PRESENTS

TT h e C Y B E RR
C
C H R O N I C L EE
SRM INSTITUTE OF SCIENCE AND TECHNOLOGY
FACULTY OF ENGINEERING AND TECHNOLOGY
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
WITH SPECIALIZATION IN CYBERSECURITY
RAMAPURAM, CHENNAI - 600 089

cybercarnival.in cyber_carnival_srmrmp cyber_carnival_srmrmp

 DEPARTMENT OF COMPUTER SCIENCE
AND ENGINEERING

The Department of Computer Science and Engineering (CSE) at SRM Institute of Science
and Technology, Ramapuram, has been a hub for innovation and learning since its inception
in 2004.With a strong commitment to academic excellence, the department nurtures
students with cutting-edge knowledge and practical skills.It offers a world-class learning
environment, equipped with modern infrastructure and research facilities.
Through collaborations with leading industries, students gain exposure to real-world
challenges and emerging technologies.The curriculum is designed to integrate theoretical
concepts with hands-on experience, ensuring a well-rounded education.Emphasizing ethical
values and professional integrity, the department shapes responsible and skilled
engineers.Students from diverse regions of India come together, creating a vibrant and
dynamic academic community.Highly qualified and industry-trained faculty members guide
students towards achieving their career aspirations.Workshops, seminars, and hackathons
are regularly organized to enhance technical and problem-solving skills.The department
also fosters innovation through research initiatives and startup incubation
programs.Internship opportunities with reputed organizations help students gain industry-
ready experience.With a focus on holistic development, students are encouraged to
participate in technical and cultural events.Graduates from the department secure
placements in top multinational companies and leading tech firms worldwide.The emphasis
on continuous learning and adaptability ensures that students stay ahead in the evolving
tech landscape.At SRM Ramapuram, the CSE department is dedicated to shaping the future
of technology and empowering aspiring engineers.

CYBERCARNIVAL.IN 1
 ABOUT CYBER SECURITY
DEPARTMENT

The Cyber Security Department offers a specialized B.Tech. program designed to equip
students with in-depth knowledge and practical skills in securing digital systems. The
curriculum covers critical areas such as secure system architecture, penetration testing,
ethical hacking, and cyber forensics. Students gain expertise in secure coding, malware
analysis, and steganography, ensuring they understand modern cybersecurity threats. The
program also emphasizes digital forensics, cryptographic techniques, and network security to
combat cyber risks effectively. With hands-on training, students develop proficiency in
analyzing cyber-attacks and implementing defensive strategies. The department provides
access to advanced labs for real-world simulations and research opportunities. Faculty
members, industryexperts, and guest lecturers guide students in mastering cybersecurity
principles. The program encourages participation in hackathons, CTF challenges, and
cybersecurity competitions. Graduates from this department are well-prepared for careers in
cybersecurity, ethical hacking, and IT security consulting. The Cyber Security Department
ensures students are industry-ready, capable of addressing evolving cyber threats.

CYBERCARNIVAL.IN 2
 PATRONS

CHIEF PATRONS

DR. R. Shivakumar
Chairman, SRM Group of Institutions,
Ramapuram & Trichy

Mr. S. Niranjan
Chairman, SRM Group of Institutions,
Ramapuram & Trichy

PATRONS
DR. N. Sethuraman
Chief Director, SRM Group of Institutions

DR. K. V. Narayanan
Associate Director, SRM Ramapuram

DR. M. Sakthi Ganesh

Dean(E&T), SRMIST Ramapuram

DR. Balika J Chelliah

Vice Principal(Admin), SRMIST Ramapuram

CONVENER

Dr.K.Raja,
Chairperson
School of Computer Science Engineering

Dr. Shiny Duela J

HoD- Cyber Security,
SRMIST, Ramapuram

CO- CONVENER
Dr. Sathya Priya S
Associate Professor, Dept. of CSE
SRMIST, Ramapuram

CYBERCARNIVAL.IN 3
 CHAIRMAN’S DESK

CYBERCARNIVAL.IN 4
 CO-CHAIRMAN’S DESK

CYBERCARNIVAL.IN 5
 CHIEF DIRECTOR’S MESSAGE

CYBERCARNIVAL.IN 6
 DEAN’S MESSAGE

CYBERCARNIVAL.IN 7
 VICE PRINCIPAL(ADMIN)’S MESSAGE

CYBERCARNIVAL.IN 8
 CHAIRPERSON’S MESSAGE

CYBERCARNIVAL.IN 9
 HOD’S MESSAGE

CYBERCARNIVAL.IN 10
 CO-COVERNER’S MESSAGE

CYBERCARNIVAL.IN 11
 PRESIDENT’S DESK

As we prepare for the third edition of Cybercarnival, I

can’t help but reflect on how far we’ve come. What
started as an ambitious vision has grown into a thriving
symposium that continues to push the boundaries of
cybersecurity education and innovation. Serving as the
President of Cybercarnival'25 is an incredible honor and
a responsibility I embrace with enthusiasm. This event is
more than just a gathering; it is a testament to the
relentless pursuit of knowledge and the collaborative
spirit that defines cybersecurity. There’s an unmatched
energy in being surrounded by individuals who thrive on
uncovering vulnerabilities, refining security protocols,
and engaging in thought-provoking discussions about
the future of cybersecurity.

It is this shared passion that fuels the event and makes it an experience like no other. Looking
back at previous editions, I realize how much this symposium has shaped my own journey. The
lessons learned, the mentorship received, and the friendships built have been invaluable.
Cybercarnival is more than an event, it is a community that fosters growth, encourages
curiosity, and inspires the next generation of cybersecurity pioneers. As we gear up for
Cybercarnival'25, I am excited for what’s in store. This year, we’re pushing the envelope with
advanced workshops, hands-on technical challenges, an exclusive Start-Up Expo, and a Tool
Expo that highlights innovation at its best. Whether you’re a seasoned expert, a budding
enthusiast, or simply curious about cybersecurity, there’s something for everyone here. To all
attendees, speakers, and contributors, Welcome to Cybercarnival'25. Let’s break new ground,
exchange ideas, and build a future where cybersecurity is stronger and more inclusive than
ever before. This is not just an event; it’s a movement, and I’m proud to be leading the charge.

Vignesh Muraleedharan
3rd Year, CS A, Cybersecurity
President

CYBERCARNIVAL.IN 12
 VICE PRESIDENT’S DESK

As the Department of Cybersecurity gears up for the third

edition of Cybercarnival, I find myself reflecting on a
journey that has been nothing short of transformative. This
prestigious symposium, set to illuminate the landscape of
cybersecurity once again, holds a special place in my heart
– not just as an event, but as a milestone in my personal
and professional growth. Being part of the organizing team
for Cybercarnival'25 is more than just an honor; it's a
testament to how far we've come since our inaugural
edition. Each year, this carnival has evolved, much like the
ever-changing landscape of cybersecurity itself. From
humble beginnings, we've grown into a prominent platform
that brings together brilliant minds, innovative ideas, and
cybersecurity solutions.

What makes Cybercarnival truly special is the electric atmosphere created by peers who share
an unbridled passion for cybersecurity. There's something magical about being in a room full of
people who light up at the mention of penetration testing, get excited about the latest
encryption methods, or can spend hours discussing the intricacies of network security. The
previous editions of Cybercarnival have been instrumental in shaping my perspective and
approach to cybersecurity. Each conversation, workshop, and presentation has added layers to
my understanding, challenging me to think beyond conventional solutions. The mentorship I
received from industry experts and the opportunities to collaborate with fellow enthusiasts
have been invaluable in molding my professional identity. As we prepare for this year's
symposium, I can't help but feel a surge of excitement. Cybercarnival'25 promises to be our
most ambitious edition yet, featuring advanced workshops, engaging panel discussions, and
hands-on experiences that will push the boundaries of what we thought possible in
cybersecurity education and innovation. To those who are joining us this year, whether as first-
time attendees or returning participants, get ready to be part of something extraordinary.

Gokul R
3rd Year, CS - A, Cybersecurity
Vice President

CYBERCARNIVAL.IN 13
 COORDINATOR’S DESK

Welcome to the third edition of Cyber Chronicle, the

cornerstone of CyberCarnival '25. This year marks a
transformative chapter in our story, one that reflects
the remarkable evolution of CyberCarnival. What began
as a modest symposium tailored for cybersecurity
students has now blossomed into an expansive and
thriving community a melting pot of professionals,
enthusiasts, and innovators spanning every corner of
the cybersecurity world. This growth wasn’t just a
coincidence it was driven by our collective vision to
create a platform where knowledge meets innovation,
and collaboration sparks groundbreaking solutions.
Today, CyberCarnival stands as more than an event; it is a vibrant hub where the boundaries of
cybersecurity are redefined, and its future is shaped. CyberCarnival '25 proudly steps into new
territory with the launch of two game-changing additions: the SecureSec Tool Expo and the
Startup Expo. The SecureSec Tool Expo is a first-of-its-kind showcase that brings the cutting
edge of cybersecurity technology directly into the hands of our attendees. Imagine exploring
AI-driven intrusion detection systems, quantum-safe encryption tools, and real-time incident
response platforms all under one roof. This expo bridges the gap between cybersecurity
challenges and the innovative tools designed to solve them, offering professionals and
students alike an unparalleled opportunity to witness the future of cybersecurity in action. On
the other hand, the Startup Expo highlights the entrepreneurial spirit that drives innovation in
our field. It is a dedicated space where visionary startups, bursting with groundbreaking ideas
and solutions, take the stage. From fledgling companies working on revolutionary technologies
to established startups looking to disrupt the industry, this expo fosters connections with
investors, mentors, and the larger cybersecurity community. Together, these initiatives
represent a bold expansion of CyberCarnival's mission. We are not just growing; we are
diversifying, connecting, and pushing boundaries. CyberCarnival '25 now stands as a
comprehensive ecosystem where technology, innovation, education, and business intersect.

Vrajesh R S
3rd Year, CS A, Cybersecurity
Overall Coordinator

CYBERCARNIVAL.IN 14
 ABOUT CYBER CARNIVAL 25

Cyber Carnival 2025 is a premier technology and innovation event that brings together students,
professionals, and tech enthusiasts to explore the latest advancements in the digital world. This
annual event features a dynamic blend of technical and non-technical events, offering participants a
unique opportunity to engage, learn, and showcase their talents across multiple domains. This event
aims to create awareness, foster collaboration, and provide a platform for knowledge exchange
through symposiums, technical workshops, and non-technical activities. With cyber threats evolving
rapidly, the event will highlight major security challenges, including ransomware, phishing attacks,
IoT vulnerabilities, and AI-driven cybercrime. Experts will showcase cutting-edge defense
mechanisms such as Zero Trust Architecture, biometric authentication, advanced threat
intelligence, and cybersecurity frameworks for enterprises and individuals.
Cyber Carnival 2025 is designed to bridge the gap between academia and industry, fostering
innovation, collaboration, and skill development. Whether you're a tech geek, an aspiring
entrepreneur, or a student eager to learn, this event provides an unparalleled platform to connect,
compete, and create.
Join Us! Cyber Security Carnival 2025 promises to be an engaging and informative event for
professionals and enthusiasts alike. Whether you're a seasoned expert or a beginner, this event will
provide valuable insights into the ever-evolving world of cybersecurity. Don't miss the opportunity
to network, learn, and contribute to a more secure digital future!

TECHNICAL EVENTS :
CAPTURE THE FLAG:
Get ready for the most thrilling cybersecurity competition! This year’s CTF will feature brand-new
challenges that test problem-solving skills in ethical hacking, cryptography, and network security.
Participants will have the chance to compete against top cybersecurity experts and enthusiasts,
solving real-world security puzzles. Winners will receive exciting prizes, exclusive mentorship
opportunities, and recognition from industry leaders!
BUG BOUNTY:
Compete in a real-time bug bounty hunt and showcase your skills. Learn about vulnerabilities,
penetration testing, and how ethical hackers help secure organizations . Enthusiasts will gain
hands-on experience in identifying security flaws, reporting them responsibly, and understanding
how bug bounty programs operate in major organizations. Interact with top ethical hackers and
security researchers to gain valuable insights.Get early access to a new bug bounty initiative with
top companies offering high rewards.

CYBERCARNIVAL.IN 15
 ABOUT CYBER CARNIVAL 25

PAPER PRESENTATION:
Step up and make your mark in the cybersecurity landscape! This is your chance to share
your groundbreaking research and be recognized for your contributions to the ever-
evolving digital world. Researchers, students, and industry experts will have the
opportunity to present their cutting-edge research, innovative solutions, and
breakthrough findings in cybersecurity. The best papers will be recognized with awards
and certificates.
SECURE TOOL EXPO:
Prepare yourself for the SECURE TOOL EXPO, where top cybersecurity firms and developers will
showcase cutting-edge security tools, software, and solutions designed to combat evolving
threats. Attendees will have the opportunity to experience live demonstrations, test innovative
security technologies, and interact with industry leaders. From advanced firewalls to AI-powered
threat detection, this expo promises to highlight the future of cybersecurity tools and
innovations.
STARTUP EXPO:
The Startup Expo at Cyber Security Carnival 2025 will feature groundbreaking innovations from
emerging cybersecurity startups. Entrepreneurs will showcase their cutting-edge technologies,
including AI-driven security solutions, blockchain-based authentication systems, and next-gen
threat detection platforms. Participants will have the opportunity to connect with industry
leaders, investors, and potential partners while exploring the future of cybersecurity
entrepreneurship.

NON TECHNICAL EVENTS :

FREE FIRE:
Get ready for an adrenaline-pumping Free Fire! This thrilling gaming competition will
integrate cybersecurity challenges within the gameplay, allowing participants to test their
strategic thinking and cyber defense skills. Players will navigate security missions,
protect digital assets, and uncover vulnerabilities while competing for exciting prizes.
Don’t miss this unique fusion of gaming and cybersecurity awareness!
CYBER SAFE CINEMA:
We are thrilled to introduce CyberSafe Cinema, an innovative initiative designed to
educate and entertain attendees through engaging short films and documentaries on
cybersecurity. This unique experience will showcase real-life cyber incidents, digital

CYBERCARNIVAL.IN 16
 ABOUT CYBER CARNIVAL 25

safety tips, and expert insights, making learning about cybersecurity more accessible and
engaging for all audiences. Stay tuned for an inspiring lineup of screenings that highlight the
importance of digital safety in today’s interconnected world.

CHANNEL SURFING:
Smoother streaming, smarter recommendations, and immersive features. Engage with your
favorite shows like never before! Get ready to ride the waves of entertainment like never
before! CHANNEL SURFING is bringing you thrilling updates, exclusive content, and
groundbreaking innovations that will redefine your viewing experience.

SHIPWRECK:
An exciting and high-stakes debate-style competition where participants take on the roles of
tech leaders, policymakers, and ethical hackers navigating through a simulated cybersecurity
crisis. Contestants must think on their feet and strategize solutions to overcome critical security
threats.

TITLE EVENT:
Participants will engage in interactive missions that mimic actual cyber threats, such as ransomware
attacks, phishing campaigns, and data breaches. This competition will challenge participants to step
into the shoes of cybersecurity professionals, solving intricate security breaches, defending
networks, and uncovering vulnerabilities in a high-stakes simulated environment. Winners will
receive exclusive prizes, certificates, and potential internship opportunities with top cybersecurity
firms.

VALORUSH:
VALORUSH 2025 is set to be an electrifying event, uniting cybersecurity experts and enthusiasts in
the mission to strengthen digital defense strategies. Whether you are an industry veteran or just
starting your journey in cybersecurity, this event promises unparalleled insights, networking
opportunities, and hands-on learning experiences. Don't miss the chance to be part of the
cybersecurity revolution!

CYBER CONCLAVE:
We are thrilled to announce the CYBER CONCLAVE, a high-impact segment of the Cyber
Security Carnival 2025! This conclave will feature exclusive keynote addresses from top
cybersecurity experts, policymakers, and industry leaders. Learners will get insights into the
latest security frameworks, evolving threat landscapes, and innovations driving the
cybersecurity space.

CYBERCARNIVAL.IN 17
 UNMASKING ONLINE SCAMS AND
STRENGTHENING DIGITAL DEFENSES

Cyber Conclave
The Cyber Conclave 2025, hosted by SRMIST Ramapuram, is set to be a groundbreaking
event where leading experts and cybersecurity enthusiasts converge for insightful
discussions. This conclave will explore critical topics such as online scams, cybercrime
detection, AI-driven fraud prevention, and legal frameworks, providing attendees with a
deeper understanding of the evolving digital security landscape. With an esteemed panel of
speakers from Microsoft, Fortinet, Standard Chartered, and TCS, participants will gain
valuable industry insights, network with professionals, and enhance their cybersecurity
expertise. The event also offers exclusive kits and certificates, making it a must-attend for
anyone passionate about cybersecurity.

