New Delhi, March 28 As cyber attacks increasingly target critical infrastructure such as healthcare and power grids, the global threat landscape has moved beyond mere data theft to pose direct risks to human lives, a senior cybersecurity expert has said.
Gaurav Shukla, Partner and Leader - Cyber at Deloitte South Asia, noted that the convergence of Information Technology (IT) and Operational Technology (OT) has expanded the attack surface, making sectors like aviation, transport, and public utilities highly vulnerable.
"Over the past two years, we have observed that cyber threats are not limited to IT systems. They are spreading beyond IT systems, and the perpetrators are targeting more of the critical infrastructure... A lot of digital transformation that has taken place in the last few years has expanded the attack surface, and whenever the attack surface increases, it provides more opportunities for attackers to come and cause disruption."
"If you are driving a connected car on a highway at 120 km/h and suddenly find that the steering is no longer under your control, you are not going to be worried about how much money is in your bank account. You are worried about the danger to your life," Shukla said, highlighting that cybersecurity boundaries are now shifting from data security to human safety.
Shukla explained that a cyber attack on a medical device altering patient data could be fatal, while a hack on power generation and transmission components could cause severe national blackouts.
Highlighting the surge of connected devices, Shukla pointed out that the global population of eight billion is currently surrounded by over 30 billion IoT (Internet of Things) sensors, meaning an average human is surrounded by more than 3.5 sensors at any given time.
Speaking on India's digital strides, Shukla stated that the country's Digital Public Infrastructure (DPI), commonly known as India Stack, has reached the world stage and become a global benchmark.
Deloitte is advising about 24 countries to build their own version of India Stack, Shukla said.
However, he cautioned that as DPI expands beyond identity and payments to include education and healthcare, the integration points create new risks.
With DPI accounting for roughly 80 per cent of India's digital payments in January, ensuring its cyber resilience is a matter of national security.
When Artificial Intelligence (AI) is used by attackers, the velocity and expansion of attacks increase. Therefore, continuous testing against supply chain issues and AI-related threats is going to be very crucial, he added.
Drawing a distinction between traditional and digital conflicts, Shukla noted that while kinetic wars are time-bound, cyber warfare is continuous, requiring constant collaboration between enterprises, academia, and the government.
He advocated for introducing cybersecurity and digital ethics into the primary school curriculum.
"Much like you need a language to build a foundation, awareness of cybersecurity and privacy is going to be just as important," he said.