#FactCheck - Indian Men’s 4x400m Relay Team’s Record-Breaking Achievement in August 2023 Misrepresented as Recent Event

Introduction

‍

With the advent of cloud computing, new information and asset delivery avenues have become possible, including Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. With this change, the conventional paradigm of "computer as a product" is replaced with "computing as a service," which is provided to customers via the internet by big data warehouses or the cloud. Additionally, it has brought about an essential shift in how organisations function, allowing them to access computer tools and services online instead of needing to construct and manage their IT systems. As a result, organizations are now more agile, scalable, and efficient and can react swiftly to shifting consumer demands and market situations.

The Growth of Remote and Hybrid Workspaces

‍

Hybrid and remote workplaces are becoming more popular post-pandemic era. Many businesses have used regional workplace solutions to manage a more scattered workforce. IT departments are put in a difficult position since they have to make sure that branch office staff and remote workers can access the information they require safely and dependably. VPNs and Direct Internet Access links are becoming more and more popular, thus IT professionals are coming up with innovative ways for connecting distant locations to the main office while protecting the confidentiality of information.

User Portability

‍The widespread use of mobile devices for work, along with the growing Bring Your Own Device (BYOD) culture, has significantly contributed to the rise of remote work and flexible work environments. Employees can now connect to corporate systems using either personal or company-issued devices through secure methods such as Virtual Private Networks (VPNs) or cloud-based platforms. This has made teleworking, work-from-home setups, and flexible work hours increasingly common and practical, allowing for greater productivity and work-life balance.

Growing Volume of Traffic

‍

Professionals in the modern workplace must have access to private apps stored in a data centre or a multi-cloud setup. Nevertheless, these programs might not always be easily accessible from branch offices or by remote workers and staff members might not have instant support for IT. Organizations must discover solutions to this problem so that remote workers may consistently and dependably access company resources while also making the most of their current assets. It is important to note that employees need reliable and secure ways to access their work tools from anywhere, just like they would in the office.

Battling Networking and Security Issues in a Post-Pandemic Setting

‍

While many businesses have successfully adopted a cloud-first approach for new system implementations or have deployed specific Software-as-a-Service (SaaS) solutions, many are still struggling to fully reap the benefits of moving most or all of their business software to the cloud.

‍

• Conventional IT frameworks allowed for the creation of the present company applications. Because of this, these applications are frequently inflexible and configured for fixed capacity across a limited number of data facilities. Certain organizations could lack the elements required to oversee an entire cloud migration. This could be the result of things like an affinity for on-premises systems, aversion to alteration, or a lack of experience with cloud systems. 
• Although cloud computing might be a cost-effective solution for some workloads, it might not be the best choice overall. Running certain applications in a combination of cloud services or on-premises may be more cost-effective. 
• Particularly if they are regionally distributed, workloads requiring high connection speeds or low latency may not be ideal for cloud computing.
• If a corporation lacks authority over the servers in the cloud, it may be concerned about the integrity of its data stored there. Consequently, they would rather keep it inside their data facilities.
• Firms may be restricted in their ability to migrate some types of information to the cloud by legal or compliance regulations. 

Networking and Cybersecurity Consolidation: Handling Present Risks

‍

In the past, protecting a network required establishing boundaries and keeping an eye on communication between recognized devices. However, it is now required for a network's components to work together as a cohesive system due to shifting expectations. To do this, flexible network pieces must be able to communicate with one another while also protecting workflows, apps, and payments that move across different devices. The current problem is to effortlessly combine security with network capabilities and connection so that data can flow between constantly moving devices while being inspected, encrypted, and subject to regulation.

Infrastructure and security personnel must update their methods and equipment to better meet these constraints to deliver reliable, efficient, and trustworthy access across users, apps, and regions within an enterprise. Inevitably, networking and safety will eventually merge for improved organizational alignment.

Businesses may stay ahead of the competition in attracting top people in an increasingly diverse and cost-effective workplace by integrating a virtual and physical workforce. The future of security solutions lies in consolidation and platformisation; a cloud-centric Secure Access Service Edge (SASE) the capacity offering paired with network edge capabilities like secured Software-Defined Wide Area Network (SD-WAN) can improve and automate the safety measures of the company while also cutting down on the complexity and expense of managing disparate point remedies.

Safe Networking: Moving Towards This Phenomenon and Concentration of Cybersecurity

‍

Companies relying on conventional networking models often face challenges in securing modern elements, such as cloud-based applications, remote users, mobile devices, and distributed locations, because traditional networks were not designed with these factors in mind. A robust networking strategy integrates both safety and networking into one system to get around these problems. It enhances security posture and network performance. It improves the user's experience and lessens the complexities of management. It is important to combine point product providers into a risk management platform rather than implementing safety measures one at a time. Tighter cooperation, greater efficiency, and a quicker, better-coordinated reaction to network threats are made possible by this.

