The One Where It All Began

The tussle between the two Goliaths began with the unveiling of WhatsApp’s latest privacy policy changes for Indian users. The Indian government termed the privacy updates “Discriminatory” and wrote a letter to WhatsApp CEO, Will Cathcart for its immediate withdrawal. Since then, the two heavyweights have thrown punches at each other in the form of multiple affidavits and counter-affidavits filed with the Delhi High Court addressing different issues relative to users’ “Right to Privacy.”

In the latest round of allegations, the instant messaging giant challenged the government in court alleging that its new IT rules (Intermediary Guidelines and Digital Media Ethics Code Rules 2021) could become weapons of “mass surveillance” and undermine the users’ “right to privacy.” The government was not amused because the affidavit was filed on  May 25, a day before the new rules came into force. To clear the air, the government issued a statement saying,

Right to Privacy is a fundamental right and the government respects it. It has no intention to violate it.

But are these justifications enough? What are the new rules? What’s the opposition for? Will these rules help us in maintaining digital hygiene? Or are they simply what WhatsApp suggests – means of surveillance by the government? Questions are many, but answers are few. Here are some key points that may help you decide:

WhatsApp’s Latest Accusation Against GoI

The first accusation made by WhatsApp towards the government is based on a four-year-old verdict on Justice K S Puttaswamy vs Union of India. WhatsApp alleged that the new rules are unconstitutional and undermine an individual’s “Right to Privacy,” which the constitution itself has bestowed upon its citizens as per the 2017 verdict.

Impact: If the new rules come into force, they will make WhatsApp employees liable to criminal proceedings for non-compliance, which again bypasses a few other constitutional rights of its employees since they are citizens of India. Thus, WhatsApp wants the court to ensure that this clause in the amended rules does not come into force to safeguard both employee and its user interests.

The Trouble with Traceability and E2E

The biggest issue that WhatsApp has with the new rules is “Traceability.” In a blog post, WhatsApp explained how the concept of traceability breaks end-to-end encryption (E2E) that was implemented throughout the app’s ecosystem back in 2016. The E2E helps protect its users’ calls, messages, photos, videos, and voice data from being intercepted or adulterated. Data is encrypted the moment it leaves the sender’s device and decrypted only on the intended receiver’s device. Even WhatsApp is unaware of the data that is transmitted between two people and/or groups.

Moreover, WhatsApp also argues that the traceability clause is currently a flawed concept. For example, if a user forwards a message received from another source, that source can be tracked. However, if a user copy-pastes a message from another source and sends it to a recipient, the person who copied and sent the data becomes the originator of the message. This is technically wrong as the message could have been sent for fact-checking or simply out of concern towards the recipient.

Impact:  WhatsApp says that breaking E2E would mean the end of privacy and indirectly mandate mass surveillance. It will have to add a “fingerprint” to not just one or two but all user messages, which will not only keep their data vulnerable to interception and exploitation from potential threat actors but also undermine their users’ privacy round the clock.

Additionally, if traceability requirements are to be enforced, WhatsApp will have to create an India-only app as the E2E is a default feature and a long-standing benefit of its worldwide messaging platform. Records suggest that WhatsApp currently has 503 million users in India and thus it could be a cumbersome yet mandatory process.

Government’s Stance

In response to WhatsApp’s allegations, which were specifically aimed at Rule 4(2) of the Intermediary Guidelines, the government said, “The(se) rules have been framed after consultation with various stakeholders and social media intermediaries, including but not limited to WhatsApp. After October 2018, no specific objection has been made by WhatsApp to the Government of India in writing relating to the requirement to trace the first originator in relation to serious offenses. WhatsApp’s refusal to comply with the guidelines is a clear act of defiance.”

Shri Ravi Shankar Prasad, Minister of Electronics and Information Technology and Communications, and Law and Justice of India, said,

The entire debate on whether encryption would be maintained or not is misplaced. Whether “Right to Privacy” is ensured through using encryption technology or some other technology is entirely the purview of the social media intermediary. It is WhatsApp’s responsibility to find a technical solution, whether through encryption or otherwise, that both happen.