MR. JOEL GANESAN MR. M J LOGESH BABU MR. RAJTHIAK

Technical Traine,Microsoft Cyber Security Trainer & BAKTHASEKAR
Bangalore Evangelist-Tamil Nadu Judical Associate Vice President
and Police Acaddemy (Cloud Security)
Standard Chartered Bank

MR. NATRAJAN MR. SYED HYDER MR.RAMU PARA

SWAMINATHAN Senior Manager- Systems Director - Cybersecurity
Senior Consultant-Cyber Engineering HTC Global Services
Security Practice Fortinet India
Tata Consultancy Services

MR. S GURU PRASAD

Cybertracs Technologies &
Research Private Limited
Bangalore

CYBERCARNIVAL.IN 18
 CYBERTHON 25

Cyberthon'25, organized by the Department of CSE (Cybersecurity) at SRMIST,

Ramapuram, was a grand success, held at YuniQ, Ticel Park, Chennai, with esteemed
guests Mr. Sakthi Vadivelan (CEO, YuniQ), Mrs. Kadhambari Anbhazhagan (CTO,
YuniQ), and Mr. Vedagiri (Director, IT, YuniQ) gracing the inaugural ceremony. The
event saw 29 teams from 12 institutions competing in multiple rounds of judging and
mentoring, with experts like Mr. Ramu Para (HTC Global), Mr. Subash Jaganathan
(MHA), and Null Community members Mr. Sharon (World Bank) & Mr.Pradeep (BNY
Mellon) guiding participants. The valedictory ceremony honored winners Team
0xZ3RODAY (Sri Ramakrishna Engineering College) with ₹30,000 and runners-up Fire
Bytes 2.0 (Saveetha Engineering College) with ₹20,000, awarded by Mr. Ramu Para.
Mr. Rajesh Kannan (Barclays) provided industry insights, inspiring students to bridge
the gap between academia and cybersecurity innovation. The event concluded as a
testament to teamwork, excellence, and the future of cybersecurity.

CYBERCARNIVAL.IN 19
 ABOUT CYBER CARNIVAL 25

Workshop 1
Topic: Practical Hands-on Cyber Forensic and Digital Forensic
CyberCarnival 2025 presents a 2-day Practical Hands-on Cybersecurity & Network
Security Workshop on Feb 20-21, 2025 (10:00 AM - 4:00 PM) at Gallery Hall 4, SRMIST
Ramapuram, featuring Ethical Hacking, Red Teaming, Steganography, Wireshark,
Sniffing, Social Engineering, Phishing, Web Security, and Burp Suite, along with
Practical Hands-on Cyber Forensic & Digital Forensic sessions. Supraja Technologies
will host expert-led discussions on threat detection, risk management, and emerging
cybersecurity trends, with interactive case studies and real-world applications.
Gain insights from industry experts Upendra (Head of Red & Purple Teaming, Supraja
Technologies, Vijayawada) and mentors Rajesh, Manish, and Ram (Supraja Technologies,
Vijayawada).

Upendra
Head of Red & Purple Teaming
Supraja Technologies, Vijayawada

Manish
Mentor
Supraja Technologies, Vijayawada

Ram
Mentor
Supraja Technologies, Vijayawada

Rajesh
Mentor
Supraja Technologies, Vijayawada

CYBERCARNIVAL.IN 20
 ABOUT CYBER CARNIVAL 25

Workshop 2
Topic: Practical Hands-on Cybersecurity & Network Security
Workshop!
CyberCarnival 2025 presents a 2-day Practical Hands-on Cybersecurity, Network
Security, Cyber Forensic & Digital Forensic (Investigation) Workshop on Feb 20-21,
2025 (10:00 AM - 4:00 PM) at Gallery Hall 3, SRMIST Ramapuram, hosted by Supraja
Technologies. This workshop is designed to enhance digital defense capabilities,
covering threat detection, risk management, cybersecurity trends, cyber & digital
forensics, mobile & browser forensics, memory forensics, and imaging techniques, with
hands-on experience using ExifTool, PDinfo, and Mobsf. Learn from industry experts,
engage in real-world case studies, and gain spot internships & certification.

Krishna
Security Analyst
Supraja Technologies, Vijayawada

Prem
Mentor
Supraja Technologies, Vijayawada

Akshaya
Mentor
Supraja Technologies, Vijayawada

CYBERCARNIVAL.IN 21
 CYBER AWARENESS CAMPAIGN IN
ASSOCIATION WITH NSS

Cyber Awareness Campaign

“Stay Safe Online: Cyber Awareness Campaign”
In today's digitally connected world, where the internet plays a vital role in our
everyday lives, cybersecurity is more important than ever. The Cyber Awareness
Campaign aims to educate individuals, organizations, and communities about the
significance of cybersecurity and the steps they can take to protect themselves
from the ever-growing threat of cyberattacks. However, with the rise of digital
transformation, the number of cyber threats has grown exponentially, putting
personal, organizational, and governmental data at risk. The Cyber Awareness
Campaign Initiative is a proactive effort to raise awareness about cybersecurity
threats and educate individuals and organizations on how to protect themselves
from cybercrimes, data breaches, and online fraud.

CYBERCARNIVAL.IN 22
 CYBER VISION: INDUSTRY SPEAKS

Cyber Forensics: Challenges and Solutions

Introduction
Cyber forensics, also known as digital forensics, is the science of collecting, analyzing,
preserving, and presenting digital evidence in a legally admissible format. With the rapid growth
of technology and increasing cybercrimes, cyber forensics plays a crucial role in solving cases
involving hacking, identity theft, financial fraud, ransomware, and cyberterrorism. It ensures that
the evidence collected from computers, mobile devices, networks, and cloud systems can be
used effectively in legal proceedings.
Here we explore the principles of cyber forensics, its process, challenges, and possible solutions
for enhancing its effectiveness in combating cybercrime.

What is Cyber Forensics?

Cyber forensics is the investigation of digital devices and networks to uncover and retrieve data
related to criminal activities. The goal is to identify and preserve digital evidence while
maintaining its integrity for legal purposes. It plays a significant role in solving cases like:
Data breaches and insider threats
Online financial fraud and scams
Cyberstalking and harassment
Intellectual property theft
Malware, ransomware, and hacking incidents

The Process of Cyber Forensics

1. Identification: Investigators determine the devices, systems, or networks likely to contain
evidence. This could include computers, smartphones, servers, or cloud storage.
2. Preservation: A digital copy (image) of the evidence is created to prevent any tampering with
the original data. This ensures the integrity of the evidence remains intact throughout the
investigation.
3. Collection: Investigators retrieve logs, files, emails, browsing histories, deleted data, or
encrypted information. Specialized tools help extract relevant data for analysis.
4. Analysis: Forensic experts examine the data to detect anomalies, traces of cyberattacks, or
criminal activities. Techniques like data recovery and decryption are often employed.
5. Reporting: A comprehensive report is prepared, summarizing the findings. This report must

CYBERCARNIVAL.IN 23
 CYBER VISION: INDUSTRY SPEAKS

6. Legal Handling: Proper chain-of-custody protocols are maintained to ensure the evidence
remains admissible in court without any question of tampering.

Challenges in Cyber Forensics

While cyber forensics plays a pivotal role in cyber investigations, several challenges hinder its
effectiveness:
1. Rapid Technological Changes
Technology evolves quickly, and cybercriminals adopt new techniques to evade detection.
Investigators often struggle to keep pace with advancements in encryption, cloud computing,
and anonymization tools like VPNs and the dark web.
2. Encryption and Data Privacy
Encryption provides robust security for users, but it also poses challenges for forensic experts.
Accessing encrypted data without compromising privacy laws can be difficult. For example,
decrypting smartphone data requires specialized tools and, in some cases, cooperation from
manufacturers.
3. Volume of Data
Digital devices generate enormous volumes of data, making it time-consuming to analyze and
filter relevant evidence. Investigating a single case could involve sifting through thousands of
files and logs, which requires advanced tools and expertise.
4. Cross-Border Jurisdiction Issues
Cybercrimes often span multiple countries, leading to complex jurisdictional challenges.
Differences in laws between countries can delay investigations, and cooperation from foreign
authorities is not always guaranteed.
5. Cloud Computing and Remote Data
With data stored on remote servers and cloud platforms, retrieving evidence becomes difficult.
Cloud service providers may not always cooperate or provide data on time, complicating the
investigation.
6. Lack of Skilled Professionals
Cyber forensics is a specialized field, and there is a shortage of trained professionals. Handling
complex investigations requires not only technical skills but also a thorough understanding of
legal protocols.
7. Admissibility of Evidence in Court
Courts require strict adherence to evidence-handling procedures. Any mishandling of data

CYBERCARNIVAL.IN 24
 CYBER VISION: INDUSTRY SPEAKS

during collection or analysis could render the evidence inadmissible, leading to dismissal of the
case.

Solutions to Cyber Forensic Challenges

1. Continuous Skill Development and Training
Forensic experts need to keep updating their knowledge and skills to stay ahead of emerging
technologies. Regular training and certification programs can help bridge the skill gap in the
field.
2. Advanced Forensic Tools
Investments in cutting-edge forensic tools and software, such as artificial intelligence (AI) and
machine learning (ML), can streamline the analysis of large datasets. These tools can also help
detect patterns and anomalies quickly.
3. Cooperation between Law Enforcement Agencies
Cross-border cooperation among law enforcement agencies is essential to tackle international
cybercrimes. Agreements between countries for sharing information and resources can expedite
investigations.
4. Improved Legal Frameworks
Countries must develop robust cyber laws that keep pace with technological advancements.
Harmonization of international laws will ensure smoother investigations and reduce jurisdictional
conflicts.
5. Forensic Readiness of Organizations
Organizations must adopt forensic readiness strategies, such as maintaining detailed logs and
backups, to ensure quicker responses to cyber incidents. Proactive forensic readiness can
prevent data tampering and preserve critical evidence.
6. Data Privacy Compliance and Collaboration
Balancing privacy rights and investigative needs is crucial. Law enforcement agencies must work
closely with service providers to access critical information without breaching data privacy laws.
7. Raising Public Awareness
Public awareness campaigns about cybercrime can encourage organizations and individuals to
report incidents promptly, making it easier for forensic experts to act quickly.

CYBERCARNIVAL.IN 25
 CYBER VISION: INDUSTRY SPEAKS

Applications of Cyber Forensics

Cyber forensics is widely used across various sectors:
Law Enforcement: To solve cases related to cyber fraud, terrorism, and hacking.
Banking and Finance: To investigate financial fraud, phishing attacks, and data breaches.
Corporate Investigations: To address insider threats and intellectual property theft.
Government Agencies: To monitor and combat cyberterrorism and espionage activities.
Incident Response: To detect and mitigate the impact of ransomware attacks or data
breaches.

Future of Cyber Forensics

With the growing use of artificial intelligence, machine learning, and blockchain, the future of
cyber forensics looks promising. Automated tools will likely assist investigators in handling vast
datasets efficiently, while advancements in quantum computing may enable faster decryption of
encrypted files.
Additionally, forensic techniques will evolve to include Internet of Things (IoT) forensics and
cloud forensics, expanding the scope of investigations to smart devices and cloud
infrastructure. However, it will be equally important to address ethical concerns and ensure the
use of forensic tools aligns with privacy standards.

Conclusion
Cyber forensics plays an indispensable role in combating cybercrime, ensuring that digital
evidence is collected and analyzed in a way that can withstand legal scrutiny. As cyber threats
become more sophisticated, the importance of forensic investigations in uncovering criminal
activities such as data breaches, financial fraud, and cyber terrorism is more critical than ever.
However, challenges like rapidly evolving technology, encryption, cross-border jurisdiction
issues, and the shortage of skilled professionals pose significant obstacles.
To address these challenges, it is essential to invest in continuous training, advanced tools, and
frameworks that promote collaboration among law enforcement agencies across the globe.
Organizations must also adopt forensic readiness strategies to minimize damage during
incidents and assist investigators. Equally important is balancing investigative efforts with data
privacy concerns to maintain public trust and ensure ethical practices.

CYBERCARNIVAL.IN 26
 CYBER VISION: INDUSTRY SPEAKS

The future of cyber forensics will involve greater reliance on artificial intelligence, blockchain,
and cloud forensics, expanding the scope of investigations to IoT and smart devices. With these
advancements, forensic tools will become faster and more efficient, but they must also evolve to
meet new challenges, such as quantum computing-based encryption. As the digital landscape
grows more complex, cyber forensics will remain a cornerstone of cybersecurity, helping protect
individuals, businesses, and governments while ensuring justice in the digital age. Through
proactive efforts and global cooperation, cyber forensics can meet the challenges of tomorrow
and help create a safer, more secure cyberspace.

C BADRI
Former Joint Secretary-Cyber Society of India,
Former General Manager-Canara Bank,
Former General Manager &
Chief Vigilance Officer-Indian Overseas Bank

CYBERCARNIVAL.IN 27
 CYBER VISION: INDUSTRY SPEAKS

Navigating the Complex Cybersecurity Landscape in 2025:

Threats, Strategies, and Compliance

As we enter 2025, the cybersecurity landscape is evolving rapidly, driven by increasingly

sophisticated threats, technological advancements, and changing regulatory environments.
Cyber threats are no longer isolated incidents but persistent, complex attacks targeting critical
infrastructures, intellectual property, and personal privacy on a global scale. Cybersecurity
leaders must anticipate these changes and refine defence mechanisms to stay ahead of
emerging risks.
This article examines the evolving cyber threats, defensive strategies, and the global compliance
landscape shaping cybersecurity in 2025. We will explore how advancements in AI, machine
learning (ML), incident response, and security architecture will define the future of
cybersecurity.

Emerging Cyber Threats & Attack Vectors

The threat landscape is becoming increasingly complex as cybercriminals and nation-state
actors adopt more advanced tactics. Ransomware remains a critical concern, particularly
targeting sectors such as energy, healthcare, and finance. In 2024, ransomware attacks saw a
notable increase, with 5,414 incidents reported, and damages are projected to exceed $30
billion by 2025 (1). Additionally, the World Economic Forum's (WEF) Global Cybersecurity
Outlook 2025 reveals that 72% of respondents observed an increase in cyber risks over the past
year. Cyber-enabled fraud, phishing, and social engineering attacks have surged, with 42% of
organizations reporting such incidents, and identity theft has emerged as a leading personal
cyber risk (2).

CYBERCARNIVAL.IN 28
 CYBER VISION: INDUSTRY SPEAKS

A growing concern for 47% of organizations is the use of generative AI (GenAI) by adversaries,
which enables more sophisticated and scalable attacks (2). Among these, deepfakes are an
alarming threat, allowing cybercriminals to craft convincing fake identities and manipulate
individuals or organizations using AI-generated media. Deepfake technology is driving new forms
of phishing, disinformation campaigns, and fraud. As these technologies become more advanced,
it will increasingly challenge security teams to distinguish authentic content from maliciously
fabricated media.
For example, incidents like the 2024 MOVEit Transfer breach exploited vulnerabilities in widely
used software, affecting millions globally (3). Attackers leveraged a zero-day exploit to breach
organizations, including government entities and major corporations, exposing confidential data
and causing widespread disruption. This incident, along with breaches like the T-Mobile data
breach (4), highlights the growing risks of supply chain and infrastructure attacks, where
adversaries target third-party vendors or critical systems to cause significant damage.

Case Study: The Fortinet Breach

In September 2024, Fortinet, a leading cybersecurity vendor, experienced a significant breach.
The hacker, using the alias "Fortibitch," accessed a cloud-based shared drive containing sensitive
customer data, targeting critical infrastructure clients in Australia (5). This breach raised concerns
about vendor security and resilience, underscoring the importance of robust access controls,
regular audits, and securing cloud environments. Cybersecurity professionals must evaluate third-
party risks and strengthen vendor management practices to prevent such breaches in the future.

Defensive Strategies & Risk Management

To combat these advanced threats, organizations must adopt multi-layered defence strategies
focusing on prevention and rapid response. The zero-trust security model is essential for verifying
all requests whether internal or external before granting access. According to a 2024 Statista
survey, over 30% of organizations worldwide had already implemented a zero-trust strategy, with
an additional 27% planning to do so within the next six months, signalling the increasing
importance of assuming that no one can be trusted, even insiders (6).
AI and ML are transforming cybersecurity by enabling faster and more accurate threat detection.
These technologies help monitor large volumes of data in real-time, identify anomalies, and
predict potential breaches. For instance, Secureworks' 2024 report highlights that their AI-driven
systems achieved an over 80% improvement in incident notification times, showcasing AI's ability
to enhance detection and response to prevent attacks from escalating (7).

CYBERCARNIVAL.IN 29
 CYBER VISION: INDUSTRY SPEAKS

While AI and ML automate routine tasks and improve detection capabilities, human expertise
remains critical in interpreting data and making decisions during critical situations. As AI
evolves, the question arises: Can AI fully replace human judgment in cybersecurity, or will it
always require human oversight?

