Prof. Manjesh K. Hanawal and Prof. Faruk Kazi spoke about the various aspects of cybersecurity on the occasion.
Below are the excerpts of talk by Prof. Manjesh K. Hanawal

Happy Dusshera to all of you!
As per our tradition, we perform Ayudh Pooja during Dusshera. In today’s digital world, cybersecurity tools are our digital weapons. It is therefore apt that we celebrate these digital weapons and raise awareness about using them effectively.

I congratulate MahaCyber for their commendable work in handling cybercrimes efficiently and proactively monitoring attacks while releasing timely threat advisories. The efforts of the Maharashtra government through the MahaCyber program—and similar initiatives by other states—have positioned India among the top-tier countries in cybersecurity infrastructure.

According to a report released by the United Nations, India ranks among the top 10 countries in building and maintaining robust cybersecurity postures. This recognition is primarily due to the strong cybersecurity infrastructure already in place and the initiatives being planned. It reflects that we are moving in the right direction and must continue our efforts with sustained focus and full force.

I would broadly categorize cybersecurity issues into three levels: consumer, enterprise, and national.

At the consumer level, increased digitization has expanded the threat landscape. Our massive digital infrastructures such as UPI and Aadhar are lucrative targets for adversaries and remain under constant attack. Cybersecurity at the consumer level is largely non-technical and depends on awareness programs. MahaCyber is already undertaking significant initiatives in this direction, which should continue—especially educating vulnerable groups such as senior citizens and teenagers.

At the enterprise level, the challenges become more operational. Despite deploying necessary cybersecurity tools, organizations face constant threats such as ransomware and denial-of-service attacks, often exploiting weak links in their supply chain and dependencies on third party vendors. The recent cyberattack on Indian Hospitality Company Limited (IHCL) is an example of such recent attack. Even if one vendor fails to implement proper security measures, attackers can use them as entry points to compromise the entire network.

At the national level, we face technically sophisticated state-sponsored attacks. During Operation Sindoor, there was a surge in cyberattacks by Pakistani groups. The malware used was compiled just days before the attack and specifically targeted government officials. In modern warfare, cyberattacks often mark the first stage of offense—they not only aim to cripple critical infrastructure to bring down out fighting abilities but also influence narratives and public opinion.

Looking ahead, we can take several steps to strengthen India’s cybersecurity ecosystem, with MahaCyber continuing to lead the way. They can curate cyber policies and standard operating procedures (SOPs) based on their experience investigating cybercrimes and incidents. These can serve as templates for other states, reducing response times and improving coordination.

Another key area is the low adoption of cybersecurity policies among enterprises, especially MSMEs, due to the high cost of cybersecurity tools and a shortage of trained manpower. MahaCyber can lead efforts to develop cost-effective cybersecurity tools that are easily accessible, enabling enterprises to comply with security policies and defend against cyberattacks.

IIT Bombay is also making concerted efforts in developing indigenous cybersecurity tools such as Vajra EDR, Vajra Honeypot, and Vajra Sandbox. We can collaborate to build a comprehensive suite of cybersecurity solutions.

I thank MahaCyber for inviting academia to this cyber awareness event.

Thank you all.