Impact: According to the government, Under Rule 4(2) of the guidelines, tracing the first originator of the message, tweet, or post will only be done under select circumstances. It condemns WhatsApp’s accusations on GoI’s 24/7 vigilance on its users. The government said, “We do not wish to track all messages.” It added that the “special” circumstances for tracking can be invoked “only for prevention, investigation, punishment, etc. of inter alia an offence relating to sovereignty, integrity and security of India, public order incitement to an offence relating to rape, sexually explicit material or child sexual abuse material punishable with imprisonment for not less than five years.”

However, WhatsApp argues that this can lead to imprisonment of innocent people who might not have perpetrated or originated the message, but only propagated it – maybe mistakenly. This can cause chaos and is harmful to the democratic rights of people in the broader view.

What Other Social Media Intermediaries Think

The law applies not just to WhatsApp but all “significant social media intermediaries” – that is, the ones with more than 5 million users. This includes the likes of Google, Twitter, and even WhatsApp’s parent company Facebook.

The first to offer a statement about the new intermediary laws was Google’s CEO, Sundar Pichai, who hails from India. Although he retracted from choosing which side he was on, Pichai, however, did say, “Google is committed to complying with local laws and engages constructively with governments as they scrutinize and adapt regulatory frameworks to keep pace with the fast-evolving technology landscape.” He added, “Be it Europe with the copyright directive or India with information regulation, etc., we see it as a natural part of societies figuring out how to govern and adapt themselves in this technology-intensive world.”

On the other hand, Twitter has asked for a three-month extension to comply with the new rules which the government claimed was “rhetorical” to say the least. The Indian government had introduced these rules in February this year and had already given a three-month timeframe to comply with the changes. Thus, asking for additional time does not make any sense. Moreover, Twitter said it had concerns over two things: the possible impact of these curbs on its users’ “freedom of expression” and the criminal liability of their compliance officer for content posted on their platform.

Impact: Although there is little choice for intermediaries for compliance, this can lead to intimidation from the law enforcement authorities as was seen in the incident where the Special Cell of the Delhi Police visited offices of Twitter India in Delhi and Gurgaon with regards to its probe into the Congress toolkit conspiracy.

Expert Opinion

The Internet Society, a non-profit organization, has reiterated its concerns shared by cybersecurity experts, that to comply with these traceability requirements, platforms may be forced to undermine end-to-end encryption. In an open letter to the MeitY, cryptographic and security experts warned that pursuing message traceability would undermine digital security.

In a statement given to CISO MAG, the Internet Society said, “WhatsApp’s lawsuit is the first by a major social media company against India’s revised Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code), Rules 2021 which were announced in February this year. The revised Guidelines include a traceability requirement, or the ability to track down the first originator of a particular piece of content or message.

While the Ministry of Electronics and Information Technology (MeitY) has emphasized that encryption is not a target in these new Guidelines, cybersecurity experts both in India and abroad have pointed out that it is simply not possible for companies such as WhatsApp to try to comply with the new guidelines without suppressing at least some features that are integral for strong encryption to work properly.

In fact, a 2020 report from these experts warned that “to comply with traceability requirements, platforms may be forced to enable access to the contents of their users’ communications, breaking end-to-end encryption and considerably weakening the security and privacy of their product.

With the traceability requirement, the government appears to be compelling popular online platforms to weaken encryption without explicitly telling them to do so. The likely outcome will be for those platforms to stop offering end-to-end encrypted services altogether. End-to-end encryption is the gold standard for keeping Internet users and systems secure and an essential aspect of digital privacy which is imperative to the hundreds of millions of people in India who use Whatsapp.”

Conclusion

This is not the first time that WhatsApp has faced governmental pressure for tracing requirements. Earlier, Brazil had also asked the messaging giant to do the same, to which it replied, “It erodes privacy.” Whether the intermediaries relent to the pressure of compliance or the GoI eases down on them is something that only time can tell. However, users across India are curious about the “suggested” ban on WhatsApp and other social media giants. The government has not mentioned whether it will completely ban these platforms but has hinted about taking away the safe harbor given to them under the IT Act.

About the Author

Mihir Bagwe is a Tech Writer and part of the editorial team at CISO MAG. He writes news features, technical blogs, and conducts interviews on latest cybersecurity technologies and trends.

 

The post The Curious Case of WhatsApp and Government of India Highlights the Broader Traceability Concerns appeared first on CISO MAG | Cyber Security Magazine.