AI, ML, and Automation in Cybersecurity

AI and ML are increasingly integral to cybersecurity strategies, automating tasks such as patch
management, threat hunting, and response orchestration. For instance, Darktrace uses self-
learning AI to autonomously detect threats and adapt to emerging attack vectors in real time
(8).
The role of AI in incident response is expanding; systems can now initiate automatic responses
to threats such as isolating infected machines or blocking harmful traffic, significantly reducing
the time between threat detection and mitigation (8). This allows cybersecurity teams to
respond faster and more effectively.
Looking ahead, quantum computing holds the potential to revolutionize data processing but
also poses a risk to current encryption methods. Organizations must prepare for quantum-
resistant encryption to safeguard data against future quantum-enabled threats.

The Global Legal and Regulatory Landscape

Cybersecurity regulations play a vital role in shaping how organizations protect sensitive
information. Regulations like GDPR (General Data Protection Regulation) set stringent data
privacy standards, with many organizations still working toward full compliance, as
approximately 30% of European businesses remain non-compliant (9). Staying compliant is
crucial, especially for multinational teams or clients, as data protection requirements evolve.
In the U.S., the Cybersecurity Maturity Model Certification (CMMC) ensures that defence
contractors meet minimum cybersecurity standards, helping mitigate risks within critical
industries. The final rule for CMMC 2.0 was published in October 2024, with full implementation
expected to begin in early 2025 (10). Meanwhile, global frameworks such as the UK’s NIS
Directive (11) and Australia’s Security of Critical Infrastructure Act mandate compliance for
critical infrastructure providers (12), ensuring their resilience against cyber threats.
In Southeast Asia, Malaysia’s Personal Data Protection Act (PDPA) aligns with global standards
like GDPR while addressing local concerns (13). Organizations must stay updated on evolving
compliance requirements, leveraging encryption technologies to meet these standards and
prevent data breaches.

CYBERCARNIVAL.IN 30
 CYBER VISION: INDUSTRY SPEAKS

Innovations in Security Architecture

The evolution of cybersecurity extends beyond defence into security architecture. Blockchain is
emerging as a tool for creating decentralized, tamper-proof systems, particularly in industries
like finance, identity management, and supply chain tracking.
Another critical trend is the adoption of multi-cloud environments. As organizations increasingly
rely on cloud services, securing these infrastructures becomes paramount. Adopting multiple
cloud providers reduces the risk of a single point of failure and enhances overall security
posture. This is especially important as businesses adopt hybrid and multi-cloud strategies to
stay agile and competitive.
As organizations embrace multi-cloud architectures, how can they ensure their security
infrastructures scale and adapt to the complexities of such environments? Implementing secure
configurations and robust monitoring will be key to safeguarding data across diverse cloud
platforms.

Conclusion
Building a Resilient Cybersecurity Future Cyber threats in 2025 will be faster, more
sophisticated, and more widespread. Cybersecurity professionals must remain vigilant while
adapting to this rapidly changing technological landscape. Implementing AI-driven defences and
adopting zero-trust models will be crucial for staying ahead. However, technology alone is not
enough. Strategy plays an equally important role. Investing in cybersecurity education, upskilling
teams, and embracing AI-driven tools will empower organizations to defend against future
threats effectively. The cybersecurity leaders of tomorrow will not only manage risks but set new
standards for resilience, security, and innovation.

Lavanyah Prabu
CEO & Founder of LumaShift,
Senior Cybersecurity consultant at EY Malaysia

CYBERCARNIVAL.IN 31
 CYBER VISION: INDUSTRY SPEAKS

Strengthening India’s Cybersecurity Landscape : Navigating

Threats, Compliance, and Skill Gaps

In today’s hyperconnected world, cybersecurity is no longer just an IT concern—it’s a critical pillar of

national security and business resilience. As digital transformation accelerates, so do evolving cyber
threats, making it imperative for individuals, businesses, and governments to stay ahead of adversaries.
India, with its booming digital economy, is at a crossroads. The rise of sophisticated attack vectors, the
implementation of the Indian Data Privacy Act, and a widening cybersecurity skill gap highlight the
urgent need for a comprehensive security strategy. Organizations must proactively strengthen their
defenses, ensuring compliance with evolving regulations while also investing in the development of a
skilled workforce.

Emerging Cyber Threats & Attack Vectors

Cyber threats today are not limited to large organizations—small businesses, startups, and even
individuals are prime targets. Phishing, ransomware, supply chain attacks, and AI- driven cyber threats
have surged in recent years, posing significant risks to financial institutions, healthcare systems, and
critical infrastructure.
One of the most alarming trends is Ransomware-as-a-Service (RaaS), where attackers provide pre-
packaged ransomware tools, making it easier for even low-skilled cybercriminals to launch devastating
attacks. Meanwhile, deepfake technology, zero-day vulnerabilities, and state-sponsored cyber warfare
further complicate the threat landscape.
Another emerging concern is insider threats, where employees with access to sensitive data whether
intentionally or unknowingly pose security risks. Traditional cybersecurity defences are no longer
sufficient; organizations must adopt proactive threat intelligence, continuous monitoring, and robust
incident response strategies to stay ahead of these evolving threats. While the focus has traditionally
been on technical defences, regulatory compliance is now playing a critical role in shaping
cybersecurity strategies. This brings us to India’s recent efforts in data privacy regulation.

The Indian Data Privacy Act & Its Impact on Cybersecurity

With rapid digitization, data privacy has become a crucial aspect of cybersecurity. The Indian Digital
Personal Data Protection (DPDP) Act is a landmark legislation aimed at safeguarding personal data,
enforcing compliance, and holding organizations accountable for their data protection practices.
Drawing parallels with international regulations like the EU’s GDPR, the act mandates data localization,
strong encryption, and user consent-based data processing. For businesses, compliance with the DPDP
Act is not just a legal necessity but also a fundamental cybersecurity measure. Failure to meet these
requirements can lead to severe financial penalties and reputational damage. However, many startups
and MSMEs struggle with compliance due to a lack of awareness and resources.

CYBERCARNIVAL.IN 32
 CYBER VISION: INDUSTRY SPEAKS

The Cybersecurity Skill Gap in India: A Growing Concern

Despite India’s booming IT sector, the country faces a severe shortage of cybersecurity
professionals. Reports indicate that India needs over 1.5 million cybersecurity experts, yet
the available talent pool is significantly smaller. The reasons behind this gap include:
1. Lack of Structured Cybersecurity Education – Traditional IT courses do not focus on real-
world cybersecurity challenges.
2. Limited Practical Exposure – Many aspiring cybersecurity professionals lack hands-on
experience in tackling live cyber threats.
3.High Demand, Low Supply – Organizations struggle to find certified and experienced
security professionals to fill critical roles.
Bridging this gap is essential to strengthening India’s cybersecurity posture. At Cybernerds, we
are actively working with academia, businesses, and the government to train the next
generation of cybersecurity professionals. Through hands-on training, mentorship
programs,and workshops, we equip students and industry professionals with the skills needed
to counter modern cyber threats.
While workforce development is crucial, organizations must also implement robust
cybersecurity measures to protect their businesses. One such example is a recent
cybersecurity case handled by Cybernerds

Preventing a Credential-Stuffing Attack on a Fintech Client

Recently, a leading fintech company approached Cybernerds after noticing unusual login
attempts on their platform. Our threat intelligence team quickly identified it as a credential-
stuffing attack, where cybercriminals used leaked username-password combinations from
previous breaches to gain unauthorized access to user accounts. To mitigate the threat, we
implemented:
1. Rate limiting to slow down automated login attempts.
2. Multi-factor authentication (MFA) to add an extra layer of security.
3. AI-driven anomaly detection to identify and block suspicious login patterns.
These measures successfully prevented unauthorized access and protected thousands of user
accounts. Additionally, our post-attack analysis helped the client enforce stronger password
policies and implement dark web monitoring to prevent future breaches. This proactive
approach not only secured their platform but also preserved their brand’s trust and reputation.
This case highlights the critical need for continuous security assessments, real-time

CYBERCARNIVAL.IN 33
 CYBER VISION: INDUSTRY SPEAKS

monitoring, and a proactive cybersecurity strategy. But beyond individual cases, a broader
vision is needed to build a cyber-resilient India.

The Road Ahead: Building a Cyber-Resilient India

Cybersecurity is not just about technology—it’s about people, processes, and awareness. As
cyber threats become more sophisticated, organizations, governments, and security
professionals must work together to:
1. Enhance threat intelligence sharing to stay ahead of adversaries.
2. Ensure compliance with evolving regulations like the DPDP Act.
3. Invest in cybersecurity education and skill development to fill talent shortages.
At Cybernerds, we remain committed to driving cybersecurity excellence in India. As a CERT-IN
empaneled cybersecurity vendor, we provide cutting-edge security solutions, compliance
support, and workforce training to empower businesses and individuals. India is on the path to
becoming a global digital powerhouse, but cybersecurity must be a top priority. The threats are
real, but so are the solutions. The time to act is now.

Siva
Founder of CYBERNERDS
SOLUTIONS PRIVATE LIMITED

CYBERCARNIVAL.IN 34
 CYBER VISION: INDUSTRY SPEAKS

Hacking the Gender Gap: Women in Cybersecurity

Introduction
Cybersecurity has grown from a specialized niche into a vital industry that impacts nearly every
aspect of modern life. From safeguarding personal data and national infrastructure to securing
online transactions and digital communities, its importance continues to expand. Yet, despite its
growing significance, the industry remains male-dominated. As a cybersecurity professional at
CYBERNERDS and NERDSLAB, I have had the privilege of training and mentoring numerous
women, helping them break into this dynamic field. Through my experience, I have witnessed
firsthand the challenges, triumphs, and immense potential that exist for women in
cybersecurity.
This article is more than just a discussion on statistics, it is a call to action for women
everywhere. Whether you are considering a career in cybersecurity or looking to advance
within the field, know that your skills, insights, and leadership are invaluable. The journey may
not always be easy, but it is certainly worth it.

The Landscape: Women in Cybersecurity Today

According to recent reports, women make up only 20-25% of the global cybersecurity
workforce, a noticeable improvement from past years but still far from true inclusivity. This
underrepresentation is rooted in historical biases, limited role models, and widespread
misconceptions about the field.
A study by The Female Quotient and Deloitte found that half of young women interested in
cybersecurity feel they lack the necessary knowledge to enter the field. This misconception
must be dismantled. Cybersecurity isn’t just about filling a quota, it’s about harnessing the
unique strengths women bring, such as problem-solving, collaboration, and a strong
commitment to making a difference. At NERDSLAB, we emphasize that cybersecurity isn’t just
about coding, it’s about strategy, risk management, compliance, policy-making, and leadership.

My journey: From Uncertainty to Confidence

I did not begin my career with a strong technical background, and like many women, I initially
questioned whether I belonged in this field. Cybersecurity often seemed intimidating, filled with
complex terminologies and evolving threats. However, I soon realized that success in this
industry is not about knowing everything from the start, it is about adaptability, continuous
learning, and problem-solving.

CYBERCARNIVAL.IN 35
 CYBER VISION: INDUSTRY SPEAKS

At NERDS LAB, we train aspiring cybersecurity professionals to develop these crucial skills.
Working in cybersecurity has given me a sense of purpose. Every day, I contribute to securing
systems, protecting critical data, and ensuring businesses and individuals remain safeguarded
against cyber threats. The impact of our work is real and far-reaching, making this field
incredibly rewarding. If I can navigate this journey, so can any woman who is willing to take that
first step into cybersecurity.
Overcoming Challenges: Breaking the Barriers
Despite the vast opportunities, many women hesitate to enter cybersecurity due to
self-doubt, workplace biases, or lack of mentorship. Here’s how we can change that:
Believe in Your Capabilities: Cybersecurity is for everyone. Your problem-solving
skills, creativity, and analytical thinking are assets that will help you succeed.
Find Support Networks and Mentorship: At NerdsLab, we actively foster a
community of learning, mentorship, and networking. Join organizations like Women
in Cybersecurity (WiCyS) and SheSec to build your support system.
Invest in Learning and Certifications: Upskilling is crucial in cybersecurity. At NERDS
LAB, we offer training programs C-EHN, C-PTN, C-WASN, C-CSN and EC-Council
programs and certifications such as CEH & CPENT helping professionals strengthen
their expertise and credibility.
Speak Up and Advocate for Inclusion: Confidence is key. Share your ideas, ask
questions, and advocate for diversity and inclusion in your workplace.
Support and Empower Other Women: If you are already in cybersecurity, extend a
hand to other women entering the field. Share knowledge, mentor, and create an
inclusive environment where women feel valued.

Why Women Must Step into Cybersecurity

1. Unmatched Demand and Limitless Career Growth
The cybersecurity industry is facing an urgent talent shortage, creating an incredible
opportunity for women to step in and lead the way. Organizations are actively seeking
skilled professionals, and there has never been a better time for women to step in and
make their mark. Whether your passion lies in ethical hacking, security analysis, risk
management, or policymaking, the cybersecurity world is waiting for your expertise. At
NERDS LAB, we bridge this gap by training and equipping women with industry-
relevant skills.

CYBERCARNIVAL.IN 36
 CYBER VISION: INDUSTRY SPEAKS

2. Women’s Perspectives: The Missing Piece in Cybersecurity

Cyber threats are relentless, evolving every second—and the industry needs fresh, diverse
perspectives to stay ahead. Women bring invaluable skills: sharp analytical thinking, emotional
intelligence, and strategic risk assessment, all of which are crucial in fortifying digital security.

By joining cybersecurity, you’re not just filling a gap, you’re revolutionizing the way security is
approached.

3. Endless Opportunities Beyond Coding

Cybersecurity is not limited to penetration testing or programming. It encompasses
governance, forensics, security awareness, cloud security, compliance, and more. If you have
an interest in business, psychology, law, or communication, there is a cybersecurity role for
you. At NERDSLAB, we ensure that our curriculum offers diverse career paths, making it
ensuring that every woman finds her place in the cybersecurity industry.

4. Job Stability and Competitive Compensation

With cyber threats escalating, the demand for cybersecurity professionals will only grow
stronger. This means job security, exciting challenges, and salaries that reflect the critical
nature of your work. Cybersecurity is not just a career, it’s a mission, a movement, and a
chance to shape the digital world. Step into cybersecurity and be the force that drives change.
The industry needs you. The world needs you.

Conclusion
The future of cybersecurity is bright, and women have a crucial role
to play in shaping it. By breaking stereotypes, embracing our
strengths, and supporting each other, we can create a more inclusive
and secure digital world. To every woman considering cybersecurity,
take the leap. Your voice, perspective, and expertise are needed now
more than ever. We are not just participants in this field; we are
leaders, innovators, and protectors of the digital age. Are you ready
to be part of this transformation? The cybersecurity world is waiting
for you!

Danavarsini K
Cybersecurity Analyst & Trainer
CYBERNERDS Solutions | NERDS LAB

CYBERCARNIVAL.IN 37
 CYBER VISION: INDUSTRY SPEAKS

Security Concerns in Electronic Delivery Channels in Banks

Banking was prevalent in ancient times in the form of barter system with exchange of grains,
goods and services and later it was the rich and affluent people in the profession of lending
sometimes even charging a usurious rate of interest. Interestingly, charging of such high rates
of interest has been discussed and disapproved in the much acclaimed work considered to be
an administrative treatise in his “Arthasasthra” written around 300 BCE, by Kautilya (Chanakya).
In the ancient times, banking was mostly region-centric and sometimes community focused
too.
Nationalization of Banks took place in two phases, one in July 1969 and other in April 1980 after
which banking saw a pan India growth. Early 90’s saw the era of Globalisation, Liberalisation
and Privatisation after which computer entered banking with a massive penetration.

Physical Delivery Channel

Banking was mostly personal banking (or physical delivery channels) till about the end of the
last century, with the customer visiting the branch premises for his banking needs. This later
led its way gradually into the computerized era with electronic delivery channels like ATMs,
Internet Banking, Point of Sales device (swiping devices) in merchant establishments and
Mobile Banking like payment wallets, QR Code based payments and funds remittances. Such
Banking System followed product based services like, Demand Deposits called Savings Bank,
Current/ Call Deposits and Term Deposits viz. Fixed Deposits and Recurring Deposits AND Loan
Products in the form short term and long term credits, Remittances, Safe Deposit Lockers, Safe
Custody, etc., which were designed by individual banks in conformity with regulatory
guidelines. Products were christened with a unique captivating name with additional special
features of respective banks to attract the customers to their fold.
In competing with new generation private sector and foreign banks, even many legacy Indian
banks were forced to adopt technology to remain in the industry and to showcase their
technological skill as a tool to enhance customer service. Technology has, thus transformed
from the paper based banking to digital preservation of records in a phased manner and it
paved the way for effective utilization of resources from financial sector to the economy.