SASE: A Coordinated Method

‍

Secure Access Service Edge (SASE) is a cloud-based architecture that offers security and networking solutions as needed and unites all edges into a single logical connection.

SASE drivers

‍

Conventional safety measures are ill-suited to deal with the more dispersed and complicated IT environment brought about by the advent of the Internet of Things, edge computing, and telecommuting. Using SASE, security and network services may be accessed from the cloud, eliminating the need to backhaul traffic to a single data centre for safety assessment.

‍

• Distant user traffic assessment and blind spots presented difficulties for companies.
• Full oversight over hybrid network operations is provided by SASE technology, which provides network services including FWaaS, SWG, DLP, and CASB.
• Issues around abnormal port usage and policy violations have arisen as more customers access SaaS apps from different gadgets and regions.
• SASE technology reduces the cost of hiring IT staff by combining safe access to resources from one supplier.
• SASE technology consolidates secure accessibility capabilities from one vendor, hence lowering the cost of hiring IT workers.
• One major benefit of SASE technology is its ease of administration. Even when overseeing multiple offices inside a corporate network, the IT department's job is minimized because a single cloud-based administrator manages the entire system.

Recommendations

‍

• For high-risk use cases, consider utilizing Zero Trust Network Access to supplement or replace the outdated VPN for distant users.
• Take inventory of the gear and agreements in order to progressively replace the branch and perimeter hardware on-site over a few years in favour of delivering SASE functionalities via the cloud.
• Simplify and cut expenses by grouping suppliers when VPN, CASB, and encrypted web portal agreements are up for renewal. Profit from a market that has come together and integrated these security edge services.
• Limit SASE products to a couple of partnering companies.
• Irrespective of location, integrate Zero Trust Network Access (ZTNA) and methods of authorization (such as MFA) for every client, including those in the workplace or branch.
• To meet security and regulatory requirements, select SASE products that provide you control over where inspection takes place, how traffic is directed, what is recorded, and where records are kept.

Conclusion

‍

The development of cloud technology, the rise of offsite and hybrid workplaces, and the increased challenges in communication and privacy following the pandemic highlight the necessity for a comprehensive and integrated strategy. By adopting SASE (Secure Access Service Edge), a cloud-centric framework that enables secure connectivity across diverse environments, businesses can enhance cybersecurity, streamline operations, and adapt to the evolving needs of modern workplaces. This approach ultimately contributes to a safer and more efficient future for information architecture.

References

‍

• https://www.dsci.in/files/content/knowledge-centre/2023/DSCI-Fortinet%20POV%20Paper.pdf
• https://www.datacenterknowledge.com/cloud/cloud-trends-and-cybersecurity-challenges-navigating-future
• https://banagevikas.medium.com/cybersecurity-trends-2024-navigating-the-future-10383ec10efe

Authors:

‍

Soumya Gangele (Intern - Tech & Policy), CyberPeace

Neeraj Soni (Sr. Researcher), CyberPeace

‍

What are Decentralised Autonomous Organizations (DAOs)?

A Decentralised Autonomous Organisation or a DAO, is a unique take on democracy on the blockchain. It is a set of rules encoded into a self-executing contract (also known as a smart contract) that operates autonomously on a blockchain system. A DAO imitates a traditional company, although, in its more literal sense, it is a contractually created entity. In theory, DAOs have no centralised authority in making decisions for the system; it is a communally run system whereby all decisions (be it for internal governance or for the development of the blockchain system) are voted upon by the community members. DAOs are primarily characterised by a decentralised form of operation, where there is no one entity, group or individual running the system. They are self-sustaining entities, having their own currency, economy and even governance, that do not depend on a group of individuals to operate. Blockchain systems, especially DAOs are characterised by pure autonomy created to evade external coercion or manipulation from sovereign powers. DAOs follow a mutually created, agreed set of rules created by the community, that dictates all actions, activities, and participation in the system’s governance. There may also be provisions that regulate the decision-making power of the community.

Ethereum’s DAO’s White Paper described DAO as “The first implementation of a [DAO Entity] code to automate organisational governance and decision making.” Can be used by individuals working together collaboratively outside of a traditional corporate form.  It can also be used by a registered corporate entity to automate formal governance rules contained in corporate bylaws or imposed by law.”  The referred white paper proposes an entity that would use smart contracts to solve governance issues inherent in traditional corporations.  DAOs attempt to redesign corporate governance with blockchain such that contractual terms are “formalised, automated and enforced using software.”