WhatsApp India Privacy Policy Row

WhatsApp has been previously asked to reconsider its privacy policy changes by the Indian government. In January this year, the Indian government deemed the new privacy policy changes as “discriminatory” because the same policy in the European Union (EU), was made optional to its users owing to the GDPR regulations. Since India still does not have a formal data privacy law in the country (it is currently in the works and will be introduced in the parliament’s coming session), MeitY had requested WhatsApp to withdraw the policy and respect the “right to privacy” and consent of Indian users. However, WhatsApp did not completely dissolve the enforcement of the new privacy policy which was supposed to come into effect on February 8, 2021; instead, it just deferred it by three months to May 15.

In April, the MeitY filed an affidavit in the Delhi high court stating WhatsApp’s privacy policy violated the Information Technology Rules of 2011 on five counts. They were:

1. It fails to specify the types of sensitive user data being collected.
2. It fails to notify users of such collection.
3. It does not let them review or amend the information.
4. It does not allow the withdrawal of consent later.
5. It fails to provide any guarantee against non-disclosure to third parties.

In response to the Affidavit, WhatsApp told the Delhi high court that it was conforming with the current Indian IT laws and rules in place and respected users’ privacy for which it has already taken steps such as end-to-end chat data encryption. Additionally, to make its point clearer, it presented another affidavit which names other popular applications in the country like Zomato, Ola, BigBasket, Truecaller, and the government’s own COVID tracking app, Aarogya Setu, which have similar privacy policies.

In response to the petition, Justice Sanjeev Sachdeva had earlier told MeitY that, “It is a private app. Don’t join it. It is a voluntary thing, don’t accept it. Use some other app.” Pointing at other apps like Google Maps, Justice Sachdeva added that even others do it and “you would be surprised as to what all you are consenting to.”

Going by this philosophy of “If you want it, you use it,” a few days back, the company again informed the Delhi high court that it has rolled out the policy on May 15 as decided but it was “not forcing users to accept the new updates in the privacy policy.” It clearly stated that it would not delete the accounts of users who have refrained from accepting the changes for now. However, this does not seem to be enough and the ministry has finally given a countdown of seven days before it initiates legal action as deemed appropriate. There is widespread speculation (on social media and in WhatsApp message forwards) that users who do not accept the new privacy policy may not be able to access all the features of WhatsApp. But this is yet to be confirmed.

Related News:

WhatsApp vs Signal vs Telegram: Which is More Viable and Secure?

---

Indian Government Asks WhatsApp to Withdraw its “Discriminatory” Policy

The post Indian Government Gives 7-days to WhatsApp for Privacy Policy Roll Back appeared first on CISO MAG | Cyber Security Magazine.

What were the WhatsApp Privacy Policy Changes?

WhatsApp’s updated Privacy Policy mandated users to share their data with its parent company Facebook. It included sharing the metadata of users’ chat with business accounts of other Facebook companies. Moreover, WhatsApp did not allow users to opt-out of such a drastic change in the privacy policy.

Related News:

WhatsApp vs Signal vs Telegram: Which is More Viable and Secure?

Why is the Indian Government Opposing?

According to a report from a national news channel NDTV, experts in the government familiar with the matter cited concerns over WhatsApp’s data collection and sharing with the other parent and sister companies. They said, “It would create a honeypot of information about users with a Facebook group, which can invariably create security risks and vulnerabilities for all users.”

Withdraw “Discriminatory” Policy For Indian Users: Government To #WhatsApp

NDTV’s Roobina Mongia reports

Read more: https://t.co/KfIxwzIwIy pic.twitter.com/z0wI0gI5sa

— NDTV (@ndtv) January 19, 2021

Secondly, the Ministry of Electronics and Information Technology (MeitY) is baffled by the double standards of WhatsApp. In the European Union (EU), WhatsApp has given an opt-out option to its users; however, the Indian user base, which the company states are the biggest in the world, does not get one. MeitY strongly condemned this “discriminatory treatment” and termed it “disrespectful” towards Indian citizens. In a stern voice, MeitY reminded WhatsApp “that it has a sovereign right to protect the interests of Indian citizens and it shall not compromise on that at any cost.”

After a brief study of the updated policy, the Indian government is now seeking clarity and conformance on privacy and data security concerns. It has sent a list of 14 questions asking about the disclosure of the exact categories of data that WhatsApp collects from its users in India, the permissions and user consent sought by the app, and how each of these sets of data will be used by the company post collection.

