Transcripts from the webinar conducted for CecureUs by Pattathil Dhanya Menon, a Cyber-crime investigator, on the 16th of April, 2021.
In this technology-invaded world, cyberspace occupies a prominent part of the daily life and activities of people. Undoubtedly, right from a toddler to the elderly, exposure to the cyber world has become inevitable for connectivity and knowledge. But does this cyber world promise safety and security at all times? True to the saying that there are two sides to every coin, this fascinating world that bestows wisdom and connectivity upon the human race, making our lives smooth sailing, also comes with its fair share of loopholes, insecurities, and threats. Considering that organizations rely primarily on this internet world for their work, client interactions, branding, promotions, almost everything, does the PoSH law offer safety and security to women against harassment happening online in the workplace?
Cybercrime is an offense created anonymously by any individual in the cyber world with the grab of the internet. Any person who has access to the cyber world must also be aware of this and the necessity for cyber safety and security. Sexual harassment of women over email, text, and other online modes can be tackled under the PoSH law, and awareness about this is vital for the safety and security of women in workplaces.
From a cybercrime investigator’s point of view, Ms. Dhanya Menon mentioned, “We only get to deal with the negatives.”
Negatives are any actions that compromise a user’s safety and security, organizational or personnel human-impacted issues, technology issues, ransoms, children-related cybercrime, trafficking, abduction, hacking, and phishing in the cyber world, etc. Despite technological advancement, the methodology and convention of crimes have not changed much over the recent years. The patterns of these crimes in the world and human intervention remain the same.
In the digital era, privacy must always be a priority for the safety and security of users.
Over the years, cybercrimes have impacted the lives of many. Cybercrimes, apart from compromising the safety of individuals, leave a permanent scar in the minds of the younger generation, especially teenagers, young adults, and those in the IT sector. The key to protecting them is to create awareness of the impacts of cybercrime and the PoSH laws and how to be conscious in their endeavours in the cyber world. We should also sensitize women in the workplace about how PoSH law can also offer safety and security with respect to cyber harassment.
As cybersecurity leaders, we have to create our message of influence because security is a culture, and you need the business to take place and be part of that security culture! – Britney Hommertzheim
Here are the responses of Ms. Dhanya Menon to the audience questionnaire.
Is Public Wi-Fi Safe?
Dhanya: There can be intermediaries present, and hence it is not safe to use public Wi-Fi. Best if we avoid it and create awareness about this.
Any insights into the draft Data Privacy bill in India?
Dhanya: The Data Privacy bill is in the draft stage and is undergoing changes. If and when it becomes an Act, it is expected to be on par with EU GDPR (General Data Protection Regulations)
What should companies do to enhance Cyber Safety?
Dhanya:
- Cyber safety and security awareness sessions play a crucial role. Organizations should get their manpower trained to use technology and create overall awareness about the pros and cons of the cyber world.
- Some companies prohibit technology usage, but they forget to specify and explain the reason for the same. It is cardinal to define and ensure awareness is created and everyone understands the importance of data and cybersecurity.
- Organizations must be protected by all firewalls.
- Awareness about cyber insurance comes in handy to mitigate any legal risks. The companies have to maintain a perfect balance between technical and legal security by availing of cyber insurance. There is always a key to open any lock.
Are there any specific security policies to be adhered to? Are there any Cyber laws that need to be followed by the Companies?
Dhanya:
The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on the 17th of October, 2000. Creating awareness in organizations about the same is vital.
- It is the primary law in India dealing with cybercrime and electronic commerce.
- The Act provides a legal framework for electronic governance by giving recognition to electronic records and digital signatures.
- It also defines cybercrimes and prescribes penalties for them.
- The Act directed the formation of a Controller of Certifying Authorities to regulate the issuance of digital signatures.
- It also established a Cyber Appellate Tribunal to resolve disputes arising from this new law.
- The Act also amended various sections of the Indian Penal Code, 1860, the Indian Evidence Act, 1872, the Banker?s Book Evidence Act, 1891, and the Reserve Bank of India Act, 1934 to make them comply with new technologies.
