In 2021, a major supplier of oil and gas to the American east coast, Colonial Pipeline, was taken offline, after a reported ransomware attack. The 5,500-mile pipeline attack triggered a call for increased regulations to protect and strengthen critical infrastructure against cyberattacks.
Since the incident, there’s been more awareness and willingness to invest in securing critical infrastructure in India, with the much-awaited Cybersecurity Bill 2024 being tabled in the Parliament in March this year.
The Indian government has continuously increased its cybersecurity investment with successive incremental budgetary allotments towards this cause. Three years on, the attack still begs the question: How exposed to attacks is India’s critical infrastructure?
Changing landscape of operational technology (OT)
Traditionally, operational technology (OT) systems were isolated and “air-gapped” from the internet. However, the convergence of IT and OT has led to increased connectivity. The Colonial Pipeline attack exploited this connectivity, highlighting the need for robust security protocols. India’s critical infrastructure sectors (energy, transportation, and water supply) must assess their OT networks and implement necessary safeguards.
Compliance vs. security
While regulatory compliance provides a baseline, it alone is insufficient. Organizations should move beyond compliance and adopt a risk-based approach. Regular security assessments, vulnerability scans, and penetration testing are crucial. India’s proposed Cybersecurity Bill 2024 emphasizes the importance of proactive security measures.
Investment in cybersecurity
India must allocate adequate resources to strengthen its critical infrastructure cybersecurity. Budgetary provisions should cover training, threat intelligence, incident response, and technology upgrades. Collaborating with international partners and adopting best practices can enhance India’s cyber resilience.
Recommendations for India
The Colonial Pipeline incident demonstrated that critical infrastructure is becoming a significant issue in cybersecurity and that businesses must constantly be ready. This incident, one of the most disruptive attacks in history, forever altered the cybersecurity environment, paving the way for increased discussions about OT security among the general public, government officials, and the cybersecurity sector. It sparked a trend, pressing the public sector to be more proactive and invest more in operational technology security.
As a result, legislators and politicians are looking for measures to improve regulations to strengthen cyber defenses. More importantly, the attack emphasizes the importance of a comprehensive risk management approach and understanding the trajectory of where we want to be in terms of cyber security in ten years. With OT at the center of the discourse, strengthening our cyber defenses is more important than ever.
