, and Piyush Goyal have shown through their own journeys, success is not a destination but a continuous process of growth and learning. How does this represent India’s Private Security Industry? India’s private security sector stands as evidence to resilience, scale, and the indispensable role of human vigilance. Despite the rapid convergence of technology and innovation in recent years, manned guarding continues to dominate the industry landscape, employing nearly 10 million security personnel across the nation. This workforce, operating 24/7, forms the backbone of countless institutions – ensuring safety, order, and peace of mind. Behind the scenes, the operational machinery of the industry is constantly in motion. Security teams – especially on the operations side – often stretch beyond standard work hours, remaining on high alert to swiftly respond to emerging challenges. Their unwavering commitment and agility are vital in an environment where threats can be unpredictable and the margin for error is minimal. Yet, while human presence remains critical, India is also experiencing a remarkable surge in technological innovation in private security. From AI-powered surveillance systems and advanced identity authentication tools to risk intelligence platforms and mobility monitoring solutions, the country is embracing a new era of smart security. What’s particularly notable is that many of these cutting-edge technologies are being developed domestically, signalling India’s growing self-reliance and expertise in this domain. The fusion of manpower and machine is shaping the future of private security in India. With a robust workforce and a burgeoning tech ecosystem, Bharat is not just securing its present – but also redefining how it safeguards its future. India’s Private Security Startups: Challenges and the road ahead India’s security landscape is evolving rapidly, with startups playing a crucial role in strengthening industrial and homeland security. From AI-driven surveillance to autonomous defence systems, Indian innovators are developing cutting-edge solutions to address emerging threats. However, while progress is evident, there are challenges that must be overcome to ensure sustained growth in this sector. The rise of security startups in India India has witnessed a surge in security-focused startups, driven by government initiatives like iDEX (Innovations for Defence Excellence) and the push for Atmanirbhar Bharat. Companies like idea Forge, Optimized Electrotech, Sparsh CCTV, and Big Bang Boom Solutions are pioneering drone technology, AI-powered surveillance, and defence automation. Additionally, cybersecurity startups are addressing vulnerabilities in critical infrastructure, financial…

By Kunwar Vikram Singh,Chairman, CAPSI Introduction In India, the Constitution enshrines the fundamental right to security for every citizen, placing the onus on the government to uphold law and order. The security of citizens is explicitly stated as a fundamental right in the Indian Constitution. It is implicitly covered under the right to life and personal liberty (Article 21) and the right to constitutional remedies (Article 32). The state has a duty to protect citizens from harm and ensure their safety. However, due to various challenges such as inadequate police forces, resource constraints, and rising security threats, the government has increasingly relied on private security agencies to fulfill this critical function. This note examines the role of private security agencies in this context and argues that the government should support them financially, as they effectively act as proxies for state security. Private security agencies as proxy providers The emergence of private security agencies has filled a significant void in the public security framework, particularly in urban areas where crime rates are higher. The Private Security Agencies Regulation Act was enacted to provide a legal framework for these entities, allowing them to operate within a regulated environment while addressing the growing demand for security services. Fulfilling security gaps As the government faces limitations in terms of manpower, funding, and resources, private security agencies play a pivotal role in enhancing safety for individuals and businesses. They not only provide physical security but also contribute to surveillance and risk management, thereby complementing the efforts of public law enforcement. Legitimization through regulation The regulation of private security agencies signifies the government’s acknowledgment of their importance in the security landscape. However, this regulatory framework also implies that the state recognizes these agencies as extensions of its responsibility to secure the populace. Proxy functions and financial responsibility Since private security agencies are effectively performing a proxy role for the government, it raises key questions about accountability and funding: Government responsibility The government is fundamentally responsible for ensuring the safety of its citizens, and when it delegates this function to private entities, it must acknowledge this responsibility financially. The burden of security provision should noat primarily rest on citizens, who are entitled to the fundamental right to security guaranteed by the Constitution. 2. Financial support for private agencies Given that these agencies are performing essential functions traditionally associated with law enforcement, the government should allocate funds to private security firms. This funding can support operational costs, training, and resources needed for effective security provision, ensuring that these agencies can operate efficiently without passing the financial burden onto the citizens. 