Technology alone cannot protect organisations; awareness, discipline, and law updates are crucial
As cyberattacks grow increasingly sophisticated and AI-driven, experts warn that technology alone is no longer enough to safeguard organisations and individuals. A combination of vigilance, awareness, and disciplined practices is now crucial to counter evolving digital threats.
Speaking at BW Security Event, Ravleen Kaur, Partner, Cyber and IT Risk, Grant Thornton Bharat, said, “No matter what the size of the company, every organisation today is a potential target.” She noted that technology has outpaced protective systems, with both attackers and defenders increasingly relying on artificial intelligence.
An Enemy With No Face
Anuj Agarwal, Chairman, Centre for Research and Governance on Cyber Law (CRGCL), shared recent cases highlighting the evolving nature of cyber risks. Recounting how hundreds of corporates recently received fraudulent emails mimicking legitimate financial communication, he noted that while no financial loss occurred, “the entire reputation of that organisation was gone.”
He described such faceless, motive-less cyberattacks as a new kind of warfare. “We are facing an enemy not to be seen, not to be felt, with no clear motive. These are the kind of risks we are dealing with today,” he said. Agarwal added that technology alone cannot shield organisations without intent and discipline. “Whether it is corporate or government, do we really want to be safe? We are on a digital highway with no traffic rules,” he remarked, urging self-discipline and awareness over complacency.
Constant Law Updation Needed
From a legal standpoint, Saakshar Duggal, Advocate, Delhi High Court, said India’s cyber laws must evolve as fast as emerging technologies. He noted that while the upcoming Digital India Act is expected to address nuances of AI and data privacy, “constant updation of laws is required.”
However, he added, “It’s not about law alone — humanity itself is not ready for AI. If we do not prioritise our knowledge about it, we might suffer the brunt.” Duggal later highlighted that digital evidence remains a legal grey area, particularly in the age of deepfakes and AI-generated manipulation. “How do you prove if an e-evidence is authentic? And even if you do, can you catch the real culprit?” he asked, adding that awareness and digital hygiene are the “need of the hour.”
Representing the private security industry, Capt. Allroy Collaco, Director (Projects), CAPSI, emphasised the irreplaceable role of human intelligence. “You can give the best of modern weapons to a person, but it’s the man behind the machine who makes the difference,” he said. He stressed simulation-based training, experiential learning, and interdepartmental collaboration within organisations to identify and mitigate cyber risks. “The crooks are already one or two steps ahead of us. Before you form a plan, they have created another risk for you,” he warned.
Digital Hygiene Is the New Cleanliness
Adding an academic lens, Kiran Khatter, Associate Dean, BML Munjal University, urged educational institutions and parents to inculcate “digital hygiene” among children. Drawing an analogy, she said, “Just as we teach kids to wash their hands, we must now teach them to keep their digital space clean.” Khatter proposed a “Digital Swachh Bharat Mission” to promote responsible digital behaviour, awareness of deepfakes, and cyber hygiene. She argued that cybersecurity education should start at the school level, not just in higher education, and that academia and industry must collaborate to prepare the next generation of cyber-literate citizens. “If everyone takes small actions to protect themselves, it will lead to the security of the nation,” she said.
Cybersecurity Is Everyone’s Business
As the discussion concluded at the BW Security Event, Ravleen Kaur summarised the collective sentiment said that the “Cybersecurity is everyone’s business. Thinking it might not happen to me or my organisation is a myth.”
“I have stopped attending many of these because, two days later, people still call saying their private videos leaked despite knowing better. The problem is not lack of information but lack of intent,” Agarwal said on a candid note, sharing his experience.
The session underlined that in an era of invisible adversaries, where threats lurk in emails, apps, and even AI tools, the best defence remains a blend of technology, policy, education, and individual discipline.