Electronic Delivery Channel

With technology penetration, easy availability and affordability of the computers, network and
all other gadgets, transition to Electronic Delivery Channels was at a faster pace than
envisaged. ATMs, POS Terminals, Internet Banking and Mobile Banking are considered as major

CYBERCARNIVAL.IN 38
 CYBER VISION: INDUSTRY SPEAKS

electronic delivery channels of Digital Banking. Government is also ensuring legal protection for
digital banking transactions by way of carrying out suitable amendments in the statutes
wherever necessary.
Banks started issuing both debit and credit cards, with the security features like grid
information, signature verification, photo cards, PIN in addition to swiping at PoS Terminal and
customers were expected to confidentially handle the OTP and Session PIN for their
transactions. In respect of the Internet and Mobile Banking, users are expected to maintain the
login details strictly private besides manually setting daily limits for remittances, e-commerce
etc and overall limits too, as may be provided by individual banks. One should use e-banking
transactions after ensuring the presence of
security features like https in the address bar, a Lock Symbol, Green Address Bar, and Site
Certification Details before initiating any transaction.

UPI Based Products

Presently Unified Payment Interface (UPI) has made a significant shift in financial transactions
as fast, secure, and effortless. Digital Wallets like G-Pay, PhonePe, Pay TM, BHIM, etc. facilitate
the users to make payments with their mobile phones, tablets and watches, etc. QR Code
based payments empowered individuals, small businesses, and merchants, besides driving the
country’s shift towards a cashless economy. According to the ACI Worldwide Report 2024,
India accounts for around 49% of global real-time payment transactions as of 2023. With UPI’s
growing international presence and the continued rise of digital transactions, India is setting
new global benchmarks in financial inclusion and economic empowerment.

Various Types of Cyber Crimes

Cyber crime in banking includes data theft, tricking people into giving away their personal
information, locking up their computers for ransom, and pretending to be someone to steal
their money. Phishing is a technique used by the fraudster to obtain personally identifiable
information, like login details, Aadhaar, Date of Birth etc. through an electronic medium.
Sometimes fraudsters exert pressure creating urgency to respond immediately by using words
like ‘you are under digital arrest’ or your courier parcel contains some illegal contraband goods
etc. Always remember, there is no such thing called ‘digital arrest’ in India. Fraudsters also use
loan apps and lure the often gullible users with immediate disbursal of loans with no
documentation and near zero rate of interest.
Cyber Security Best Practices

CYBERCARNIVAL.IN 39
 CYBER VISION: INDUSTRY SPEAKS

The world is celebrating every October as Cyber Security Awareness month with the objective
to enhance knowledge and awareness about cyber security. “Secure our World” is the theme
for Cyber Security Awareness Month 2024, which empowers everyone to understand the
simple ways and practices that can be used to guard against cyber victimization. Such security
tips include practices like
not using a public Wifi not using banking
not sharing private information from a public browsing centre
not sharing the OTP
not parting with the mobile to a stranger even for a minute etc
keeping a daily transaction limit in all e-transactions
updating the systems with the latest anti virus, firewalls etc
Indian Cyber Crime Coordination Centre (IC4), acts as the nodal point to curb Cybercrime in the
country. If you fall victim to cyber crime in India, remember the Number “1930” – National Cyber
Crime Reporting Helpline, which is a 24x7 dedicated service provided by the Government of
India, to help victims and to potentially recover lost funds. Online complaints may also made in
the website https://www.cybercrime.gov.in of Government of India, which also triggers
investigation and helps
blocking of accounts of the fraudulent beneficiaries. Besides, CHAKSHU Portal facilitates
citizens to report the suspected fraud communications with the intention of defrauding telecom
service users for cyber crime, financial frauds, non-bonafide purposes like impersonation or
any other misuse through Call, SMS or WhatApp.

G Kaliyamoorthy
Retd. Chief Manager Indian Overseas
Bank and EC Member, DiSAI

CYBERCARNIVAL.IN 40
 CYBER VISION: INDUSTRY SPEAKS

ALIGNING AI WITH CRIMES AND DIGITAL EVIDENCE

Preamble : In this article, we will discuss technology penetration in modern days, the
emergence of Artificial Intelligence as a powerful tool in the hands of common man and the
vulnerabilities it also brings with it, especially if an innocent person is victimised in an AI
environment and an AI tool. The article concludes with the avenues open to the victim, be
he/she a common man or a technology illiterate person, to bring the culprits or criminals to
book and the evidentiary mechanism available, not just as a detective measure but also as a
preventive measure, when such AI threats are faced.
AI is almost part of our daily life: It would be futile or even childish, to define what Artificial
Intelligence (AI) is, in today’s technology penetrated environment. Two decades back, it was
just technology, then the mobile which reached out to the most common man in the country,
followed by mobile based payment wallets when street hawkers and small time vendors
accepted payments from just a mobile device for small amounts as low as Rs.5 or 10/-. Mobile
based payments like QR code based ones, Mobile number based ones or UPI id based etc are
so common these days that many shopkeepers do not look for coins of small denominations to
return the balance when a round sum in currency notes is paid to them. A recent survey
recorded that shopkeepers do not keep stock of one rupee toffees and chocolates these days,
since payments are received in mobile and the need to use these as replacements for small
denominations coins is no longer there!
AI penetration: With such deep technology and mobile penetration, it is only natural that large
data repositories, big data analysis, machine learning, etc are the buzzword today. With so
many tech tools in the market and with such a good technology literacy, human beings are
getting addicted to, yes addicted to, the use of computers and the internet even for small
mundane jobs like searching for a song or a video or an article or a story or an essay of their
choice. And, note it, if someone wants a typical Carnatic Music (in Telugu or Tamil) or a pure
Bharthiyar song (in Tamil) in the voice of the world renowned Grammy award winner Ed
Sheeren or Billie Ellish, just go to AI and there are tools that give you these Tamil or Telugu
songs in the voice of such Western US or UK or other singers! Perhaps on listening to such
songs, such singers would be baffled and bemused wondering when and where at all they sang
this song.
Using AI tools: We have already seen videos and pictures of world leaders including Donald
Trump, Elon Musk, Mark Zuckerburg etc taking a holy dip in the Maha Kumbh Mela in Prayag
raj. Some of the videos look so real that people would wonder when these celebrities actually
came to India and took part in the holy dip in a crowd of millions in such a small city.

CYBERCARNIVAL.IN 41
 CYBER VISION: INDUSTRY SPEAKS

AI coupled with tools like ChatGPT (and its variants from other companies as well) is certainly a
game changer today. Right from the academic projects of schools and colleges upto the top-
end usages of corporate level presentation involving millions worth businesses, AI based tools
are put in use to showcase one’s view point and grab the audience’s attention. No doubt, AI is a
powerful tool indeed.
AI and its misuse: Now, to the flip side of AI tools and the reliability of what they convey. With
so much penetration and so strong in conveying, one takes any presentation or video or audio
developed with an AI tool, with a sprinkling of suspicion and tinge of disdain only. Just like any
other technology like
DoS tools, hacking software, scavenging, spoofing an IP or spoofing an email etc AI is also a
technology and just like the other tools listed, AI also can be used or misused or disused and
when used with a criminal intention, (what is called mens rea in legal parlance) is certainly a
crime and punishable.
Investigation of a crime committed with an AI tools, poses a huge problem to even the tech-
savvy cops and sleuths. The intersection of AI and digital forensics represents a transformative
approach to uncovering truth in investigative processes and how they are mutually aligned is
quite an academic study that requires enormous technological capabilities. More and more
cybercrime police are being trained these days in forensic analysis to analyse, validate, and
authenticate digital evidence to present a strong case.
Presenting an AI based digital evidence: Another major issue faced by the cybercrime
stakeholders (police, investigators, security professionals etc) these days is the process of
submitting the evidence in an irrefutable manner following the legally defined process. Though
the earlier Indian Evidence Act is gone and the new Bharatiya Sakshya Adhiniyam is in place,
the certifying process for digital evidence as enshrined in the Act is still there of course with
some better clarity and process.
Usage of tools: There are many tools which can be deployed to check the authenticity of an AI
software or whether an audio or video is authentic or edited (manipulated etc), which deploy
forensic verification capabilities like
machine learning based anomaly detection
comprehensive metadata analysis
neural network-powered authenticity verification
pattern recognition algorithms
automated deep fake detections
facial and other biometric inconsistency verification

CYBERCARNIVAL.IN 42
 CYBER VISION: INDUSTRY SPEAKS

interrupted flow of audio/video clips

lighting, voice or other background inconsistencies.
Besides the above, there are many pure technology based analyses like meta data verification
(sometimes frame by frame), pixel verification for inconsistencies, user generated artifact
verification and transition pattern verification etc. All such evidence should be presented in a
court of law in an indisputable manner ensuring preservation of the e-records with hash
protected non editable devices and formats.
India is known for its technological skill and is often hailed to be a technology superpower in
the globe. In the field of AI too, there are not just big many number of companies employing
thousands of workers but also a huge number of start-ups engaged in developing AI tools
catering to diverse requirements like Fintech, Healthcare, Logistics, Market Survey, HR
Management, media like film making etc. In the AI arena too, India is doing extremely well not
only in India but by providing human resources across the globe too.
To conclude, in the days to come, though it is going to increase in popularity and usage and
become widely prevalent it may, on another side, pose tougher times for the user in finding out
which is real and which is fake and which is dependable. Especially in the area of cybercrime
scenario, surely tougher days are ahead not just for the victims to prove their point but also for
the cybercrime sleuths but for the lawyers, judicial officers and the government to be dynamic
in enacting more and more laws and defining the procedures for presentation.

V. Rajendran
Cyber Law Advocate and Chairman,
Digital Security Association of India.

CYBERCARNIVAL.IN 43
 CYBER VISION: INDUSTRY SPEAKS

Exploring the Cybersecurity Frontier: The Dual Risks of AI and

Quantum Computing

AI and quantum computing are changing cybersecurity as we enter a new technological era.
But these advancements promise major opportunities by introducing complicated challenges
that need our attention continuously. Artificial Intelligence has emerged as an important tool in
cybersecurity to detect threats with significant speed and precision exceeding human
capabilities. Key benefits with AI in cybersecurity include threat detection, identifying patterns
and anomalies indicative of cyberattacks and automated response, which enables immediate
action against potential threats. Quantum computing, based on quantum mechanics, thrusts a
major advancement over traditional computing. Quantum computers, unlike classical ones using
binary code, can handle massive datasets at exceptional speeds. This capability allows them to
solve problems that would take conventional computers a lifetime, paving the way for new
possibilities in various fields, including cybersecurity.
The Union of AI and Quantum Computing: A Double-Edged Sword
With the integration of AI and quantum computing gear towards immense potential for
enhancing security, it also introduces significant risks. This combination of technologies
establishes new vulnerabilities by which cybercriminals could exploit, leading to more
sophisticated and potent or advanced attacks.
Risk with Quantum Computing
The major concern is the potential of quantum computers to break existing encryption
algorithms which are the fundamentals to data security, and their compromise could have
catastrophic consequences. The National Institute of Standards and Technology (NIST) stated
that traditional encryption methods are vulnerable to the sheer processing power of quantum
computers, raising alarm within the cybersecurity community. As of August 2024, NIST has
approved two QC resistant ciphers such as CRYSTALS-Kyber and CRYSTALS-Dilithium to get
safeguarded against future quantum threats
AI Based Cyber Abuses
Malicious actors are rapidly adapting AI technology for harmful purposes. AI has the capability
to create highly convincing phishing emails and analyze communication patterns within
organizations to exploit vulnerabilities through social engineering. The combination of AI and
quantum computing may usher in a new era of advanced cyber threats that are increasingly
sophisticated and difficult to detect.

CYBERCARNIVAL.IN 44
 CYBER VISION: INDUSTRY SPEAKS

Preparing for the Quantum-AI Era

As these technologies continue to evolve, it is imperative to fortify our defenses. Here are some
key strategies to consider:
Implementing Quantum-Resistant Encryption: The utmost priority is to transition
encryption techniques to the three approved Federal Information Processing Standards
(FIPS) for Post-Quantum Cryptography which results from several submissions to NIST PQC
Project
Continuous Monitoring and Response: AI can be utilized for real-time system monitoring,
analyzing network traffic to detect early signs of cyber breaches. Conducting regular
system checks can
Education and Awareness: Cybersecurity is everyone’s responsibility. Organizations must
invest in training programs to educate employees about current potential threats, enabling
them to recognize and respond to suspicious activities promptly.

Current Cybersecurity Approach

The zero-trust model assumes no one is automatically trusted, reducing the risk of attacks from
any source. Collaboration among governments, businesses, and educational institutions is
crucial for sharing threat intelligence and improving collective preparedness. With the
advancement of technology, cyber threats are also evolving. Experts estimate that by 2025,
the damage caused by cybercrime will amount to $10.5 trillion annually, with AI tools playing a
role in 94% of data breaches.

Conclusion
The era of AI and quantum computing presents both opportunities and challenges.It is
important to focus on security innovation and strategic planning to manage this complex
landscape. By maintaining vigilance, updating defenses, and
encouraging collaboration across sectors, data can be protected
from evolving threats. Education and continuous dialogue about
cybersecurity are crucial for individuals and organizations in securing
our interconnected world. As we embrace the future, let us not forget
that the key to cybersecurity lies in our collective efforts and
unwavering commitment to staying one step ahead of the threats.

Satya Prakash .K
Technical Program Manager/Sr Systems
Architect at T-Mobile,USA

CYBERCARNIVAL.IN 45
 CYBER VISION: INDUSTRY SPEAKS

Governance, Risk, and Compliance: A Strategic Imperative for the

Startup organisations
Abstract
Governance, Risk, and Compliance (GRC) serve as essential pillars for any startup organisation,
operating in today’s dynamic business environment. Startups are driven by passion and
creativity and usually emphasize innovation and rapid expansion. In that process, overlooking
GRC can expose them to regulatory penalties, cybersecurity threats, and inefficiencies. A well-
structured GRC framework ensures compliance, minimizes risks, and enhances trust among
investors and customers. This Article highlights the importance of GRC for startups,
emphasizing its role in decision-making, risk management, and regulatory adherence and
business continuity. It also presents key steps for implementation, governance structures, risk
assessments, compliance measures, and technology integration. Real-world examples from
industries such as FinTech, healthcare, and e-commerce illustrate how robust GRC practices
contribute to sustainable business growth. With evolving regulatory frameworks and increasing
cybersecurity threats, startups that proactively implement GRC strategies will gain a
competitive advantage, ensuring long-term stability and resilience in a rapidly changing
marketplace.
The Significance of GRC for Startups
Startups drive innovation and disrupt traditional industries, but they also face challenges in
navigating regulatory compliances and operational complexities. Governance, Risk, and
Compliance (GRC) provide a structured approach to maintaining stability to the organisation
and the business, ensuring legal adherence, and mitigating potential risks. Establishing strong
GRC practices from the outset can enhance a startup’s credibility and pave the way for
sustainable growth.
The Expanding Startup Ecosystem
In the digital age, startups are emerging at an unprecedented pace, driven by passion,
innovating ideas and venture capital. However, rapid growth often comes with unforeseen
risks, including regulatory challenges, Cyber security issues, and operational inefficiencies.
Failing to address these risks can jeopardize a startup’s success. This makes GRC an
indispensable component of strategic planning for the organisation.
Understanding GRC: Key Components
Governance, Risk, and Compliance form a holistic approach to business management, each
playing a crucial role:
● Governance: Establishes decision-making frameworks, accountability structures, and ethical

CYBERCARNIVAL.IN 46
 CYBER VISION: INDUSTRY SPEAKS

guidelines that align with organizational objectives.

● Risk Management: Identifies, assesses, and mitigates financial, operational, reputational, and
cybersecurity risks.
● Compliance: Ensures adherence to legal, regulatory, and industry standards, protecting the
business from potential legal and financial liabilities.
By integrating GRC principles early, startups can strengthen investor confidence, improve
operational efficiency, and enhance customer trust.
Challenges Faced Without GRC
Many startups prioritize business growth and not give importance to compliance. This can lead
to significant challenges:
● Regulatory Penalties: Non-compliance to certain legal and regulatory compliances can result
in fines, legal disputes, and reputational damage.
● Cybersecurity Risks: Weak security measures can lead to data breaches, eroding customer
confidence and exposing the business to legal action.
● Operational Inefficiencies: Lack of structured governance can create bottlenecks and
decision-making delays.
● Investor Concerns: Investors seek startups with strong risk management and compliance
frameworks before committing funds.

Advantages of a Robust GRC Framework

Startups that incorporate GRC practices gain several strategic benefits:
● Improved Decision-Making: Clear governance structures streamline leadership and
operational decisions.
● Risk Mitigation: Proactive risk management prevents disruptions and enhances business
continuity.
● Regulatory Adherence: Compliance reduces the likelihood of legal issues and ensures
smooth operations.
● Stronger Stakeholder Trust: Ethical business practices foster loyalty among customers,
investors, and employees.

Steps to Implement GRC in Startups

Building a solid GRC foundation requires a structured approach:
1. Establish Governance Frameworks
○ Define leadership roles and responsibilities.
○ Develop a code of ethics and conduct.

CYBERCARNIVAL.IN 47
 CYBER VISION: INDUSTRY SPEAKS

○ Implement monitoring and evaluation mechanisms.