Petition in Delhi High Court Against WhatsApp’s Policy

Meanwhile, a lawyer has filed a petition against WhatsApp’s new privacy policy, which was heard in the Delhi High Court on Monday, January 18. The petitioner argued that the updated privacy policy violates users’ right to privacy under the Indian Constitution and must not come into effect. However, Kapil Sibal and Mukul Rohatgi, senior advocates and defendants of WhatsApp and Facebook,  found this argument baseless. They told the High Court that none of the private or group chats were being accessed or stored by WhatsApp, and very much remained encrypted. They further argued that it was only the business chats on WhatsApp that were getting affected.

In response to the petition, Justice Sanjeev Sachdeva said, “It is a private app. Don’t join it. It is a voluntary thing, don’t accept it. Use some other app.” Pointing at other apps like Google Maps, Justice Sachdeva stated that even others do it and “you would be surprised as to what all you are consenting to.” However, the High Court wanted more time to analyze the amount of data being shared and the data that was being leaked as per the petitioner. Thus, the matter will be listed on January 25 for further address.

Related News:

After Juspay, ClickIndia, ChqBook and WedMeGood Allegedly Suffer Data Breaches

The post Indian Government Asks WhatsApp to Withdraw its “Discriminatory” Policy appeared first on CISO MAG | Cyber Security Magazine.

As per the MoU, MicroWorld will facilitate cooperation for detecting latest cyberthreats like malware/botnet attacks. CERT-In will also provide a platform on its “Cyber Swachhta Kendra” (Botnet Cleaning and Malware Analysis Centre) website for users to access MicroWorld’s eScan antivirus bot removal toolkit, which enables users to scan their Windows-based systems and prevent viruses like adware, spyware, and other forms of malware. The Cyber Swachhta Kendra is a part of the Government of India’s Digital India initiative operated by CERT-In.

Sanjay Bahl, Director General, CERT-In said, “As the complexity, frequency, and sophistication of malware continues to increase impacting the end user digital devices, there is a need for appropriate tools in the hands of citizens to safeguard themselves. The eScan tool from MicroWorld will help towards the vision of making India cyber swachh and build technical capacities within the country while safeguarding citizens from malware threats.”

Govind Rammurthy, Managing Director and CEO of MicroWorld Technologies, said, “IT security is a matter of grave concern in these trying times. eScan Antivirus Toolkit – will be available through CERT-In’s Cyber Swachhta Kendra platform for users across the country to utilize for free and stay secure. We aim to secure the country’s cyberspace with our futuristic and proactive technology with the aim of defending against any malignant advances that would arise from the digital universe.”

The post MicroWorld and CERT-In Collaborate to Enhance Overall Cybersecurity in India appeared first on CISO MAG | Cyber Security Magazine.

The attackers distributed the malware via phishing emails sent across to the employees of the Ministry of Electronics and Information Technology (MEIY) of India. The systems were infected after an employee downloaded the malicious email attachment.

The incident affected the computers of both the NIC and the MeitY that contain sensitive information about national security, citizens, and critical important government functionaries, including the prime minister, national security advisor, the home minister, and other officials. According to sources in Delhi Police’s Special Cell, the primary investigation revealed that the malicious email was sent via a proxy server from the U.S. with an IP Address traced to an Indian-based IT company based in Bengaluru.

Involvement of China Actors?

The security incident comes on the heels of reports claiming that a Chinese firm Zhenhua Data Information Technology has been collecting data on millions of people worldwide. It is found that the Chinese tech company has reported links with the country’s military and intelligence networks, and thus, this action could be an act of espionage, according to Internet 2.0, an Australia-based cybersecurity consultancy that discovered this hidden data trove. This dataset consists of the personal information of nearly 250,000 people worldwide, including 10,000 Indians that consists of prominent personalities like Indian Prime Minister Narendra Modi, Indian President Ramnath Kovind, industrialist Ratan Tata, cricketer Sachin Tendulkar, etc. The majority of the discovered dataset contains the personal information of 52,000 Americans, 36,000 Australians, 10,000 each of Britain and India, and nearly 800 New Zealand nationals.

The post Attackers Target Govt. Computers at the National Informatics Centre appeared first on CISO MAG | Cyber Security Magazine.

