Hyderabad, 7th October 2023….. Telangana Police with support from Industry and Academia launched the Law Enforcement CISO (Chief Information Security Officers) Council, a first-of-its-kind initiative in India.

DGP of Telangana State Anjani Kumar, Principal Secretary Jayesh Ranjan unveiled it amidst the presence of Commissioner of Cyberabad, Stephen Raveendra; SCSC Secretary Ramesh Kaza and Industry stalwarts in a function held at Cyberabad Police Commissionerate on Saturday late evening.

Addressing the gathering immediately after the launch, the Director General of Police, Govt of Telangana, Anjani Kumar said those who handle the subject take it casually.  It is not just the case of  Police but in every other profession as well. He narrated an example of a colleague who upon returning from a Seminar on Cyber Security, sought his help as he fell victim to a cyber fraud and lost INR 5 lakh.  The senior police officer also cited another example of how 20,000 women died in a country over a period of 20 years due to the unmindful and casualness of doctors.   They found that too after 20 years, a simple cause for the death of so many mothers.  The same doctors who performed postmortems also performed deliveries and used the same contaminated tools.  With these two examples, Anjani Kumar made a point that it doesn’t matter how big an expert you are but your casual approach may lead to trouble.

Speaking further he said, Telangana is called bright star in the country.  It is a home to implement many firsts in the country. And CISO Council is one such example.

Cyberabad Police created a history of sorts by getting Rs 2.2 crore returned to the cyber fraud victims.  The police have successfully managed to pass through all hurdles and get the lost money back fast. He appreciated the Cyberabad Police for this achievement.  They must develop SOP(Standard Operating Protocols) to help others, replicate it and successfully navigate the journey.

DGP Anjani Kumar talked about two bright starts in the hall and one of them was Stephen Raveendra.  The DGP appreciated him for the remarkable work done and for setting up an example in managing to bring syphoned money back in cyber fraud case. Another star he mentioned was Jayesh Ranjan.  Speaking about him, Anjani Kumar said, Jayesh Rajan upgrades himself (in terms of updating developments in his domain of specialization) faster than Apple upgrades its different series of phones.

Telangana has managed to stand where it is because of collective efforts.  There are many Industry professionals who possess domain knowledge more than police, he added  

Definition of the crime is changing fast.  There is no jurisdiction in cybercrimes.  This now poses a lot of challenges for police.

Anjani Kumar expressed his concern at the rate at which cybercrimes are on the rise.  As my earlier speaker pointed out, $8 trillion will be lost to cybercrimes by the end of 2023, which is almost a third of the USA's GDP in 2022 and twice as much as India's predicted GDP in this year, he said.

Jayesh Ranjan said India’s First Law Enforcement CISO Council is a beacon of Cyber Security in Telangana.  The initiative is the best example of the PPP model, that we often keep talking about. Cyber Security breaches are multiplying and will grow by leaps and bounds when the next billion internet users start going digital.  The enterprises are also going to be at risk.

He gave an example of his meeting Ajay Banga formerly with Master Cards, who upon asked by him in a meeting in New York some time ago on a visit to the USA said, that the company was subjected to 10,000 cyber-attacks on a good day and the number would go to 30,000 on a bad day. Individuals or enterprises, no one is an exception to cyber threats and frauds, he added.

The good thing about the new initiative Rajan said was to share intelligence.  If you become a victim of cyber fraud and suffer, you must see that the other 20 are saved from falling prey to such attacks. But in reality, that is not happening.

Jayesh Ranjan offered a few suggestions.  He asked the team of the CISO council to work with the IT Department of Telangana and a few centers of excellence in the state such as SOC—Security Operations Center; Cyber Security Center of Excellence, Data Security Council of India and the Computer Emergency Response Team (CERT). Also, he asked them to work with startups as they are known for innovative and agile thinking and tools development; and ethical hackers.  He also told them to take the help of the IT Department of Telangana to forge international associations.

Giving his opening remarks Stephen Raveendra, Commissioner of Police, Cyberabad said with a 300% surge in cyber incidents over the past year, we need to defend our digital space, Government organizations, Critical Infrastructure, and Industry including vulnerable MSMEs which are repeatedly besieged by threats and are ill-equipped to handle compared to their larger multinational counterparts. The recent targeted attacks on Govt and Critical infrastructure institutions during the G20 event in Delhi highlight the imminent need to institutionalize the fight against cyber threats.

Every Cyber Security breach has an element of Criminality in it and every Cyber attack has an element of cybercrime in it. Law Enforcement CISO Council is the way forward.

What does this means is Reduced Attack Surface, Enhanced Resilience, Real-time Threat Intelligence, Legal and Regulatory Guidance, Opportunities for Public-Private Partnerships and, A Platform for Networking and Learning among several other outcomes, he added.

Ramesh Kaza, Secretary of SCSC said human-updated ransomware attacks are up more than 200%. There is a notable increase in the number of password-based attacks, the numbers skyrocketed in 2023 with a ten fold increase.  In the year 2023, approximately 1,56,000 daily BEC (Business Email Compromise) attempts were observed.  Attacks targeting open-source software have grown on average 742%.  Gartner Analysts predicted that over the next two years, 45% of global organizations will be impacted by a supply chain attack. 57% of IoT/OT devices are on legacy firmware which is exploitable

A couple of CISO industry stalwarts Sindhu Sridhar, and Suvabratha Sinha also spoke on the occasion.

Abhishek Kumar, Director of Governance, Principal Group Manager, Microsoft said that they would bring the full force and were happy to contribute to enabling the collective experience of decades.

Ramesh Ganesh, Director of Technical of CoE and CyberEye said that the team would work on how to contain, reduce and mitigate Cyber Attacks.

Several industry stalwarts and corporate executives, CISOs attended the launch.