2.Conduct Comprehensive Risk Assessments
○ Identify risks across financial, operational, and technological domains.
○ Prioritize risks based on severity and likelihood.
○ Develop mitigation and contingency plans.
3.Ensure Regulatory Compliance
○ Stay updated on industry-specific regulations.
○ Implement policies and procedures to meet compliance standards.
○ Conduct periodic audits to identify and rectify gaps
4.Leverage Technology for GRC
○ Use GRC software to streamline compliance and risk management.
○ Strengthen cybersecurity measures to protect sensitive data.
○ Utilize data analytics for proactive risk detection.
5.Cultivate a Culture of Accountability
○ Educate employees on GRC best practices.
○ Encourage transparent communication about risks and compliance concerns.
○ Recognize and reward adherence to ethical standards.

Case Studies: GRC in Action

Several startups have successfully implemented GRC to drive growth and credibility:
● FinTech: Companies like Stripe and Plaid adhere to strict financial regulations, ensuring
secure transactions and regulatory compliance.
● Healthcare: Startups such as Teladoc Health comply with HIPAA regulations, protecting
patient data and maintaining trust.
● E-Commerce: Platforms like Shopify enforce data security and trade regulations, facilitating
global expansion while ensuring compliance.

The Role of Leadership in GRC

Effective leadership is crucial in embedding GRC into a startup’s culture. Founders and
executives should:
● Demonstrate commitment to ethical business practices and regulatory compliance.
● Allocate resources to develop and maintain a strong GRC framework.
● Regularly update policies to align with evolving regulations and market trends.

CYBERCARNIVAL.IN 48
 CYBER VISION: INDUSTRY SPEAKS

The Future of GRC in Startups

As regulations tighten and cybersecurity threats evolve, the role of GRC in startups will become
even more critical. Emerging technologies, including artificial intelligence and blockchain, are
revolutionizing GRC practices, enabling startups to automate risk detection, enhance
compliance, and improve strategic decision-making.

Conclusion
While startups prioritize innovation and speed, ignoring GRC can lead to regulatory and
operational challenges. Establishing a well-defined GRC framework not only ensures
compliance and risk mitigation but also builds a solid foundation for sustainable growth. By
proactively integrating GRC, startups can navigate complex business landscapes, gain investor
confidence, and create long-term value in a competitive market. Ultimately, GRC is more than a
regulatory necessity—it is a strategic enabler of success.

Sonali Yadav S. Guru Prasad

IT Governance and Cyber Founder & CEO
Security Associate Cybertracs Technologies &
Avanti Finance Private Ltd., Research Pvt. Ltd
Bangalore Bangalore

CYBERCARNIVAL.IN 49
 CYBER VISION: INDUSTRY SPEAKS

The Evolving Landscape of Digital Forensics: Challenges and

Innovations
In today's digital age, cybercrimes are becoming more sophisticated, posing significant
challenges for law enforcement, businesses, and cybersecurity professionals. Digital forensics,
the science of collecting, analyzing, and preserving electronic evidence, plays a crucial role in
investigating cyber incidents and ensuring justice. This field has evolved rapidly, incorporating
new technologies and methodologies to keep up with emerging threats. Digital forensics has
emerged as a crucial field in criminal investigations, cybersecurity, and corporate compliance.
From cybercrime to fraud detection, digital forensics professionals work behind the scenes to
uncover electronic evidence that can make or break a case. As cyber threats grow more
sophisticated, digital forensics will continue to evolve. Artificial intelligence and machine learning
are being integrated into forensic analysis to speed up investigations and improve accuracy.
Additionally, blockchain technology may provide new ways to ensure the integrity of digital
evidence. Digital forensics is an indispensable tool in modern investigations, helping to protect
individuals, businesses, and governments from digital threats. As technology advances, so too
must the techniques used to uncover the truth in the digital world. Artificial Intelligence (AI) and
Machine Learning (ML) are playing a transformative role in modern investigations, helping
forensic analysts process vast amounts of data, detect anomalies, and uncover hidden threats
with greater efficiency and accuracy. Digital forensics is instrumental in uncovering cybercrimes
such as data breaches, fraud, identity theft, and even cyberterrorism. By analyzing digital
footprints, forensic experts can trace malicious activities back to their source, helping
organizations and law enforcement agencies identify perpetrators and mitigate future risks. One
of the primary objectives of digital forensics is maintaining the integrity of evidence. Any digital
artifact emails, deleted files, log data, or network packets, must be handled meticulously to
ensure it remains admissible in court. Forensic specialists use sophisticated tools like EnCase,
Autopsy, and X-Ways to extract and analyze data without compromising its authenticity. Despite
its significance, digital forensics has a number of challenges, while encryption safeguards data
privacy, it also makes forensic investigations more difficult. Cybercriminals often use
anonymization tools like VPNs and the dark web to obscure their identities. With the rise of cloud
computing, IoT devices, and big data, forensic experts must sift through enormous volumes of
information, making investigations time-consuming and complex. As new technologies emerge,
forensic tools and methodologies must constantly adapt. Traditional forensic approaches may not
be effective for newer platforms like blockchain or decentralized networks. The digital forensics
sector is addressing these difficulties with cutting-edge innovations.

CYBERCARNIVAL.IN 50
 CYBER VISION: INDUSTRY SPEAKS

integrity. With the rise of cryptocurrencies, forensic analysts are developing tools to trace
transactions and identify illicit financial activities.With the increasing use of volatile memory-
based attacks, forensic investigators are focusing on RAM analysis to uncover malware,
rootkits, and other live threats. Organizations are leveraging automated forensic tools to
accelerate response times to cyber incidents, reducing potential damage and improving
resilience.As cyber threats grow more complex, digital forensic experts must continually adapt
to new challenges. Future advancements may include Quantum Computing and Digital
Forensics, Quantum computing poses both opportunities and risks, as it could enable rapid
decryption of encrypted data while also requiring new forensic methodologies. With the
expansion of 5G networks, forensic techniques will need to evolve to handle faster data
transmission and enhanced device connectivity. The use of deception technologies in
cybersecurity, such as honeypots, will provide forensic analysts with new ways to study
attacker behaviors and improve threat intelligence.Digital forensics is a rapidly growing field
that is crucial for tackling cyber threats. While challenges like encryption, data complexity, and
legal hurdles persist, advancements in AI, cloud forensics, and blockchain analysis are paving
the way for more efficient and accurate investigations. As technology continues to evolve, so
too must the tools and expertise of digital forensic professionals to ensure a safer cyber
landscape for all. The future of digital forensics is promising, with continuous innovation driving
improvements in cyber investigations and forensic methodologies.

Rajesh Joseph J
Senior Automation Specialist
Maersk

CYBERCARNIVAL.IN 51
 CYBER VISION: INDUSTRY SPEAKS

Emerging Cyber Threats & Attack Vectors: A Global Perspective

Understanding the Evolving Landscape and Countermeasures

In the contemporary digital age, the landscape of cyber threats is continually evolving, posing
significant risks to governments, businesses, and individuals worldwide. As technology
advances, so do the methods and techniques employed by cybercriminals. This article delves
into the emerging cyber threats and attack vectors that are reshaping the global cybersecurity
landscape, providing examples of notable incidents and exploring how cybersecurity
organizations are addressing these challenges.

The Rise of Emerging Cyber Threats

1. Ransomware Attacks
Ransomware attacks have surged in frequency and sophistication, becoming one of the most
prevalent cyber threats globally. These attacks involve malicious software that encrypts
victim’s data, rendering it inaccessible until a ransom is paid to the attacker. One of the most
notable examples is the WannaCry ransomware attack in 2017, which affected over 200,000
computers across 150 countries, including critical infrastructure such as hospitals and
transportation systems. Cybersecurity organizations are combating ransomware through
multiple strategies. These include developing advanced threat detection systems, promoting
regular data backups, and educating users on recognizing phishing attempts that often serve
as the initial entry point for ransomware. Tools such as SentinelOne and Carbon Black are
widely used for detecting and responding to ransomware threats.
2. Phishing and Social Engineering
Phishing and social engineering attacks exploit human psychology to trick individuals into
divulging sensitive information or performing actions that compromise security. These attacks
can take various forms, including deceptive emails, fraudulent websites, and impersonation of
trusted entities. In 2020, the COVID-19 pandemic saw a significant increase in phishing
campaigns, with cybercriminals capitalizing on public fear and uncertainty.
To counter these threats, cybersecurity organizations emphasize user education and
awareness. Training programs that simulate phishing attacks help users recognize and respond
to suspicious communications. Additionally, advanced email filtering and authentication
technologies are employed to detect and block phishing attempts. Tools like Proofpoint and
Mimecast are instrumental in filtering and preventing phishing emails.

CYBERCARNIVAL.IN 52
 CYBER VISION: INDUSTRY SPEAKS

3. Advanced Persistent Threats (APTs)

Advanced Persistent Threats (APTs) are stealthy and prolonged cyber-attacks often
orchestrated by nation-states or sophisticated cybercriminal groups. APTs aim to gain
unauthorized access to networks and remain undetected for extended periods, exfiltrating
sensitive data or conducting espionage. The SolarWinds attack in 2020, attributed to a state-
sponsored group, infiltrated numerous government and private sector networks, highlighting
the severity of APTs.
Cybersecurity organizations deploy advanced threat hunting and network monitoring solutions
to detect APTs. Collaboration between public and private sectors is crucial in sharing threat
intelligence and developing coordinated responses to these sophisticated attacks. Tools such
as FireEye and CrowdStrike Falcon are utilized for threat detection and response against APTs.
4. Internet of Things (IoT) Vulnerabilities
The proliferation of Internet of Things (IoT) devices has introduced new attack vectors for
cybercriminals. These devices, ranging from smart home appliances to industrial control
systems, often lack robust security measures, making them susceptible to exploitation. The
Mirai botnet attack in 2016 compromised thousands of IoT devices, launching a massive
Distributed Denial of Service (DDoS) attack that disrupted major internet services.
Cybersecurity organizations advocate for improved security standards and practices for IoT
devices. This includes implementing strong authentication mechanisms, regular firmware
updates, and network segmentation to isolate vulnerable devices from critical systems. Tools
like Armis and IoT Security from Palo Alto Networks are essential for securing IoT devices.

Jonathan Robin Paul,

SSM -Cybersecurity,HCL Tech

CYBERCARNIVAL.IN 53
 CYBER VISION: INDUSTRY SPEAKS

Emerging Cyber Threats & Attack Vectors

Introduction
With 20 years of experience in IT and cybersecurity, I, Rajthilak Bakthasekar, have worked with
global technology leaders such as IBM, HP, Microsoft, Bosch, and Standard Chartered.
Specializing in cloud data security, post-quantum cryptography, and confidential AI, I have
served clients across the US, UK, and Europe. This experience provides deep insights into the
ever-evolving cyber threat landscape and the challenges organizations face in securing their
digital infrastructure. Cyber threats are evolving rapidly, affecting organizations across
industries. Cybercriminals are deploying increasingly sophisticated techniques to exploit
vulnerabilities. Understanding these threats and their related attack vectors is crucial to
developing robust defense strategies. This article explores major emerging cyber threats, the
technology trends enabling them, and the preventive measures organizations can adopt.

1. The Evolving Cyber Threat Landscape

Cyber threats have evolved from individual hackers to organized cybercriminal groups,
hacktivists, state-sponsored attackers, and insider threats. These entities exploit readily
available hacking tools, exploit kits, and sophisticated techniques to breach organizations.
· Organized Cybercriminals: Focus on ransomware, data theft, and extortion.
· Hacktivists: Politically or ideologically motivated cyberattacks.
· State-Sponsored Actors: Target critical infrastructure using Advanced Persistent Threats
(APTs).
· Insider Threats: Employees or contractors misusing privileged access, intentionally or
unintentionally.

CYBERCARNIVAL.IN 54
 CYBER VISION: INDUSTRY SPEAKS

2. AI and Deepfake Threats

Artificial Intelligence (AI) enhances both cybersecurity defenses and attack techniques.
· AI-Powered Malware: Adapts dynamically to evade detection.
· Deepfake Attacks: Realistic fake media used for fraud and misinformation.
· Mitigation: Ethical AI guidelines, continuous model testing, and AI-driven anomaly detection.

3. Post-Quantum Attacks

CYBERCARNIVAL.IN 55
 CYBER VISION: INDUSTRY SPEAKS

The advancement of quantum computing threatens existing encryption standards like RSA
and ECC.
· Quantum Advantage: Quantum computers could break traditional encryption.
· Data Harvesting Attacks: Adversaries may store encrypted data now to decrypt later.
· Migration to Post-Quantum Cryptography (PQC): Organizations should follow NIST’s PQC
standards and prepare for migration.

4. Advanced Persistent Threats (APTs)

APTs are stealthy, long-term cyberattacks aimed at infiltrating networks for data theft.
· Common Techniques:
o Spear Phishing: Targeted emails with malicious payloads.

o Zero-Day Exploits: Exploiting unknown software vulnerabilities.

o Lateral Movement: Expanding access once inside a network.
· Mitigation: Threat hunting, network monitoring, and rigorous security awareness training.

5. Zero-Day Vulnerabilities

Zero-day vulnerabilities expose

organizations to attacks before
patches are available.
· Rapid Exploits: Attackers deploy
zero-day malware swiftly.
· High Impact: Can bypass
traditional security measures.
· Mitigation: Efficient patch
management, threat intelligence,
and layered security approaches.

CYBERCARNIVAL.IN 56
 CYBER VISION: INDUSTRY SPEAKS

6. Supply Chain Attacks

Cybercriminals exploit vendors, software updates, and third-party service providers to

target larger organizations.
· Third-Party Software Risks: Infected software updates spread malware.
· Hardware Tampering: Compromised hardware in manufacturing enables hidden access.
· Mitigation: Vendor risk assessments, penetration tests, and supply chain monitoring.

7. Ransomware 2.0
Ransomware has evolved to combine encryption with data theft (double extortion).
· New Tactics:
o Data Exfiltration: Threatening to leak stolen data.
o Ransomware-as-a-Service (RaaS): Attackers sell pre-built ransomware kits.
· Mitigation: Network segmentation, frequent backups, and rapid incident response.

CYBERCARNIVAL.IN 57
 CYBER VISION: INDUSTRY SPEAKS

8. Cloud and IoT Vulnerabilities

Widespread cloud adoption and the proliferation of IoT devices introduce new security
risks:
With increased cloud adoption and IoT devices, new security risks emerge.
· Cloud Misconfigurations: Data exposure due to weak security settings.
· Shared Responsibility: Organizations must secure their own data and configurations.
· IoT Risks: Poorly secured IoT devices can be exploited for DDoS attacks.
· Mitigation: Regular cloud audits, security automation, and IoT firmware hardening.

9. Social Engineering and the Human Factor

Cybercriminals manipulate people into revealing sensitive data through deception.

· Phishing & Smishing: Emails/SMS tricks to steal credentials.
· Pretexting: Fake scenarios to gain trust and extract information.
· Impersonation & Tailgating: Physical intrusion tactics.
· Mitigation: Security awareness training, phishing simulations, and multi-factor
authentication (MFA).

CYBERCARNIVAL.IN 58
 CYBER VISION: INDUSTRY SPEAKS

10. Best Practices for Mitigation

To defend against modern cyber

threats, organizations should
adopt a multi-layered security
approach:
1. Threat Intelligence & Hunting:
Real-time threat monitoring and
proactive hunting.
2. Security by Design: Embedding
security in the software
development lifecycle (SDLC).
3. Zero Trust Architecture (ZTA):
Enforce least privilege access
and continuous verification.
4. Regular Training: Equip
employees to recognize cyber
threats.
5. Incident Response & Recovery:
Maintain a documented response
plan, perform drills, and secure
backups.
6. Quantum Security Planning:
Prepare for post-quantum
encryption to protect future data.

11. Conclusion
As cyber threats evolve with AI, deepfakes, quantum computing, and APTs,
organizations must proactively invest in cybersecurity, prioritize employee training, and
remain vigilant.
By fostering a security-first mindset, leveraging emerging technologies, and embracing
continuous monitoring, organizations can strengthen their cyber defences and stay
ahead of attackers.

12. References & Sources

· NIST Cybersecurity Framework
· OWASP Top 10 Security Risks
· Cybersecurity Ventures: Global Cybercrime Costs

Rajthilak Bakthasekar
Associate Vice President, Information & Cybersecurity
Standard Chartered Bank, Chennai, India.

CYBERCARNIVAL.IN 59
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

Modern Security Architecture: Building Resilient Digital Fortresses

In today's rapidly evolving digital landscape, traditional security approaches are no longer sufficient to
protect organizations from sophisticated cyber threats. Modern security architecture has emerged as a
critical framework that goes beyond conventional perimeter defenses to create robust, adaptive, and
intelligent security systems. This article explores the latest innovations and best practices in security
architecture that are reshaping how organizations protect their digital assets.