Every Organization must ensure both employees and the data are secure.
All organizations should spread awareness and abide by the law.
What are all the cyber-crimes that should definitely be reported by organizations?
Dhanya: Any criminal action needs to be reported to the Police, and awareness about the benefits of voicing against a crime will encourage more people to come forward and report incidents. Depending on the case, Police will further route it to the cyber cell for further investigation.
Some women receive a lot of unwanted calls from landlines or untraceable emails. Many prefer to block and ignore. But in some cases, it is someone within their org, which is non-traceable by the IT team. How do we handle such instances?
Dhanya: Awareness is the key to cybersecurity. The employer must be aware of the law. The awareness agenda should be a part of the HR or PoSH IC committee of the company. HR should create awareness so that every employee knows how to report incidents under the PoSH act and deal with any threats or issues. Cases should be reported investigated by the PoSH committee and to the Police for further action.
As individuals, we receive some phone calls or emails that sound so genuine with enticing offers. How do we handle these? Should we report these?
Dhanya: If you receive any phone calls that compromise safety and security, asking for personal data or OTP, consider that call 100% fraud. It is sad to note that awareness about this is limited. Even some bank employees have been victims of such calls, and they end up sharing OTPs, which often results in loss of money.
Where can individuals reach out when faced with issues to complain?
Dhanya: Individuals should report incidents to the nearest Police station and file an FIR without hesitation. If cyber harassment happens in the workplace from colleagues and employees, report the incident to the PoSH committee. It is critical to speak up more about the issue and nab the perpetrator.
What should parents watch out for in their children’s online exposure? Any safety or security tools that can be installed?
Dhanya: The internet allows access to an ocean of information for everyone, including children. Covid19, as a pandemic, has introduced us to a whole new era of virtual communication. It has now created an unwanted addiction to the cyber world for children, teenagers, and adults, in a way, making them all go tech-savvy.
- Teenagers are mostly addicted to social media platforms such as WhatsApp, Facebook, Instagram, and Snapchat, which are easy targets for perpetrators of cybercrime. In some cases, parents cannot keep an eye on teenagers all the time, and due to lack of attention, they have always been an easy target to commence cyber-crime. Awareness is the key in such cases.
- As parents, we should educate our kids about cybercrimes and the importance of cybersecurity in this virtual era. Have more open conversations on this topic with family members to create awareness.
- Awareness could be brought out by primary stakeholders like parents, teachers, school principals, and policymakers.
- Parents need to understand the exposure of technology to their children and choose the apt gadgets for them. If possible, try to limit the access and time to social media.
- Technology and Internet addiction affect the young generation, leading to less physical activity, loss of eyesight, psychological damage, and other mental health issues. Parents have to be vigilant.
- If awareness is not provided at the right time, the consequences can lead to drug abuse, pornography addiction, child trafficking, child abuse, hacking, and other issues that lead to unforeseen consequences; in some cases, even suicide.
Is Cyber Insurance recommended for individuals?
Dhanya: Yes. Cyber insurance comes in handy and is recommended to mitigate risks.
How do we handle ransomware?
Dhanya: Do not ever give into ransoms. There is no guarantee of data recovery. The best is to have backups of your data and reformat your system and install data again.
It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it. – Stephane Nappo
In the wake of the current internet era, everyone needs to be aware of various cyber threats and be prepared for the social traps laid on the internet. Cyber Security awareness offers a ray of hope. If encountered with cybercrime or a threat in the cyber world, awareness helps us understand the correct ways to deal with the same by seeking help at the right time. Cheers!
For more information on Prevention of Sexual Harassment(POSH), EAP (Employee Assistance Programs), D&I (Diversity and Inclusion) offerings by CecureUs , please contact connect@cecureus.com or call us at +91-7200500221
Let us help not just ourselves but also others to not be a victim of a cyber crime.
Very True! Spreading awareness and staying Alert is the key. with so many instances of cyber crime!