Has The Software Industry Failed At Cybersecurity?
ET Insights, Monday, January 13th, 2025
Data breaches are no longer rare, headline-grabbing events - they've become an unfortunate constant. In 2024 alone, Indians faced a staggering loss of nearly ₹12,000 crore to cyber scams, and India ranks 10th on the World Cybercrimes Index.
The problem is clear: the way the software industry manages Personally Identifiable Information (PII) is flawed, and an overreliance on outdated security practices has turned PII into a digital liability for Indian companies.
The Digital Personal Data Protection (DPDP) Act, whose draft rules were released on 3 January 2025, is a regulation designed to protect the personal data of India's 1.4+ billion citizens. The DPDP Rules introduce strict obligations on businesses to ensure privacy and security, particularly of sensitive data, which is commonly shared and stored across multiple systems, which increases the complexity of securing it effectively.