The Evolution of Security Architecture :

The journey from traditional to modern security architecture reflects the changing nature of our digital
world. Where organizations once operated within clearly defined network boundaries, today's business
environment is characterized by cloud services, remote work, and interconnected systems. This
transformation has driven the need for more sophisticated and flexible security approaches that can
protect assets regardless of their location or how they're accessed. Security architecture has evolved
from simple firewalls and antivirus solutions to comprehensive frameworks that integrate multiple layers
of protection. Modern approaches consider everything from user identity and behavior to data
classification and application security. This holistic view ensures that security is woven into every aspect
of an organization's digital infrastructure.

Foundation of Modern Security Architecture :

At the heart of modern security architecture lies the principle of defense in depth. This approach creates
multiple layers of security controls that protect critical assets even if one layer is compromised. Key
components include:
Network Security: Modern networks are segmented and monitored continuously, with
advanced threat detection systems that can identify and respond to suspicious activities in
real-time. Micro-segmentation techniques create secure zones that limit an attacker's ability to
move laterally through the network.
Identity Management: Strong identity and access management systems ensure that only
authorized users can access specific resources. Multi-factor authentication, biometric
verification, and risk-based access controls work together to verify user identities and
intentions.
Data Protection: Sophisticated encryption methods protect data both at rest and in transit.
Data classification tools automatically identify and protect sensitive information, while data loss
prevention systems prevent unauthorized data exfiltration.
Emerging Trends and Technologies :
The field of security architecture continues to evolve with new technologies and approaches.
DevSecOps practices are transforming how security is integrated into the development process. By
embedding security testing and controls throughout the development lifecycle, organizations

CYBERCARNIVAL.IN 60
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

can identify and address vulnerabilities before they reach production. Automated security
testing, Security as Code practices, and continuous security monitoring ensure that security
remains a priority at every stage of development. Artificial Intelligence has become a game-
changer in security architecture. AI-powered systems can automatically detect and respond to
threats, perform dynamic risk assessments, and even predict potential security issues before
they occur. Self-healing security systems can automatically isolate and repair compromised
components, reducing the impact of security incidents. The growth of IoT and edge computing
has introduced new challenges and opportunities. Edge security has become crucial, with
distributed security controls protecting assets at the network edge. Local data processing and
filtering reduce the exposure of sensitive data, while autonomous security systems can make
real-time decisions without central oversight.

Implementation Challenges and Solutions :

Organizations face several challenges when modernizing their security architecture. Legacy
system integration often proves difficult, as older systems may not support modern security
protocols. The persistent skill gap in new technologies can make it hard to find qualified
personnel to implement and maintain advanced security systems. Cost considerations also play
a significant role, as implementing modern security architecture requires investment in new
tools, training, and infrastructure. Compliance requirements add complexity, requiring
organizations to balance security innovations with regulatory obligations.

To address these challenges, organizations should:

- Develop a clear roadmap for security architecture modernization
- Invest in training and skill development for security teams
- Partner with experienced security providers when needed
- Implement changes gradually to manage costs and minimize disruption
- Maintain strong documentation and change management processes

Best Practices for Success :

Successful security architecture implementation relies on following established best practices.
Organizations should apply security controls at every layer of their infrastructure, creating
multiple lines of defense against potential threats. The principle of least privilege access should
be strictly enforced, ensuring that users and systems have only the minimum access required
for their functions. Design for resilience is crucial, enabling systems to maintain security even
during partial failures.

CYBERCARNIVAL.IN 61
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

Maintaining visibility across all systems helps security teams identify and respond to threats
quickly, while automation reduces human error and improves response times.

Implementation should follow a structured approach:

1. Begin with a thorough assessment of current architecture
2. Define clear security requirements aligned with business needs
3. Create and follow a phased implementation plan
4. Monitor and measure effectiveness continuously
5. Update and improve security controls regularly

Looking to the Future :

As technology continues to evolve, security architecture must adapt to new challenges and
opportunities. Emerging technologies like quantum computing will require new approaches to
encryption and security. The expansion of 5G networks and edge computing will drive the need
for more distributed security controls. Organizations that successfully implement modern
security architecture will be better positioned to protect against evolving cyber threats. By
combining strong foundational security practices with innovative technologies and approaches,
organizations can create resilient security frameworks that protect their assets while enabling
business growth and innovation.

Conclusion :
Modern security architecture represents a fundamental shift in
how organizations approach cybersecurity. By embracing new
technologies and methodologies while maintaining strong
security fundamentals, organizations can build resilient digital
fortresses that protect against current and future threats.
Success requires careful planning, ongoing adaptation, and a
commitment to security at every level of the organization. Thamizharathiyan
B.Tech CS 2020 - 24
SRMIST RMP

CYBERCARNIVAL.IN 62
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

The Rise of Online Loan Scams: A Wake-Up Call

In recent times, online loan scams have become a widespread menace, not just in India but
globally. Despite continuous warnings from the government and Internet Service Providers
(ISP) through caller tunes and public advisories, many individuals still fall victim to these
fraudulent schemes. One of the most alarming trends in Tamil Nadu is the rise of online loan
scams that prey on unsuspecting individuals. These scams typically involve fraudsters posing
as legitimate loan providers who offer quick and easy loans. They entice victims with attractive
offers, claiming minimal paperwork and instant approval. However, the reality is far from what
is promised. A real-life incident that recently came to light involves an electrician, a friend of my
uncle, who fell prey to such a scam. He received a call from a supposed loan provider promising
a personal loan. Believing it to be genuine, he proceeded with the process. The scammers
demanded payments at various stages, claiming these were for processing fees, taxes, and
insurance. They even provided fake screenshots of loan approvals to gain his trust. Over time,
he ended up paying a total of Rs. 40,000 before realizing he had been duped. When he
approached the police for help, he was met with skepticism and was even reprimanded for his
lack of awareness. Shockingly, this particular scam had been operational for a long time,
targeting many innocent individuals. This case is just one among many, highlighting how easily
people fall for such deceptive tactics. Beyond loan scams, there are also rising cases of OTP
fraud, identity theft, and false accusations leading to cyber arrests. Many individuals, unaware
of these dangers, unknowingly become victims. The need for cyber awareness has never been
greater. People must be educated on how to identify such scams
and protect themselves. Here are a few crucial tips to stay safe:
1. Verify the Legitimacy – Always check if the financial institution is
registered and licensed.
2. Avoid Upfront Payments – No legitimate lender asks for
processing fees before loan approval.
3. Beware of Unrealistic Offers – If it sounds too good to be true, it
probably is.
4. Check Official Websites – Always verify offers on the official
website of banks or NBFCs.
AATHISH M
B.TECH CS 2020 - 24
SRMIST RMP

CYBERCARNIVAL.IN 63
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

DEFENSIVE STRATEGIES AND RISK MANAGEMENT:

SECURING THE DIGITAL FRONTIER
In today’s hyper-connected world, cyber threats are no longer a matter of “if” but “when.” The rise of
sophisticated cyberattacks, from AI-driven malware and ransomware to deep fake fraud and supply
chain breaches, has rendered traditional cybersecurity measures insufficient. Organizations must now
shift from reactive defence mechanisms to proactive cybersecurity strategies that focus on threat
prevention, risk mitigation, and rapid incident response.
For decades, cybersecurity relied on perimeter-based defences such as firewalls, intrusion detection
systems (IDS), and antivirus software. However, as cybercriminals exploit insider threats, stolen
credentials, and supply chain vulnerabilities, traditional security models have become obsolete. Zero
Trust Architecture (ZTA) offers a more resilient approach by enforcing strict access controls and
continuous authentication. A 2023 Forrester report found that organizations implementing Zero Trust
security experienced a 50% reduction in security breaches compared to those relying on traditional
perimeter defences.

Key Principles of Zero Trust:

Least-Privilege Access – Employees, vendors, and contractors receive only the access necessary to
perform their tasks, limiting the risk of insider threats.
Continuous Monitoring – Behavioural analytics track real-time activity to detect unusual access
patterns.
Micro-Segmentation – Network segmentation prevents attackers from moving laterally if they breach
one system.

Zero Trust in Action

Tech giants like Google, Microsoft, and IBM have fully adopted Zero Trust models, ensuring that every
login, device, and request is authenticated before granting access. Governments are also mandating
Zero Trust adoption, with NIST’s 800-207 framework guiding organizations toward secure
implementation (NIST, 2022).

AI-Driven Cybersecurity: A Game-Changer

Cybercriminals are increasingly using AI to automate attacks, making defensive AI a necessity. AI-driven
cybersecurity solutions enhance:
Threat Detection – AI analyses network traffic to detect anomalies and attack patterns in real time.
Automated Response – AI-powered Security Orchestration, Automation, and Response (SOAR) tools
can contain threats instantly, reducing human intervention.
Reducing False Positives – Security teams are often overwhelmed by false alerts. AI prioritizes
genuine threats, improving efficiency.

CYBERCARNIVAL.IN 64
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

How AI Enhances Security

A 2023 IBM Security report found that AI-powered security reduces incident response times
by 90%, significantly minimizing financial losses. AI is particularly effective in:
Detecting ransomware attacks before encryption occurs.
Identifying deepfake-based fraud used in phishing scams.
Securing cloud environments by analysing user behaviour and access patterns.

However, AI is also being weaponized by cybercriminals to bypass security controls, generate

undetectable malware, and manipulate authentication systems. This arms race between
defensive and adversarial AI highlights the need for continuous security updates and adaptive
machine learning models.

The Foundation of Cyber Resilience: Risk Management

Cybersecurity is not just about preventing attacks—it’s about limiting damage, ensuring quick
recovery, and maintaining business continuity. A structured risk management framework
helps organizations identify vulnerabilities, prioritize mitigation efforts, and prepare for worst-
case scenarios.
1. Risk Assessment: Identifying & Prioritizing Threats
Organizations must conduct regular risk assessments to answer:
Which assets are most valuable? – Customer data, financial records, intellectual property,
etc.

CYBERCARNIVAL.IN 65
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

What threats pose the highest risk? – Ransomware, phishing, insider threats, etc.
How can resources be allocated effectively? – Prioritizing critical security investments.
By ranking threats based on likelihood and impact, companies can prevent costly cyber
incidents before they occur (Gartner, 2023).
2. Incident Response & Business Continuity
Even with strong defences, no organization is immune to cyberattacks. Having a well-defined
incident response plan (IRP) ensures rapid containment and recovery.
Detection & Analysis – Security teams leverage Security Information & Event Management
(SIEM) tools to detect suspicious activities.
Containment & Eradication – Affected systems are isolated to prevent the attack from
spreading.
Recovery & Learning – Operations are restored while security measures are strengthened to
prevent future incidents.
According to IBM’s 2023 Cost of a Data Breach Report, organizations with a well-executed
incident response plan reduced breach costs by an average of $2.66 million.
3. Compliance & Cyber Insurance: Preparing for the Worst
With strict data privacy laws such as GDPR, HIPAA, and CCPA, regulatory compliance is
essential to avoid lawsuits, fines, and reputational damage. Additionally, cyber insurance is
becoming a standard business investment—covering financial losses from ransomware attacks,
data breaches, and system outages.
In 2023, cyber insurance premiums surged by 30%, reflecting the growing demand for financial
protection against emerging cyber threats (Microsoft Security Report, 2023).

Looking Ahead: What’s Next for Cybersecurity?

The cybersecurity landscape is rapidly evolving, with new challenges on the horizon. Key
trends to watch include:
AI-Powered Cyberattacks – Cybercriminals are using deepfake technology to execute fraud
and AI-generated malware to bypass security tools.
Quantum Computing & Encryption Risks – Future quantum computers could break current
encryption protocols, necessitating quantum-resistant cryptography.
Supply Chain Security – Third-party vendors are now primary targets, requiring
organizations to enforce end-to-end security assessments.
To stay ahead, cybersecurity must shift from defensive strategies to resilience-building,
ensuring that even in the event of a breach, organizations can recover with minimal disruption.

CYBERCARNIVAL.IN 66
 ALUMNI UNPLUGGED: CYBER
JOURNEYS

Conclusion
The modern cybersecurity landscape demands a multi-layered, intelligence-driven approach to
defend against evolving cyber threats. Organizations must integrate Zero Trust frameworks,
AI-powered
security, and structured risk management strategies to build cyber resilience.
By adopting proactive security measures, businesses can minimize cyber risks, strengthen
operational continuity, and stay ahead of adversaries. In today’s digital battlefield,
cybersecurity is not just a technical necessity, it’s a strategic imperative.

Saiharikrishnan M
Associate technical analyst – Network security
Computacenter India
B tech CS 2019 - 2023
SRMIST RMP

CYBERCARNIVAL.IN 67
 THE PROFESSOR’S CONSOLE

AI-Based Blockchain: A Revolutionary Integration

The integration of Artificial Intelligence (AI) with Blockchain technology is transforming various
industries by enhancing security, efficiency, and automation. Blockchain, a decentralized and
immutable ledger, ensures transparency and trust in transactions, while AI, with its ability to
analyze vast amounts of data and make intelligent decisions, brings automation and predictive
capabilities. When combined, AI enhances blockchain by improving data analysis, optimizing
smart contracts, and detecting fraudulent activities, while blockchain ensures the integrity and
security of AI-generated data.

AI can enhance blockchain security by identifying anomalies and preventing cyber threats,
making transactions more reliable. Additionally, AI-driven smart contracts can automate
decision-making processes, reducing human intervention and enhancing efficiency. Blockchain
also benefits AI by providing a secure and decentralized data-sharing framework, ensuring
data integrity and eliminating biases in AI training models. This synergy is particularly useful in
sectors like finance, healthcare, supply chain management, and cybersecurity, where secure
and intelligent automation is crucial.

As AI and blockchain continue to evolve, their combination has the potential to reshape
industries by making data-driven processes more secure, transparent, and efficient. The future
of AI-based blockchain applications is promising, paving the way for a smarter and more secure
digital ecosystem.

Dr. A. Umamageswari
Associate Professor and HoD
BDA & CC

CYBERCARNIVAL.IN 68
 THE PROFESSOR’S CONSOLE

AI in Cyber Threat Intelligence

Artificial Intelligence (AI) has become a transformative force in the field of Cyber Threat
Intelligence (CTI), enabling organizations to proactively identify, analyze, and respond to cyber
threats with unprecedented speed and accuracy. By leveraging machine learning algorithms, AI
can process vast amounts of data from diverse sources, such as network logs, threat feeds,
and dark web forums, to detect patterns and anomalies that may indicate potential cyber
attacks. This capability is particularly valuable in today’s threat landscape, where the volume
and sophistication of attacks are increasing exponentially. AI-driven CTI systems can
automatically correlate data points, identify emerging threats, and provide actionable insights,
reducing the burden on human analysts and allowing them to focus on strategic decision-
making. One of the key advantages of AI in CTI is its ability to enhance threat detection and
prediction. Traditional methods of threat intelligence often rely on rule- based systems or
manual analysis, which can be time-consuming and prone to human error. In contrast, AI
models can continuously learn from new data, adapt to evolving attack techniques, and predict
potential threats before they materialize. For example, AI can identify indicators of compromise
(IOCs) associated with known malware families or detect unusual behavior that may signify a
zero-day exploit. AI models require high-quality, labeled data to function effectively, but
obtaining such data can be difficult due to privacy concerns and the sensitive nature of cyber
security information. To address these challenges, organizations must adopt a balanced
approach that combines AI with human expertise, ensuring that AI-driven insights are validated
and contextualized by experienced analysts. By doing so, AI can serve as a powerful tool in the
fight against cyber threats, enhancing the resilience and agility of modern cyber security
operations.

Dr.K.Ramya,
Assistant Professor / CS & GT,
SRMIST, Ramapuram

CYBERCARNIVAL.IN 69
 THE PROFESSOR’S CONSOLE

Deep Instinct: Deep Learning-Based AI for Preemptive Malware Prevention

Deep Instinct is a cyber security platform that leverages deep learning to provide predictive
and preemptive malware prevention. Unlike traditional signature-based or heuristic security
solutions, Deep Instinct uses deep neural networks to detect and block threats before
execution, offering advanced protection against Zero-day malware, Ransomware, Advanced
Persistent Threats (APTs), Fileless attacks, Polymorphic malware etc., Deep Instinct utilizes a
proprietary deep learning model designed specifically for cybersecurity.
The system is trained on vast amounts of malware and benign files to learn complex attack
patterns. Unlike traditional machine learning, deep learning can autonomously improve its
detection capabilities without manual feature engineering. Instead of reacting to malware
execution, Deep Instinct blocks threats before they execute, reducing risk significantly. Works
in real time, requiring no cloud connectivity for threat detection. The deep learning model offers
99%+ detection rates while maintaining very low false positives, which is a common issue with
traditional antivirus solutions.

The AI model runs locally on endpoints, consuming minimal CPU and memory resources.
Provides real-time malware prevention without impacting system performance

Key Features of Deep Instinct

Preemptive Threat Prevention – Blocks malware before execution, unlike EDR solutions that
rely on detection and response after an attack starts.
Zero-Day Threat Defense – Identifies and prevents new and unknown malware variants
without needing frequent updates.
Anti-Ransomware Protection – Detects ransomware attacks before they can encrypt files.
Cross-Platform Security – Supports Windows, macOS, Linux, Android, and iOS.
Fileless & Memory-Based Attack Prevention – Prevents in-memory exploits and fileless
malware, which traditional security tools often miss.