3. Ensuring access to security By providing financial support to private security agencies, the government can ensure that security services remain accessible and affordable for all citizens especially those living in housing societies. This acknowledgment of the state’s role in bolstering private security efforts is crucial for upholding the spirit of the fundamental right to security. Constituting National Citizens Security Fund We propose that the government consider implementing a structure that encourages or mandates corporations to allocate a portion of their CSR budgets to the National Citizens Security Fund. This fund would be specifically aimed at enhancing public safety infrastructure, community policing initiatives, and other security-related programs that benefit citizens directly including the payment to private security agencies which are providing security to housing societies. Many corporations have significant CSR budgets that are not effectively utilized for pressing social challenges. Redirecting a portion of these funds to national security can enhance their impact and address critical needs. By linking CSR funds to national security, corporations can demonstrate their commitment to societal well-being, which can also enhance their brand image and consumer trust. Funding allocated to local security initiatives can foster stronger community relations, as citizens observe tangible benefits stemming from corporate contributions to their security. Establish guidelines The government should develop clear guidelines outlining how corporations can contribute to the National Citizens Security Fund through their CSR budgets. Awareness campaign A nationwide campaign to educate corporations about the importance of contributing to national security can encourage participation. Monitoring and reporting: Establish a transparent mechanism to track contributions and measure their impact on citizens’ safety, ensuring accountability and encouraging further participation. Conclusion The security of our citizenry is paramount, and it is essential that suggested funding sources are explored to bolster our national security framework. By encouraging corporates to support the National Citizens Security Fund from their CSR allocations, we can create a synergistic approach that not only addresses pressing security challenges but also enhances corporate engagement with communities. The reliance on private security agencies to supplement governmental security efforts highlights a critical intersection between public responsibility and private provision. As these agencies undertake roles traditionally expected from the government, it is necessary for the state to support them financialy. This approach not only alleviates the burden on citizens but also reinforces the government’s commitment to protecting the fundamental right to security enshrined in the Constitution. By recognizing the importance of private security agencies and providing the necessary support, the government can create a more integrated and effective security framework for all. We urge the government to consider this proposal seriously and take proactive measures to facilitate corporate contributions to the National Citizens Security Fund. Read More

Major Sadhna SinghConsultant (Security and Law Division)NITI AAYOG In today’s increasingly interconnected world, the internet is an essential part of daily life, offering numerous opportunities for education, entertainment, and social interaction. However, this digital landscape also poses significant risks, especially for children. As young users navigate online spaces, they are exposed to threats such as cyberbullying, inappropriate content, online predators, and privacy violations. As guardians of the next generation, it is crucial to understand these dangers and take active steps to protect children online. This article explores the importance of online safety for children, the risks they face, and the strategies parents, educators, and policymakers can adopt to create safer online environments. India’s population is characterized by a rich diversity of socio-economic backgrounds, leading to a wide range of devices in use- from advanced, secure electronics to budget-friendly mobile phones. This diversity poses challenges for authorities in establishing uniform legal and technical standards for data protection. Moreover, low levels of digital literacy and awareness further complicate efforts to ensure effective data security across the country The growing presence of children online Children and young people around the world are among the most active users of the Internet and web based services in today’s increasingly connected digital landscape. It is estimated that one in three children globally uses the Internet, meaning that one in three Internet users is under 18 years of age. Young people use the web for a variety of purposes, including accessing educational resources, entertainment, developing digital skills, and maintaining social connections and online identities. However, the widespread availability of online content also exposes children to age-inappropriate material and various online risks. Children are particularly susceptible to abuse and exploitation by cyber-predators and other malicious actors at this young age and in their developmental stage. The COVID-19 pandemic further intensified this challenge. Lockdowns and restrictions on movement made digitalization an urgent necessity, with schools shifting from in-person classes to remote learning through virtual platforms. While this transition ensured continuity in education, it also dehumanized learning environments, disrupted social interactions, and