Cybersecurity threats under DAOs

While DAOs offer increased transparency and efficiency, they are not immune to cybersecurity threats. Cybersecurity risks in DAO, primarily in governance, stem from vulnerabilities in the underlying blockchain technology and the DAO's smart contracts. Smart contract exploits, code vulnerabilities, and weaknesses in the underlying blockchain protocol can be exploited by malicious actors, leading to unauthorised access, fund manipulations, or disruptions in the governance process. Additionally, DAOs may face challenges related to phishing attacks, where individuals are tricked into revealing sensitive information, such as private keys, compromising the integrity of the governance structure. As DAOs continue to evolve, addressing and mitigating cybersecurity threats is crucial to ensuring the trust and reliability of decentralised governance mechanisms.

Centralisation/Concentration of Power

DAOs today actively try to leverage on-chain governance, where any governance votes or transactions are directly taken on the blockchain. But such governance is often plutocratic in nature, where the wealthy hold influences, rather than democracies, since those who possess the requisite number of tokens are only allowed to vote and each token staked implies that many numbers of votes emerge from the same individual. This concentration of power in the hands of “whales” often creates disadvantages for the newer entrants into the system who may have an in-depth background but lack the funds to cast a vote. Voting, presently in the blockchain sphere, lacks the requisite concept of “one man, one vote” which is critical in democratic societies.

Smart contract vulnerabilities and external threats

Smart contracts, self-executing pieces of code on a blockchain, are integral to decentralised applications and platforms. Despite their potential, smart contracts are susceptible to various vulnerabilities such as coding errors, where mistakes in the code can lead to funds being locked or released erroneously. Some of them have been mentioned as follows;

Smart Contracts are most prone to re-entrance attacks whereby an untrusted external code is allowed to be executed in a smart contract. This scenario occurs when a smart contract invokes an external contract, and the external contract subsequently re-invokes the initial contract. This sequence of events can lead to an infinite loop, and a reentrancy attack is a tactic exploiting this vulnerability in a smart contract. It enables an attacker to repeatedly invoke a function within the contract, potentially creating an endless loop and gaining unauthorised access to funds.

Additionally, smart contracts are also prone to oracle problems. Oracles refer to third-party services or mechanisms that provide smart contracts with real-world data. Since smart contracts on blockchain networks operate in a decentralised, isolated environment, they do not have direct access to external information, such as market prices, weather conditions, or sports scores. Oracles bridge this gap by acting as intermediaries, fetching and delivering off-chain data to smart contracts, enabling them to execute based on real-world conditions. The oracle problem within blockchain pertains to the difficulty of securely incorporating external data into smart contracts. The reliability of external data poses a potential vulnerability, as oracles may be manipulated or provide inaccurate information. This challenge jeopardises the credibility of blockchain applications that rely on precise and timely external data.

Sybil Attack: A Sybil attack involves a single node managing multiple active fake identities, known as Sybil identities, concurrently within a peer-to-peer network. The objective of such an attack is to weaken the authority or influence within a trustworthy system by acquiring the majority of control in the network. The fake identities are utilised to establish and exert this influence. A successful Sybil attack allows threat actors to perform unauthorised actions in the system.

Distributed Denial of Service Attacks: A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the regular functioning of a network, service, or website by overwhelming it with a flood of traffic. In a typical DDoS attack, multiple compromised computers or devices, often part of a botnet (a network of infected machines controlled by a single entity), are used to generate a massive volume of requests or data traffic. The targeted system becomes unable to respond to legitimate user requests due to the excessive traffic, leading to a denial of service.

Conclusion

Decentralised Autonomous Organisations (DAOs) represent a pioneering approach to governance on the blockchain, relying on smart contracts and community-driven decision-making. Despite their potential for increased transparency and efficiency, DAOs are not immune to cybersecurity threats. Vulnerabilities in smart contracts, such as reentrancy attacks and oracle problems, pose significant risks, and the concentration of voting power among wealthy token holders raises concerns about democratic principles. As DAOs continue to evolve, addressing these challenges is essential to ensuring the resilience and trustworthiness of decentralised governance mechanisms. Efforts to enhance security measures, promote inclusivity, and refine governance models will be crucial in establishing DAOs as robust and reliable entities in the broader landscape of blockchain technology.

References:

‍https://www.imperva.com/learn/application-security/sybil-attack/

‍https://www.tripwire.com/state-of-security/blockchain-security-understanding-vulnerabilities-and-mitigating-risks

‍https://medium.com/@RedStone_Finance/the-oracle-problem-and-its-implications-for-blockchains-c0c0ad9cf5a7

‍https://www.linkedin.com/posts/satish-kulkarni-bb96193_what-are-cybersecurity-risk-to-dao-and-how-activity-7048286955645677568-B3pV/ https://www.geeksforgeeks.org/what-is-ddosdistributed-denial-of-service/ Report of Investigation Pursuant to Section 21 (a) of the Securities Exchange Act of 1934: The DAO, Securities and Exchange Board, Release No. 81207/ July 25, 2017

