Cyber Security Take-aways from Guwahati ITMS Project in Cyber Security Awareness Month

Originating in the US in 2004, Cybersecurity Awareness Month in October has since been adopted globally including in India to create much-needed awareness as threats to critical and confidential data increase in methods and effectiveness. A hacktivist group, Mysterious Team Bangladesh (MT), targeting Indian government websites and servers has been identified which used DDoS (Distributed Denial of Service) attacks against domains and subdomains of several state governments. Websites belonging to the governments of multiple states across India including Assam were affected. The ransomware attack on Oil India in Assam few months was by far one of the most serious incident and operations of Oil India came to a halt for almost a week.

Cyber Security, which was earlier the responsibility and expertise of the Information Technology Departments of the state only with the Police Departments gradually building teeth to fight cyber crimes over the years, it is now high time that other state government departments also start taking ownership of securing their infrastructure and citizen service delivery platforms.

Guwahati Smart City Limited (GSCL) guided by Assam Police has shown that any technology roll-out involving public services to citizens should not ignore the reality of the threat posed by cyber attackers and take at least the minimum necessary steps in securing their network and data. While Guwahati was late in joining the rest of the cities in India, the city chose reliable technologies tested and proven across the country, and Guwahati Smart City Limited is adding capabilities to the Integrated Command and Control Room which is in the same building that has the offices of the DCP, Central of Assam Police. Field teams of Technosys Security Systems Pvt. Ltd., the Master System Integrator chosen for the project can be spotted regularly working at the different junctions of the city installing cameras, traffic lights, and network equipment.

Visibility of the network is the Key

Readiness for cyber security starts with network visibility. With large and complex networks which include cloud as well as on-premise, visibility is important to observe the traffic data, recognize anomalies, and take actions proactively. GSCL is deploying solution from NMS from Motadata, a company based out of Ahmedabad, Gujarat. Mr. Mitul Modesara,  Business Head at Motadata advised that government departments should stop managing their networks with free network visibility tools and consider the business insights and advanced analytics offered by professional network and enterprise management platforms, especially in hybrid networks involving both cloud and on-premises infrastructure and spread across multiple locations. Also, enterprise grade NMS platforms also offer additional features like SLA Management, Patch Management which ensure network up-time and security as well.”

Adopt cloud as it is not just more secure but greener too

As a smart move, the entire compute and storage infrastructure for the traffic management project being deployed by GSCL for the city of Guwahati is cloud-based. As part of the Digital India drive, the Ministry of Electronics and Information Technology, Govt. of India has rolled out guidelines to utilize and harness the benefits of Cloud Computing for both central and state government departments. As part of the contract awarded by GSCL, Technosys Security Systems has selected CtrlS Datacenters which is a MeitY empanelled Cloud Service Provider. It is also encouraging that Hyderabad-headquartered CtrlS is investing in Assam setting up its datacenter in Guwahati to be spread over three acres and will have an initial capacity of around 1,000 racks which will be expanded to house more than 2,000 racks shortly

Compared to departmental setups, cloud service providers empanelled by MeitY are subject to periodic audits to ensure compliance with security requirements and service level agreements (SLA). Adopting cloud services at the department level ensures purpose-defined deployment of resources on infrastructure saving money and also is good for the planet. Cloud services also have been made available on the Government e-Marketplace (GeM) platform under the Professional Services –>> IT Services category.

Securing access level network and endpoints are vital

While most departments consider network security solutions at the data center level, the edge level devices like client workstations and the field network equipment are often neglected. While the head officesMr. Sourish Dey, Director at Trisim Global Solutions who are providing cyber security solutions for the Guwahati ITMS Project said “It is well accepted that the network is as secure as it’s weakest link which often is the part located outside the data center environment. GSCL understood the same and is deploying security technology that is able to secure the SDWAN data to and from the SDWAN edge device placed at Traffic Aggregation points.” Legacy signature-based anti-virus which currently serves as the only defense mechanism in most government branch offices today has proven to be inadequate. Sourish Dey added that “ Cloud-based anti-virus and endpoint security solutions which can be deployed fast along with Next Generation Firewalls with that includes application control and IPS protection should be considered at the field offices to provide secure internet traffic branch to branch as well as between branches and data centers, headquarters, or remote employees.” Keeping data secure in transit and ensuring proper access control is critical to protecting an organization as a whole.

Integrated platform for managing cyber security alerts and events is a necessity

Security Information and Event Management (SIEM) gives a bird’s eye view of the cyber security infrastructure of an organization. Guwahati ITMS Project RFP had specified that the “SIEM and Forensics Platform is required for complete visibility to identify and investigate attacks, the ability to detect and analyze even the most advanced of attacks before they can impact critical data, and the tools to take targeted action on the most important incidents. It is a sophisticated tool that provides analysis and workflow, correlation, normalization, aggregation, and reporting, as well as log management.“ SIEM not only ensures that departments can comply with mandatory cyber security guidelines like the CERT-In mandatory requirement of ICT log retention for at least 180 days but also analyzes the logs for threat detection.  Mr. Shaunak Modi, Director at Cyber Security consultancy startup Trixter Cyber Solutions said “ Government organizations need a SIEM solution to monitor their IT systems and report suspicious activities as the amount of data generated nowadays is too much to handle manually. A capable SIEM platform handles thousands of event sources, and filters through all the data to prioritize security issue alerts, making security more manageable.”

Regular Cyber Security Audits are necessary

Government departments are encouraged for regular cyber security audits as it ensures a 360-degree in-depth audit of an organization’s security postures. CERT-In maintains a list of empanelled auditors who are tested for their technical knowledge and skill to perform an Information security audit. The certification process involves an online practical test and conducting real-world Vulnerability Assessment and Penetration Testing on a web server hosted by CERT-In. GSCL has ensured that Cyber Security audits of the network and applications are stressed and conducted at regular intervals to ensure vulnerabilities are detected, and patched.

The government agencies across departments and units at the state level too have realized that making cybersecurity the cornerstone of its approach to all its traditional functions is paramount as each and every sector in the country is vulnerable to cyber attacks, be it in the form of the increased ransomware attack or the denial of service hits. It is time that case studies like the ITMS project being deployed by Guwahati Smart City Limited and best practises shared for other departments to build upon.