isolated children in the digital space. This surge in digital exposure introduced new risks to their safety, well-being, and mental health. There was steep rise of 32% in cyber-crime against children from 2021 to 2022 as per National Crime Records Bureau official data. Emerging child concerns in this digital era include digital addiction, cyberbullying, exposure to inappropriate content, and the prevalence of Child Sexual Abuse Material (CSAM) online. Additionally, social media platforms, chat rooms, and online games present further threats to children’s security. Often, parents and guardians lack the digital literacy needed to understand and mitigate these risks, leaving children vulnerable to the negative impacts of their online experiences on their mental and emotional health. In today’s increasingly interconnected world, the internet is an essential part of daily life, offering numerous opportunities for education, entertainment, and social interaction. However, this digital landscape also poses significant risks, especially for children. As young users navigate online spaces, they are exposed to threats such as cyberbullying, inappropriate content, online predators, and privacy violations With the widespread availability of smartphones, tablets, and personal computers, children spend increasing amounts of time online. According to recent data, the majority of children are accessing the internet from an early age. Table 1: Trends in children’s Internet isage (2023) AgeGroup AverageHours SpentOnline perDay PercentageOwning aSmartphone Most Common Activities 0-5years 1.5 hours N/A Educationalvideos, games 6-10years 2.5 hours 60% Social media,gaming,videos 11-15years 4 hours 85% Social media,online chats,gaming 16-18years 6 hours 95% Social media,online forums,shopping Source: Child Internet Safety 2023 Report This table demonstrates how internet usage increases with age. However, it also highlights the vulnerability children face as they grow up in a digital world. In addition to spending hours online, children often interact with others across various platforms, which can expose them to new risks. Risks Children Face Online While the internet offers great educational and entertainment value, it also brings a set of significant risks for children. The most common risks include: Cyberbullying Cyberbullying is one of the most prevalent online risks for the young people around the world. It involves the use of digital platforms to harass, threaten, or manipulate others. It is one of the major threats that the children and teens face incessantly via social media sites and video games and can affect young people each time they are exposed to hate speech, violent content including messages that incite self-harm and suicides. Approximately 20 percent children face bullying through social networks and additional 8 percent through the video games chat rooms. Cyberbullying can have severe emotional and psychological impacts on children, leading to issues such as depression, anxiety, and even suicidal ideation. As children become more engaged on social media platforms, the risk of encountering bullying increases. As guardians of the next generation, it is crucial to understand these dangers and take active steps to protect children online. This article explores the importance of online safety for children, the risks they face, and the strategies parents, educators, and policymakers can adopt to create safer online environments Inappropriate content Another significant threat is the exposure to inappropriate or harmful content. With billions of videos and websites available online, it’s not uncommon for children to stumble upon explicit or distressing material, even when browsing innocently. Sometimes under peer pressure, accidental searches or curiosity they stumble upon explicit material on the internet that they should not see at this impressionable age. Online predators The anonymity of the internet creates opportunities for online predators to engage with children. Predators often exploit the vulnerabilities of young children by accessing social networking sites and chat platforms to engage with them, taking advantage of the anonymity, these spaces provide. This can put children at significant risk of abuse, exploitation, and other threats to their safety and security. Additionally, cyberbullying has become a widespread danger on social media platforms, further endangering children’s well-being. Privacy concerns Privacy violations are another critical concern. Many children unknowingly share personal details online,…

Anil PuriCMD, APS Group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri, Chairman & Managing Director (CMD), APS Group is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. Introduction As we stand on the cusp of unprecedented technological transformation, future industries are witnessing a tectonic shift in how business is conceptualized, risk is managed, and leadership is exercised. In this context, Chief Security Officers (CSOs) and Risk Leaders are emerging not merely as custodians of safety and compliance, but as strategic partners in innovation and business evolution. This article delves into the profound expectations placed upon CSOs in this evolving landscape and examines how their empowerment is crucial to aligning security with opportunity across emerging industries such as artificial intelligence (AI), fintech, biotechnology, smart manufacturing, aerospace, and the green economy. As the global industrial landscape transforms at unprecedented speed, driven by disruptive technologies and evolving socio-political dynamics, a silent revolution is underway – reshaping the very fabric of how organizations perceive risk, resilience, and