‍https://www.sec.gov/litigation/investreport/34-81207.pdf https://www.legalserviceindia.com/legal/article-10921-blockchain-based-decentralized-autonomous-organizations-daos-.html

Introduction

National AVGC-XR stands for National Animation, Visual Effects, Gaming, Comics, and Extended Reality. On 21 Aug 2024 Shri Sanjay Jaju, Secretary, Ministry of Information and Broadcasting, Speaking at the 5th Global AVGC and Immersive Media Summit 2024,  announced that the National AVGC-XR Policy will be implemented soon. National AVGC-XR policy aims to facilitate investment, foster innovation, ensure skill development, protect intellectual property and help build world-class infrastructure. Additionally, Atul Kumar Tiwari, Secretary of Ministry of Skills and Entrepreneurship, said that the Centre's decision to revamp 1,000 ITIs is pivotal in aligning workforce skills with AVGC industry needs. He called for enhanced intellectual property rights to retain talent and content in India.

Key Highlights of National AVGC-XR Policy 

• The policy will be implemented in conjunction with the National AVGC-XR Mission to improve India's AVGC sectors through infrastructure development, skill enhancement, innovation, and regulatory support.
• The policy aims to improve India's international competitiveness in the AVGC industry, specifically by supporting the creation of unique intellectual properties (IPs) that can gain worldwide acclaim.
• The policy acknowledges the significance of adapting and converting content for various international viewers, which has become easier considering technological advancements.
• The government is dedicated to providing strong policies and financial backing to the AVGC industry, ensuring that India continues to be a worldwide leader in the sector.

Tech-driven trends in the AVGC-XR Sector promoting exponential growth

• Advancements in technology specifically when we talk about the Animation and VFX industry, emerging trends such as AR, VR, and real-time 3D technology, are driving the expansion of the metaverse, resulting in a rising need for fresh jobs and broadening uses beyond gaming into education, e-commerce, and entertainment. Moreover, the transition to cloud-oriented production processes and the increase in unique or original content on OTT platforms are improving cooperation and propelling industry growth. To drive expansion, global OTT leaders are commissioning more original content. This has increased the need for VFX, post-production, and animation services.
• Technological advancements in India's gaming industry, like cloud gaming, increased popularity of mobile gaming, the introduction of 5G and 6G, and recognition of e-gaming at national and international forums, are breaking down obstacles and fueling swift growth, positioning India as a key player in growing e-gaming sector worldwide. Furthermore, the integration of gamification and XR in education and training is generating immersive experiences that improve learning and skill building, contributing to the expansion of the AVGC-XR industry.
• The comics industry is being transformed by technological advancements like digital technology and self-publishing, which are increasing access and distribution through online platforms and social media. The rising popularity of graphic novels and the greater use of digital comics, particularly among young audiences with smartphones, are fueling substantial growth in the AVGC-XR industry.
• The use of AR, VR, and MR (Mixed Reality) technologies is rapidly growing due to tech-driven trends in Extended Reality (XR), transforming industries such as healthcare, education, and retail. The rising number of startups in this sector, boosted by higher venture capital funding, is speeding up the uptake of XR services, establishing it as a primary catalyst of innovation and expansion in various industries.

Final Words:

Just like the IT revolution, the Indian AVGC-XR industry along with technological trends and advancements has great potential. With the growth in various sectors within the AVGC industry, the right policy framework in place and government support, it will be forefront of India’s global standing in the AVGC sectoral growth including various Intellectual Property (IP), creations, and outsourcing services. The proposed AVGC-XR policy with a forward-thinking approach will drive the industry growth. Thus, a comprehensive integrated and collaborative approach is essential. Furthermore with rising trends in technological space including the use of AR, VR, cloud spaces, 6G and expansion of the OTT sector, the safe and secure use in terms of cybersecurity is encouraged to ultimately protect the interest of users and establish a safe secure cyber world driven by exponential growth in various sectors including AVGC. We’re at the cusp of a new era, where we’re looking at technological advancements not as a tool but as a way of life, hence safe and secure usage remains a top priority.

References: 

1. https://www.cii.in/PressreleasesDetail.aspx?enc=IkIXRoaDhS+jXtgjqb7UcbWSnaI7mgIS485nHsQEMbw
2. https://www.thehindu.com/sci-tech/technology/avgc-xr-policy-to-be-implemented-in-tandem-with-national-avgc-xr-mission-ib-secretary/article68550433.ece#:~:text=Speaking%20at%20the%20Fifth%20Global,competitiveness%20by%20fostering%20infrastructure%20development%2C
3. https://mib.gov.in/sites/default/files/Annexure%20C-AVGC-XR%20-%20Draft%20for%20National%20Policy_16th%20December%202022-AG%20EDIT.pdf
4. https://www.drishtiias.com/daily-updates/daily-news-analysis/potential-of-india-s-avgc-xr-sector

‍