How Breach Underreporting Hurts Crime-Fighting Efforts

Dr. Muktesh Chander, Director General of Goa Police, Calls for Notification Mandate

Massive underreporting of cybercrime in India is making it very difficult for law enforcement officials to track trends and hindering crime-fighting efforts, says Dr. Muktesh Chander, director general of police for the state of Goa.

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

"Burying anything under the carpet doesn't help," Chandler says, pointing out that many organizations fail to report breaches and other cybercrimes to the police or other agencies out of fear that it will damage their reputations.

Statistics from the National Crime Records Bureau show there were about 7,000 registered cases of cybercrime in 2014, but during the same period, CERT-In reported it handled more than 130,000 cyber incidents, Chander points out in a video interview at Information Security Media Group's recent GovInfoSec Summit in New Delhi. "Even if a large fraction of this number are cases are trivial in nature, a good number should qualify as a cybercrime offense under the IT Act of India, and these cases should have been registered with the police," he says.

Chander argues that it's urgent that India mandate the reporting of all data breaches so that the police can get a better picture of the cybercrime landscape, devise appropriate strategies and push for the allocation of resources and capacity to help crack down on cybercrime.

Unless cybercrime is properly reported, Chander says, "law enforcement will never know the full extent of the spread of cybercrime in India. Even if it is reported, there is no guarantee today that the police can solve the crime. However, at least the data builds up and we will know what type of crimes are taking place and from where. And then some kind of strategy can be formed to deal with it."

In this exclusive video interview, Chander discusses:

  • The challenges in tracking cybercrime statistics in India;
  • The difficulties law enforcement faces in investigating cybercrimes;
  • The urgent need for better breach reporting.

Chander director general of police for the Indian state of Goa, is a 1988 batch officer in the Indian Police Service and he also served at the Centre Director Cyber Division at the National Critical Information Infrastructure Protection Centre under the National Technical Research Organization. He was selected as a United Nations police observer and has monitored, trained and advised police in Bosnia and Herzegovina. He holds a law degree from Delhi University, and a Ph.D. in information security management from I.I.T., Delhi. Chander was awarded the President's Police Medal for meritorious service and the President's Police Medal for distinguished service.


About the Author

Varun Haran

Varun Haran

Associate Editor, ISMG

Haran has been a technology journalist in the Indian market for over six years, covering the enterprise technology segment and specializing in information security. He has driven multiple industry events such as the India Computer Security Conferences (ICSC) and the first edition of the Ground Zero Summit 2013 during his stint at UBM. Prior to joining ISMG, Haran was first a reporter with TechTarget writing for SearchSecurity and SearchCIO; and later, correspondent with InformationWeek, where he covered enterprise technology-related topics for the CIO and IT practitioner.




Around the Network