security. Innovation today is not a choice; it is an imperative. But where innovation thrives, so does uncertainty. And in that fragile space between potential and peril, Chief Security Officers (CSOs) and Risk Leaders emerge not just as sentinels of protection, but as strategic enablers of progress. Expectations and Empowerment of Chief Security officers and Risk Leaders in the Journey In the new era of smart manufacturing, autonomous logistics, digital finance, hyper-connected cities, and AI-powered services, the role of the CSO has transcended conventional security paradigms. They are no longer confined to operational silos; instead, they sit at the intersection of innovation, governance, and enterprise value creation. With great opportunity comes heightened expectation – organizations now demand that risk leaders not only anticipate threats but shape pathways for safe, sustainable, and agile innovation. The Future doesn’t belong to those who avoid risk, but to those who know how to master it. That’s the CSO’s new frontier The new paradigm: Innovation-driven risk landscapes The 21st century ushers in a paradigm where innovation itself becomes both the catalyst for growth and the creator of unprecedented risks. As organizations rapidly integrate cutting-edge technologies – ranging from AI and block chain to biotech and quantum computing – their operational environments evolve into dynamic, hyper-connected ecosystems. These ecosystems are, while fertile grounds for exponential value creation are also increasingly vulnerable to novel and unpredictable threats. In this innovation-driven landscape, risk is no longer confined to traditional silos such as physical security, compliance breaches, or financial fraud. Instead, it manifests across converging vectors – ethical, technological, reputational, and systemic. For example: ● AI and machine learning systems can perpetuate algorithmic bias, hallucinate, or make autonomous decisions that carry legal and societal consequences. ● Quantum computing poses existential threats to current encryption standards, potentially rendering today’s cybersecurity protocols obsolete. ● Industrial Internet of Things (IIoT) in smart manufacturing exposes machinery and operational workflows to cyber-physical sabotage. ● Digital assets and decentralized finance (DeFi) platforms challenge regulators and introduce liquidity and custodial risks that bypass conventional risk controls. Where innovation meets opportunity, risk leaders become the navigators – not of danger, but of bold, intelligent growth Thus, the risk landscape is no longer reactive – it is predictive, real-time, and interconnected. CSOs must shift their orientation from reactive gatekeeping to proactive, innovation-aligned security strategy. They must understand emerging tech not just as threats, but as transformative tools to detect, deter, and even displace risk at its inception. This new paradigm requires that CSOs be fluent in technology foresight and lifecycle risk mapping, cross-sectoral threat intelligence analysis, designing adaptive, embedded security frameworks, and driving resilient innovation ecosystems with governance-by-design. In essence, the innovation-driven risk landscape does not merely redefine the threat environment – it redefines the CSO’s purpose. Risk is no longer just something to be avoided; it becomes something to be navigated with precision, vision, and strategic foresight. With innovation driving new business models, security challenges are growing in complexity and scale. For example – AI and machine learning introduce new ethical and operational vulnerabilities, quantum computing disrupts cryptographic protections, smart factories are exposed to industrial cyber-physical threats and digital finance platforms face targeted fraud, identity theft, and systemic risks. Expanding expectations from CSOs in future-driven industries In the wake of accelerated digitization, global volatility, and complex stakeholder ecosystems, the role of Chief Security Officers (CSOs) is undergoing a profound transformation. No longer limited to managing physical threats, compliance obligations, or incident responses, CSOs in future-driven industries are now expected to serve as strategic enablers, systems thinkers, ethical stewards, and transformation catalysts. From operational silos to strategic leadership Future-ready enterprises are integrating security strategy directly into their business DNA. This implies that CSOs must co-create business strategies that are both growth-oriented and risk-conscious, influence product roadmaps, supply chain resilience, and investor risk transparency and shape market-entry strategies in volatile regions through risk modeling and scenario planning. Expectation: CSOs must now operate at the C-suite core, influencing decisions not just reactively, but proactively – and often preemptively. From static protection to dynamic innovation enablement Innovation is not inherently secure, and security is not inherently innovative – but the new CSO must ensure both coexist harmoniously. Future industries demand CSOs who enable agile product development by building ‘security by design’ into every sprint cycle, leverage AI, blockchain, and IoT as not just risk points but risk-solving tools, and architect zero-trust environments that are resilient yet flexible for innovation. Expectation: CSOs are now expected to be innovation accelerators, not brakes – aligning transformation with trust. From physical and cyber risk managers to societal and ethical guardians Technological evolution is outpacing regulatory evolution. In this gap, CSOs are expected to champion ethical risk governance, ensuring that innovation respects privacy, dignity, and…