CYBERCARNIVAL.IN 70
 THE PROFESSOR’S CONSOLE

Challenges & Considerations

1. High Initial Training Complexity: Deep learning models require extensive training before
deployment.
2. Not a Full EDR Solution: While Deep Instinct prevents threats, organizations may still need
an EDR/XDR solution for forensic analysis and remediation.
3. Cost Considerations: Advanced AI-powered solutions can be more expensive than
traditional AV or EDR platforms. Deep Instinct is a next-generation cybersecurity solution
that leverages deep learning for\ preemptive malware prevention. Unlike traditional antivirus
or EDR solutions, it stops attacks before they execute, providing high accuracy, low false
positives, and minimal performance impact.

Ms. S. LAKSHMI
Assistant Professor / CS & GT,
SRMIST, Ramapuram

CYBERCARNIVAL.IN 71
 THE PROFESSOR’S CONSOLE

Zero Trust Architecture: The Future of Cyber security in a Perimeterless World

Zero Trust is a security concept and framework that fundamentally shifts the approach to network
security. The traditional security model assumes that everything inside an organization’s network is
trusted and everything outside is untrusted. Zero Trust, on the other hand, assumes that no one whether
inside or outside the network is automatically trusted, and every access request must be verified and
authenticated before being granted. The core principle of Zero Trust is: “Never trust, always verify.” In
Zero Trust, authentication and authorization happen at every access attempt, not just once when a user
logs in. Every device, user, and application must be continuously validated before being allowed access
to resources. Multi-factor authentication (MFA) is a critical aspect to enhance security and verify the
identity of users and devices. Least privilege ensures that users, devices, and applications are given the
minimum level of access they need to perform their tasks, and nothing more. This limits the damage in
case an attacker gains access to an account. Granular access control policies determine who gets
access to what, and under what conditions. Micro-segmentation involves dividing the network into
smaller, more manageable segments and applying strict access controls between them. This prevents
lateral movement within the network and isolates sensitive systems and data. Even if an attacker
compromises one segment of the network, they cannot easily move across to others. All traffic (both
internal and external) is treated as untrusted and must be inspected, monitored, and logged. This
includes analyzing traffic patterns and behaviors to detect anomalies. Every device accessing the
network is continuously monitored and validated. This includes smartphones, laptops, IoT devices, and
even servers. Devices must comply with security policies, such as using up-to-date operating systems,
being free of malware, and having proper encryption. Access to resources is granted based on dynamic
policies, which can factor in things like user role, device health, location, and time of access. These
policies can adjust in real time based on contextual factors. For example, if an employee is trying to
access sensitive data from a new location or a new device, the system
might prompt for additional authentication or deny access altogether.
Zero Trust isn’t just about controlling who gets into the network; it’s also
about securing and protecting sensitive data. Encryption is often used
to ensure data confidentiality, both at rest and in transit. It can also
involve data loss prevention (DLP) strategies to monitor and control the
movement of data, ensuring that it doesn’t leak or get misused. There
are several vendors and solutions that support the Zero Trust
framework Palo Alto Networks, Zscaler, Okta.

Ms. M. Chitra
Assistant Professor / CS & GT,
SRMIST, Ramapuram

CYBERCARNIVAL.IN 72
 THE PROFESSOR’S CONSOLE

Notable Cyber Incidents

1. Colonial Pipeline Ransomware Attack
In May 2021, the Colonial Pipeline, a major fuel pipeline in the United States, fell victim to a
ransomware attack by the DarkSide group. The attack forced the pipeline to shut down
operations, leading to fuel shortages and widespread disruption. The incident underscored the
vulnerability of critical infrastructure to cyber-attacks and prompted a renewed focus on
securing essential services.
2. Facebook Data Breach
In 2018, Facebook experienced a data breach that exposed the personal information of millions
of users. The breach, attributed to a vulnerability in the platform’s code, highlighted the risks
associated with large-scale data collection and the importance of robust security measures in
protecting user data.
3. NotPetya Malware Attack
The NotPetya malware attack in 2017, initially targeting Ukrainian organizations, quickly spread
globally, causing widespread damage to businesses and critical infrastructure. The malware
resembled ransomware but was designed to cause destruction rather than extort money. The
attack caused billions of dollars in damages and emphasized the need for comprehensive
cybersecurity strategies.
Handling Emerging Cyber Threats
Cybersecurity organizations worldwide are adopting various measures to address the growing
complexity and sophistication of cyber threats. These efforts encompass technological
advancements, policy frameworks, and collaborative initiatives.
1. Threat Intelligence Sharing
Sharing threat intelligence among organizations and sectors is crucial in identifying and
mitigating cyber threats. Platforms such as Information Sharing and Analysis Centers (ISACs)
facilitate the exchange of threat data, enabling organizations to stay informed about emerging
threats and vulnerabilities. Collaborative efforts enhance the collective defense against cyber-
attacks. Tools like ThreatConnect and Anomali are valuable for threat intelligence sharing.
2. Zero Trust Architecture
The Zero Trust security model assumes that threats can originate both outside and inside the
network perimeter. It emphasizes strict access controls, continuous monitoring, and verification
of users and devices. Implementing Zero Trust principles helps organizations reduce the attack
surface and limit the potential impact of breaches. Solutions such as Okta and Palo Alto

CYBERCARNIVAL.IN 73
 THE PROFESSOR’S CONSOLE

Networks’ Zero Trust are widely used to implement Zero Trust security.
3. Artificial Intelligence and Machine Learning
Artificial intelligence (AI) and machine learning (ML) technologies are revolutionizing
cybersecurity by enabling proactive threat detection and response. These technologies can
analyze vast amounts of data in real-time, identifying anomalies and patterns indicative of
cyber threats. AI-driven solutions enhance incident response capabilities and improve overall
security posture. Tools like Darktrace and IBM QRadar leverage AI and ML for advanced
cybersecurity.
4. Cybersecurity Workforce Development
Addressing the shortage of skilled cybersecurity professionals is essential in combating
emerging threats. Organizations are investing in training programs, certifications, and
partnerships with educational institutions to develop a robust cybersecurity workforce.
Encouraging diversity and inclusion in the cybersecurity field also brings varied perspectives
and innovative solutions.
5. Regulatory and Policy Frameworks
Governments and regulatory bodies play a vital role in establishing cybersecurity standards
and regulations. Frameworks such as the General Data Protection Regulation (GDPR) and the
Cybersecurity Maturity Model Certification (CMMC) mandate stringent security practices and
compliance requirements. These regulations ensure that organizations adhere to best practices
and are accountable for protecting sensitive data.
6. Incident Response and Recovery
Preparing for and responding to cyber incidents is critical in minimizing the impact of attacks.
Incident response plans outline the steps organizations should take in the event of a breach,
including containment, eradication, and recovery. Regular drills and simulations help
organizations refine their response strategies and enhance resilience. Tools such as Splunk and
IBM Resilient are commonly used for incident response and recovery.

Dr.J.Jospin Jeya
Assistant Professor / CS & GT,
SRMIST, Ramapuram

CYBERCARNIVAL.IN 74
 THE PROFESSOR’S CONSOLE

SOCIAL ENGINEERING ATTACK- SCAPE GOAT OR ESCAPE GOAT

Social Engineering Attack:

The art of manipulating people so that they give up confidential information or breaking
standard security practices is called the social engineering attack.
A Real Case Study:
I’m sharing my experience of Shailesh, with a scam targeting job seekers by impersonating FIS
Global. I hope this article helps to protect others from falling into the same trap as scape goat.
Here’s what happened:
1. Fake HR Contact: He was contacted by someone named Talha Tahir, claiming to be an HR
from FIS Global, with an email from info@fis-careers.com. It looked legitimate, and they
approached him professionally about a Data Analyst position and conducted online test.
2. Enticing Job Offer: They sent a well-crafted offer letter for the role, making it sound like an
amazing opportunity.
3. Suspicious Requirement: They said he had to complete a TensorFlow course costing INR
22,999 as a prerequisite for the role, with a promise to reimburse it later.
4. Collection of Personal Documents: To make it seem authentic, they asked for sensitive
documents—my PAN Card, Aadhar card, passport photo, college degree, school marks
cards, and certificates.
5. Payment Details & Contact Information: They provided details for the payment:
Account Holder Name: Kaif
Phone Numbers: +91 70658 99608 and +91 87504 46996
Lessons to be Learned & Tips for Everyone:
Verify the company email address and always double-check
with the official company website.
Don’t send payments or personal documents for a job unless
you’ve confirmed it’s legitimate.
Report such scams to cyber crime authorities to prevent them
from targeting others.
Stay vigilant, everyone, and spread the word to protect fellow job
seekers.
Dr. Revathy.S
Assistant Professor / CS & GT,
SRMIST, Ramapuram

CYBERCARNIVAL.IN 75
 THE PROFESSOR’S CONSOLE

Cyber Forensics and Incident Response: Safeguarding the Digital

World

In today’s digital age, cyber threats are more sophisticated and widespread than ever before,
making cyber forensics and incident response crucial in maintaining security and mitigating risks.
Cyber forensics, also known as digital forensics, is the practice of investigating cybercrimes by
collecting, preserving, and analyzing digital evidence. It plays a key role in uncovering security
breaches, identifying perpetrators, and ensuring justice in both corporate and legal settings.
Incident response, on the other hand, is the structured approach organizations take to detect,
contain, and recover from cyberattacks. A well-defined incident response plan (IRP) helps
businesses minimize damage, reduce downtime, and prevent future attacks. The process typically
involves preparation, detection, analysis, containment, eradication, and recovery, followed by a
post-incident review to strengthen security strategies.
Cyber forensics and incident response go hand in hand. Forensic experts analyze compromised
systems, trace attack vectors, and gather evidence to support legal proceedings. Meanwhile,
incident response teams act swiftly to contain threats and restore operations. Emerging
technologies like artificial intelligence, machine learning, and automation are enhancing forensic
investigations and improving real-time threat detection.
With cyber threats constantly evolving, organizations must invest in proactive security measures,
including continuous monitoring, employee training, and adherence to regulatory standards. Cyber
forensics and incident response are indispensable in today’s cybersecurity landscape, ensuring
resilience against digital threats and safeguarding critical information.

Ms.Sneha Priya
Assistant Professor / CS & GT,
SRMIST, Ramapuram

CYBERCARNIVAL.IN 76
 STUDENT’S CORNER

GhostGPT: The AI Tool Empowering a New Era of Cybercrime

Cybercriminals are progressively utilizing sophisticated AI technologies to carry out illegal
activities, with the introduction of GhostGPT representing a notable advancement in this area.
GhostGPT is an AI chatbot that generates content aimed at aiding the development of malware,
phishing messages, and various cyber threats. In contrast to conventional AI models that have
built-in safeguards to deter misuse, GhostGPT functions without such limitations, rendering it a
powerful asset for cybercriminals. Researchers at Abnormal Security found that GhostGPT is
available for purchase on cybercrime forums and can be accessed through Telegram, offering
anonymity and user-friendliness for those with malicious intentions. The chatbot is probably
linked to a modified version of ChatGPT or another large language model, allowing it to produce
uncensored and harmful content. This easy access reduces the entry barrier for less
experienced cybercriminals to carry out advanced attacks, as they can acquire ready-made
tools without needing extensive technical skills. The functionalities of GhostGPT are broad. It
has the ability to generate harmful code, produce stealthy malware, design phishing websites,
and compose persuasive emails for business email compromise (BEC) schemes. In evaluations,
GhostGPT successfully created a believable DocuSign phishing email template, showcasing its
possible effectiveness in actual situations.The emergence of tools like GhostGPT comes after
the introduction of other AI chatbots such as WormGPT and FraudGPT, which have been
employed to create phishing emails and engage in various deceptive practices. The widespread
availability of these tools highlights a troubling trend in which AI is being leveraged to improve
the scope and complexity of cyberattacks. The presence of AI-driven tools on platforms such
as Telegram, along with assertions of non-tracked user actions, poses considerable challenges
for cybersecurity experts. With these tools becoming increasingly available, the likelihood of
extensive damage rises, requiring a unified response from the cybersecurity sector to reduce
the risks linked to AI-facilitated cyber threats.

ARGHA PAL
3rd CSE Cyber Security

CYBERCARNIVAL.IN 77
 STUDENT’S CORNER

Article on Cybercrimes
Cybercrime involves illegal activities targeting or utilizing computers, networks, or systems.
These crimes can harm individuals, organizations, or governments.

Cybercrime Against Individuals:

These crimes target a person's private information, often leading to reputational, mental, or
physical harm. Key examples include:
1. Hacking: Unauthorized access to devices or networks to steal data, commit fraud, or
cause damage.
2. Cyberbullying: Using technology to harass, threaten, or embarrass someone repeatedly.
3. Identity Theft: Stealing personal information to access financial or other benefits without
consent.

Cybercrime Against Governments:

Cyberattacks on governments can have severe consequences, including:
Data Loss: Sensitive information about citizens, national security, or the military can be
stolen and sold on the dark web or used by malicious groups.
Disrupted Operations: Hackers can compromise networks to interrupt governmental or
organizational activities.
Ransomware: Cybercriminals can lock critical data, demanding ransom for its release.

Preventive Measures:
Strong cybersecurity policies, awareness, and robust technologies are vital to mitigating the
risks of cybercrime at all levels.

J.V.S.S. KARTHIKEYA
3rd CSE Cyber Security

CYBERCARNIVAL.IN 78
 STUDENT’S CORNER

Cybersecurity: Your Invisible Bodyguard, From Dawn to Dusk

Your smartphone alarm goes off next to you to start the day. As you swipe to turn it off,
biometric authentication ensures that only you can unlock your device. You skim through your
notifications, blissfully oblivious of the algorithms that safeguard your phone from phishing
messages, bogus news sites, and harmful apps. You head to the kitchen and ask your smart
assistant about the weather. As it responds, layers of encryption protect your personal
information, preventing hackers from accessing your smart gadgets. The coffee machine hums
another connected gadget that depends on secure IoT protocols to work properly. While driving
to work, your phone connects to your car's Bluetooth system, safely delivering your favorite
podcast. While stopped in traffic, you utilize a navigation app to reroute, while GPS data and user
activities are encrypted and anonymized to avoid unauthorized usage. Cybersecurity is
extremely important in the workplace. Firewalls and enterprise-grade security
solutions safeguard your office's Wi-Fi, keeping important client emails and team collaboration
tools hidden. Multi-factor authentication provides you access to your systems by verifying your
identity before you even begin typing. Lunchtime arrives, and you place an order using a delivery
app. The secure payment gateway encrypts your transaction information, protecting your credit
card credentials from prying eyes. The app protects your personal information, such as your
address and order history. As nighttime falls, you unwind by watching your favorite TV. Content
delivery systems offer a seamless viewing experience while keeping your account safe from
unauthorized access. Later, while searching for a late-night sale online, the browser alerts you to
potential phishing scams on suspicious websites. Before going to bed, you charge your
electronics. Automatic updates run quietly in the background, correcting issues you had no idea
existed. As you fall asleep, your data is safe, cybersecurity is working around the clock to secure
your digital life. In conclusion, cybersecurity works nonstop from the
time we wake up until we go to sleep, acting as the unseen protector of
our digital life. It ensures the security of our sensitive information by
seamlessly protecting our personal devices as well as encrypting our
transactions and online activities. As technology advances and we rely
more on interconnected gadgets, cybersecurity will become
increasingly important in ensuring our privacy, safety, and peace of
mind. Just as we trust a bodyguard to defend us in the physical world,
we must also trust cybersecurity to protect us in the digital sphere.
TRINITA JAMES
2nd CSE Cyber Security

CYBERCARNIVAL.IN 79
 STUDENT’S CORNER

Cryptojacking: Your CPU, Their Bitcoin

Ever felt like your laptop is trying to audition as a jet or rocket engine?? If so, congratulations,
you might be mining cryptocurrency, but not for yourself. The sneaky art of hijacking your CPU
or GPU to mine coins like Monero without your consent. Here’s how it works: attackers embed
browser-based scripts into websites or ads. The moment you visit an infected page, your
system gets roped into mining cryptocurrency. No downloads, no pop-ups just your processor
working overtime in the background, chewing up resources faster than your fan can keep up.
And it’s not just browsers; some malware infects devices directly, silently running mining
operations in the background. The impact? Let’s talk energy. A single cryptojacking script can
increase your system’s power usage significantly. On a small scale, it’s an inconvenience
slower performance, higher bills, and a laptop that feels like a toaster. But on a larger scale,
cryptojacking networks collectively burn through massive amounts of electricity, with some
studies suggesting cryptomining consumes as much energy annually as small countries. If your
electric bill suddenly spikes, don’t blame the AC blame Monero miners who’ve turned your
hardware into their personal ATM. The worst part? It’s profitable for attackers. Unlike
ransomware, where victims might refuse to pay, cryptojacking quietly generates income 24/7,
as long as infected devices keep running. The solution? Stay updated on software, use anti-
cryptojacking browser extensions, and don’t ignore your overheating laptop it’s not just a fan
problem. Cryptojacking may be low-key theft, but it’s a reminder that in cybersecurity, even
your CPU cycles are valuable. So, unless you want to be the Robin Hood of Monero miners, lock
down your system. Your wallet and your electric bill will thank you.