The report said the Indian Cybersecurity Services Industry is expected to grow from $4.3 billion in FY 2019 to $7.6 billion in 2022. The industry will register an overall CAGR of 21% by 2025 and grow to $13.6 billion. The report has been commissioned through an extensive primary and secondary research of cybersecurity services companies in India and provides Services Market projections from FY 2019 to 2025, putting the spotlight on capabilities, talent, innovation and business strategies.

This growth has been fuelled by the COVID-19 pandemic, with cybersecurity gaining an even higher attention from the Boards and Governments. The global cybersecurity services market is expected to reach $89 billion by 2022, with an overall CAGR of 10%. The report cited Managed Security Services (MSS) and System Integration as the most attractive service lines. Identity and Access Management, Big Data Analytics and Cloud Security are expected to garner high demand.

Cyber Security holds the key as 95% of the IT industry workforce had to work from home during this unprecedented time. NASSCOM and DSCI have been working relentlessly putting ahead the issues of the IT Industry to the government and forging a vital partnership to mitigate the COVID impact and ensure business continuity.

— Ajay Sawhney, Secretary, Ministry of Electronics & IT

The report aims to put spotlight on offerings, current and future market perspectives of Indian cybersecurity service companies and global companies with significant cybersecurity operations conducted from India.

Key trends and findings 

• Enterprise spending on cloud security solutions is predicted to increase from
• $636 million in 2020 to $1.63 billion in 2023.
• There has been a 667% increase in spear-fishing e-mail attacks related to COVID-19, since the end of February 2020.
• MSS is the most dominant and fastest growing service line.
• Cybersecurity services companies in India are transforming from traditional SOC model to innovative cyber fusion centres and focusing on in-house talent for innovation.
• The Indian industry is moving towards holistic offerings to support all aspects of cybersecurity. Technological Innovations are creating new service lines.
• The industry is moving from sporadic usage of cybersecurity solutions to a continuous model, which in turn is creating need for cybersecurity services
• Security services delivery models are continuously evolving over time, moving towards outcome and value creation based models.
• Indian cybersecurity services companies are expanding their global presence because of rising demand for security from within and outside India, coupled with our unique value proposition.

Products and Services ecosystem are the twin pillars of our Cyber Security Industry. The Indian Cybersecurity Services Industry is growing twice as fast as the global market. All challenges come with opportunities, so while COVID is a challenge, it is also a huge opportunity for accelerating the already existing high-level growth in Cyber Security.

— Rajendra S Pawar, Chairman DSCI & Chairman & Co-Founder, NIIT Group

Data Security Council of India (DSCI) is a premier industry body on data protection in India, setup by NASSCOM, committed to making the cyberspace safe, secure and trusted by establishing best practices, standards and initiatives in cyber security and privacy. DSCI brings together governments and their agencies, industry sectors including IT-BPM, BFSI, Telecom, industry associations, data protection authorities and think tanks for public advocacy, thought leadership, capacity building and outreach initiatives.

Rama Vedashree, CEO, DSCI, said, “The Indian Services Industry is playing a seminal role in securing enterprises worldwide from the ever-increasing cyber threats amid the COVID-19 crisis. The cybersecurity services companies are stepping up their competencies across the three facets of People, Process and Technology and this is making them a trusted partner of choice for global enterprises in their digitization journey.”

Download the full report here.

The post Indian Cybersecurity Services Industry to Grow to $13.6 Bn by 2025: DSCI appeared first on CISO MAG | Cyber Security Magazine.

Experts opined that, once the pandemic settles, organizations will focus on digitization, including traditional sectors like education and hospitals. Since companies struggle to integrate cybersecurity in the initial stages, there will be an increase in the demand for cybersecurity professionals in the country.

According to Ajay Sawhney, Secretary, Ministry of Electronics and Information Technology (MeitY), the Indian government has collaborated with DSCI (the Data Security Council of India) to establish a National Center of Excellence that will accelerate innovation in the Indian cybersecurity market.

“Currently, all focus lies on COVID-19 management and innovation challenges are running to help us tackle the pandemic but all this will possibly transform into something larger, and we should never waste a crisis but take it as an opportunity,” Sawhney stated.

Rama Vedashree, CEO of DSCI, said, “As India gears up to become a hub for cybersecurity, investment becomes the game-changer to nurture startups. We have seen an uptick in cybersecurity patent filing and grants in India which proves the growing innovation ecosystem in our country. As Big Data, AI, Cloud and other deep tech emerges, cybersecurity serves as a foundational tech across all technologies and for that, we need a spurt in innovation and investment.” 

Growth in the Indian Cybersecurity Market

According to a joint study by PwC India and DSCI, the cybersecurity market in India will grow from $1.97 billion in 2019 to $3.05 billion by 2022, at a compound annual growth rate (CAGR) of 15.3%. The study also stated that Banking, Financial Services and Insurance (BFSI), IT, and government are the top three sectors with the largest market share in cybersecurity expenditure in the country.

The study highlighted that cybersecurity products in India will grow at a higher rate. It is believed that data protection and endpoint security tools will grow at a CAGR of 22.2% and 19.1% respectively over three years. DSCI also mentioned that global regulations like GDPR, Health Insurance Portability and Accountability Act (HIPAA), and Health Information Trust Alliance (HITRUST) will continue to have an impact on the Indian cybersecurity market.

The post Experts Predict High Demand for Cybersecurity in India Post COVID-19 appeared first on CISO MAG | Cyber Security Magazine.

A press release issued to the media today stated: “MeitY invites Startups and budding entrepreneurs who comply with the start-up definition as defined by DIPP at http://startupindia.gov.in to participate in the Grand Challenge. Individuals who are not yet registered can register as a startup and participate. A unique feature, the IPR of the product being developed as part of the challenge will be owned by the respective startup. DSCI will be administering the Grand Challenge and the whole process will run for nine months under various stages.”

Details about the challenge

Under Grand Challenge, participants need to create solutions around six defined Problem Statement areas which include: Microservices, IoT, Biometrics, Hardware Security, etc. In the Idea stage, 12 shortlisted teams will receive INR 5 Lakh each (approximately US$7,000) and six teams will receive INR 10 Lakh each (approximately US$14,000) in the MVP stage. Multiple mentorship workshops will be conducted to guide the participants throughout the grand challenge. The winning team with the best judged solution will receive a grand prize of INR 1 Crore (approximately US$141,362) whereas 1^st runner up and 2^nd runner up will receive INR 60 Lakh (approximately US$84,766) and INR 40 Lakh (approximately US$56,500) respectively.

More information about the challenge and registrations can be submitted at: https://innovate.mygov.in/cyber-security-grand-challenge/

Launching the challenge, Ajay Sawhney, Secretary, MeitY, said, “The Grand Challenge is a first of its kind initiative encouraging cybersecurity entrepreneurs to innovate and develop solutions for critical cybersecurity problems and demonstrate capabilities. It is an opportunity to gain mentorship and guidance under the best cybersecurity experts. Start-ups will receive intensive mentoring on various aspects such as technology, building global solutions, go to market strategy, etc.”

Dr. Gulshan Rai, Former National Cybersecurity Coordinator, Govt. of India, said, “This initiative of Ministry of Electronics & IT and DSCI will have a far-reaching constructive impact on innovation and indigenous technology creation to suit the need of the country when one looks at it from the larger perspective of entrepreneurship and national security. My congratulations for the successful launch of Grand Challenge and putting up strong problem statements that can cater to solutions in cybersecurity.”

Rama Vedashree, CEO, DSCI, said, “We are proud to partner with the Ministry of Electronics & Information Technology to conceptualize and launch the Cyber Security Grand Challenge, which endeavors to solve critical cybersecurity problems and give impetus to innovation and entrepreneurship in the Indian Cybersecurity Start-up ecosystem. We had the privilege of working with the Government and Industry to curate compelling problems statements and orchestrate a first-of-its-kind Grand Challenge.” 

Data Security Council of India (DSCI) is a premier industry body on data protection in India, set up by NASSCOM, committed to making cyberspace safe, secure and trusted by establishing best practices, standards and initiatives in cybersecurity and privacy. DSCI brings together governments and their agencies, industry sectors including IT-BPM, BFSI, Telecom, industry associations, data protection authorities and think tanks for public advocacy, thought leadership, capacity building and outreach initiatives.

The post Big Prize Money Offered in Indian IT Ministry Cybersecurity Startup Challenge appeared first on CISO MAG | Cyber Security Magazine.