SHASHIKUMAR EZHILARASU
2nd CSE Cyber SecuritY

CYBERCARNIVAL.IN 80
 STUDENT’S CORNER

Cloud Security: Why It’s Tricky & How to Stay Safe

Cloud computing is a game-changer, making life easier and more efficient. However, it also
comes with security risks that can turn your cloud storage into a hacker’s playground. Data
breaches have exposed millions of records due to overlooked security measures, proving that
cloud security is not something to take lightly.
One of the biggest challenges is data breaches and unauthorized access. A single
misconfiguration can leave your data vulnerable to hackers. Human errors, such as
mistakenly setting storage permissions to "public," can expose sensitive information to the
world. Another common issue is the confusion over responsibility—cloud providers secure
the infrastructure, but the data remains the user’s responsibility, a lesson many businesses
learn the hard way.
Insider threats pose another serious risk, as employees with access—whether careless or
malicious—can become security vulnerabilities. DDoS attacks can also cripple cloud services
by overwhelming servers with fake traffic. Additionally, weak APIs act as open windows for
cybercriminals, allowing unauthorized access if not properly secured. On top of all that, failing
to comply with legal regulations like GDPR can lead to hefty fines and legal troubles.
To secure cloud environments, organizations must take proactive steps. Implementing Multi-
Factor Authentication (MFA) adds an extra layer of security beyond passwords. Encrypting
data, both in transit and at rest, ensures it remains protected even if intercepted. Continuous
monitoring and logging of activities help detect suspicious behavior in real time. Securing
APIs and keeping software updated prevents vulnerabilities from being exploited. Finally,
regular data backups are essential to recovering from potential cyber disasters.
Cloud computing offers immense benefits, but only when security
is prioritized. Taking the right precautions can help businesses
and individuals stay ahead of threats and ensure their data
remains safe.

ANUGRAHA SANTHANAM
1ST CSE AIML

CYBERCARNIVAL.IN 81
 STUDENT’S CORNER

CYBERSECURITY AND IT’S LAYERS

Cybersecurity is the practice of protecting systems, networks, and data from cyberattacks that
aim to steal, alter, or destroy sensitive information. It involves multiple layers of defense to
ensure security at every level.
The human layer is often the weakest link in cybersecurity. Training employees to recognize
threats, establishing clear security policies, and enforcing Multi-Factor Authentication (MFA)
and the Principle of Least Privilege (PoLP) can reduce risks. Encouraging employees to report
suspicious activity and monitoring behavior helps detect cyber threats early. With remote work
becoming common, using VPNs and avoiding unsafe Wi-Fi networks is essential to maintaining
security.
The perimeter security layer acts as a digital fortress, blocking external threats before they
reach internal systems. Firewalls filter traffic to prevent unauthorized access, while Intrusion
Detection and Prevention Systems (IDS/IPS) identify and stop malicious activity. VPNs encrypt
connections, ensuring secure remote access for employees working from different locations.
At the network layer, secure communication is a priority. Using encrypted protocols like HTTPS,
implementing network segmentation to isolate sensitive data, and deploying anti-malware and
antivirus solutions help prevent cyberattacks from spreading within an organization’s
infrastructure.
The application security layer focuses on protecting software. Secure coding practices help
prevent vulnerabilities from being exploited, while regular security scans identify weak spots
before hackers do. Web Application Firewalls (WAFs) serve as an additional barrier, blocking
attacks on web-based applications.The endpoint security layer ensures that individual devices
are protected. Antivirus programs and Endpoint Detection and Response (EDR) systems
continuously monitor for threats, allowing quick action if a breach occurs.Lastly, the
data security layer safeguards critical information. Encryption
prevents unauthorized access to sensitive data, while regular
backups ensure that information can be restored in case of loss or
ransomware attacks. Access controls further limit data exposure by
restricting access to authorized users only.

KRISHNA SANTHANAM
1ST CSE CC

CYBERCARNIVAL.IN 82
 STUDENT’S CORNER

Unmasking Cyber Threats: The Role of Digital Forensics in Cybersecurity

In today’s hyper-connected world, cyber threats are not just evolving—they are becoming
increasingly elusive. As cybercriminals refine their tactics, the role of digital forensics in
cybersecurity has grown more vital than ever. Digital forensics plays a key role in
investigating cybercrimes, uncovering hidden digital trails, and strengthening legal cases
against malicious actors. Cyber forensics involves the collection, preservation, and analysis
of digital evidence to reconstruct cyber incidents. Whether investigating data breaches,
financial fraud, or cyber espionage, forensic experts rely on cutting-edge techniques such as
memory forensics, network traffic analysis, and blockchain forensics to track down
perpetrators and attribute cyberattacks. One of the biggest challenges in cyber forensics is
anti-forensic tactics used by criminals to erase or manipulate evidence. Encryption,
obfuscation, and steganography are commonly used to hide illicit activities. However,
advancements in forensic tools powered by artificial intelligence and machine learning are
improving the ability to recover and analyze even the most concealed traces of digital
evidence. The rise of cloud computing and decentralized networks has also posed new
forensic challenges. Traditional forensic methods must evolve to accommodate cloud-based
investigations, remote data acquisition, and real-time analysis. Cooperation between law
enforcement agencies, cybersecurity experts, and forensic analysts is crucial in adapting to
this new digital landscape. As we celebrate the Cyber Carnival, let’s acknowledge the
growing importance of digital forensics in cybersecurity. Are we equipping ourselves with the
right tools and knowledge to combat cyber threats effectively? By embracing innovation in
forensic investigations, staying ahead of adversaries, and fostering collaboration, we can
ensure a safer and more secure digital future. Stay vigilant, stay forensic-ready.

SWAPNA GUPTA
3RD CSE CYBERSECURITY

CYBERCARNIVAL.IN 83
 STUDENT’S CORNER

Cyber Security: The Digital Doctors

In the vast digital landscape we navigate daily, cyber threats lurk like invisible viruses, waiting
for the perfect moment to strike. Just as doctors protect us from physical illnesses,
cybersecurity professionals act as digital doctors—diagnosing, treating, and preventing cyber
infections that could cripple our digital well-being. Imagine waking up one morning to find your
bank account drained, your personal photos leaked, or your company's data held hostage by
cybercriminals. Sounds terrifying, right? This is where cybersecurity experts step in, much like
doctors responding to a health emergency. They assess symptoms (suspicious activities),
diagnose the problem (malware, phishing, hacking attempts), and prescribe the right remedies
(firewalls, encryption, security patches). But their role doesn't stop at treating digital ailments;
they are also preventive specialists. Just as doctors advise us to exercise and eat healthily,
cybersecurity professionals educate us on strong passwords, safe browsing habits, and the
importance of regular software updates. Their work ensures that individuals, businesses, and
even governments remain shielded from the ever-evolving cyber threats. Yet, much like in
healthcare, the battle against cyber threats is ongoing. New digital diseases emerge every day,
requiring innovative solutions and constant vigilance. The cyber doctors are always at work—
tirelessly patching security vulnerabilities, monitoring networks, and fighting unseen battles to
keep our online world safe. As we continue to integrate technology into every aspect of our
lives, let’s not forget to appreciate these digital doctors. They are the unsung heroes in a world
where data is the lifeblood, working behind the scenes to ensure a secure and healthy
cyberspace for us all.

MAMITHA SHREE
3RD CSE CYBERSECURITY

CYBERCARNIVAL.IN 84
 STUDENT’S CORNER

Digital Shadow: The Cyber Ghost that imposes Threats

In today’s hyper-connected world, every online action leaves a trace. Whether it’s browsing
websites, using mobile apps, or simply having an email account, you are constantly
generating data—most of which you are unaware of. Imagine walking through a crowded
street, leaving behind footprints that reveal where you’ve been, what you’ve done, and even
where you’re headed next. Now, imagine those footprints are digital, and cybercriminals can
track them effortlessly. Welcome to the age of digital shadows—a cybersecurity risk that
most people don’t even realize exists.

What is a Digital Shadow?

Digital shadow is the unintended trail of data you leave online. Unlike your digital footprint
(which includes social media posts and accounts you willingly create), your shadow consists
of data collected about you without your direct input. This includes:
Metadata from emails and messages - Information about when and where messages
were sent.
Location history from mobile apps - Even when location services are off, some
applications track movements.
Browsing habits and online purchases - Search engines, advertisers, and websites collect
behavioural data to profile users.
Face recognition data from social media photos - Photos uploaded online can train AI
systems to identify individuals.

Why is Digital Shadow Dangerous?

While it may seem harmless, cybercriminals exploit this shadow to target individuals and
organizations. AI-powered tools scan public databases, breached records, and social media
activity to reconstruct your life in minutes. This can lead to :
Spear Phishing Attacks – Personalized scams using information from your online habits.
Identity Theft – Hackers piecing together details to impersonate you.
OSINT (Open-Source Intelligence) Exploitation – Attackers using publicly available data to
breach security systems.
Create ultra-realistic phishing scams – Hackers use your habits to craft emails that seem
shockingly real.
Steal your identity – By piecing together leaked information, someone can pretend to be
you.

CYBERCARNIVAL.IN 85
 STUDENT’S CORNER

Mitigating the Risks:

1. Limit Data Exposure – Adjust privacy settings, disable unnecessary tracking, and avoid
oversharing personal details.
2. Use Secure Communication Channels – Encrypted messaging apps and privacy-focused
browsers help minimize tracking.
3. Regularly Monitor Your Online Presence – Conduct self-audits by searching your name and
removing outdated or sensitive data.
4. Stay Updated on Data Breaches – Use services that notify you if your personal data has
been exposed.
5. Limit Data Sharing – Disable location tracking on apps, avoid oversharing personal details,
and review privacy settings.

Conclusion :
As our digital lives become increasingly integrated into every aspect of our day-to-day
routines, the risks associated with our digital shadows continue to grow. While technology has
brought unparalleled convenience, it has also created an environment where personal data is
constantly being harvested, often without our full awareness. This data, though seemingly
innocuous on its own, can be pieced together to build a comprehensive profile of an individual,
which cybercriminals can exploit for malicious purposes.Organizations must not only protect
the data they collect but also educate their employees and customers about the growing risks
of digital surveillance and data exploitation. At the individual level, we must take responsibility
for how much of ourselves we expose online, using privacy tools and adopting best practices
to safeguard our personal information.

B.NITHYASRIEE
3RD CSE CYBERSECURITY’

CYBERCARNIVAL.IN 86
 STUDENT’S CORNER

6G and 5G Mobile Forensics Tool

With the rise of 5G and 6G networks, mobile connectivity has reached new heights, offering
faster speeds and improved efficiency. However, this advancement also brings new security
challenges, including unauthorized surveillance, fake cell towers, and network spoofing. To
address these risks, our team of three cybersecurity enthusiasts is developing a 5G/6G
Mobile Forensics Tool—a solution designed to help investigators analyse mobile network
activity, detect anomalies, and secure forensic evidence. Our tool, built using Python, utilizes
Android Debug Bridge (ADB) to extract key network details such as network type (5G/6G),
cell tower information, and IMSI catcher detection. These insights help in identifying
suspicious activity, including fake base stations that can intercept mobile communications.
One of the key aspects of our project is strong encryption using AES, ensuring that all
collected forensic data remains protected and cannot be tampered with. Investigators will
have the ability to securely decrypt and analyse logs when needed, preserving the integrity of
digital evidence. Unlike traditional network monitoring tools, our forensic tool is automated
and user-friendly, making it easy for cybersecurity professionals, law enforcement, and
forensic analysts to gather real-time network intelligence. It continuously collects and logs
network activity, offering valuable insights for tracking cyber threats and identifying potential
security breaches. Currently, our project is still under development, and we are working on
adding GPS tracking, AIpowered anomaly detection, and real-time alerts to enhance its
capabilities. With cyber threats evolving alongside new technologies, having a dedicated
forensic tool for 5G and 6G networks is becoming increasingly important. Through this
project, we aim to contribute to a safer digital landscape by empowering forensic
investigators with better tools for mobile security.

KENNETH ROJAS ARTHUR

3RD CSE CYBERSECURITY

CYBERCARNIVAL.IN 87
 STUDENT’S CORNER

DIGITAL FOOTPRINTS 101

Your Data Is Tracked Without Your Knowledge
Every click, search, comment leaves a digital trace behind! Digital footprints are traces we
leave behind with each and every online activity. Two types are involved in this context,
namely, Active digital footprints which are created when a user intentionally shares their
personal information,as in the cases of social media,intentional acceptance to cookies and
online shopping. On the flip side, passive digital footprints are when information is collected
unbeknownst to the user, as in the cases of, browser history and installation of cookies from
websites without disclosing it.

Loopholes In Data Privacy

The catch here is, the user may not have access to remove or erase that data, neither do they
stand a chance to control how their data will be used. There’s no certainty that digital footprints
can be fully eliminated,they are often permanent.This awareness should make us more cautious
about what we write, upload or download or even browse online as there are possibilities of
misuse .Shadow digital footprints is another menace, it involves data collection about the user
existing online through indirect means such as third party data collection from social media,
information collected through public records and other indirect sources.

Digital Safety Checklist

In light of these threats, here are some guardrails for digital safety. Ensure safe browsing
practices and incognito mode which refrains from storing data. Clear cookies regularly and
block third-party cookies to prevent from websites tracking your data or browsing habits.
Encrypt your communications and use end to end encryptions for sending sensitive
information. Although total online data privacy is complex, awareness and prevention can be
the best countermeasures against the inescapable nature of online data collection.

SIVAPRIYA.M
2ND CSE CORE

CYBERCARNIVAL.IN 88
 STUDENT’S CORNER

Fintech Cybersecurity: Protecting Your Wallet in the Digital Age

Have you ever wondered how secure your money really is in today's digital age?
From digital wallets to crypto trading, fintech has transformed how we handle finances-but it
has also opened doors for cybercriminals. With sensitive data and large transactions at stake,
ensuring cybersecurity in fintech is no longer a choice; it's a necessity.

The Rise of Threats :

As fintech grows, so do cyber threats. Consider these real-world incidents:
Phone Call Scams: Fraudsters will claim to be a bank official, asking you to share OTPs or PINs,
claiming your account is at risk.
Email Phishing: Scammers send emails that look like they're from trusted platforms like Paytm
or Google Pay, tricking users into clicking malicious links.
Fake Loan Apps: These apps offer "quick loans" but secretly steal personal data and exploit it.
Binance Crypto Hack: In 2022, Binance, one of the largest cryptocurrency exchanges, lost
$570 million in a breach caused by a vulnerability in its blockchain.
Fake UPI Apps in India: The scammers were replicating genuine UPI payment interfaces to
collect user data. As we Know To combat this, the Indian government has stepped in with
awareness initiatives, such as sending alert SMS's and even using phone caller tunes to warn
public about new way of scams. These cases show how critical it is for fintech companies and
users alike to prioritize cybersecurity.
Cybersecurity Solutions for Fintech :In the ever-evolving fintech world, staying one step
ahead of cyber threats requires a combination of innovative technology and user awareness.

Here are some ways fintech platforms are enhancing security:

AI-Powered Fraud Detection: Ever wonder how apps flag suspicious transactions so quickly?
Platforms like Zelle are leveraging AI to analyse user behaviour in real time, instantly spotting
unusual patterns and blocking fraud before it escalates.
Blockchain Security: Blockchain is often hailed as a secure technology, but even it has room for
improvement. For example, after incidents like the Binance hack, companies have started
focusing more on securing private keys and conducting thorough audits of their smart
contracts to prevent vulnerabilities.

CYBERCARNIVAL.IN 89
 STUDENT’S CORNER

Multi-Factor Authentication (MFA):

You've likely seen apps asking for an OTP or even using biometrics like fingerprints. Platforms
such as Razor pay use these extra layers of security to ensure only you can access your
account, making unauthorized access nearly impossible.

User Awareness Programs:

Sometimes, we, as users, can be the weakest link in security. That's why platforms like Stripe
take the time to educate their users-whether it's through app notifications, emails, or blog
posts-on how to avoid phishing scams and stay vigilant.
By combining cutting-edge technologies with proactive communication, the fintech community
is working hard to make our digital financial world safer. And as users, staying informed and
adopting these best practices can make a huge difference!

Conclusion
With cybercrime on the rise and fintech changing the way we handle money, staying secure is
something we all need to take seriously. Every step we take-like using secure platforms,
enabling
extra protections, and staying alert-helps create a safer digital world for everyone.
So, are you doing enough to protect your digital finances? Together, by being more aware and
careful, we can keep fintech safe and trustworthy for the future..

POOJYA SREE V
2ND CSE CYBERSECURITY

CYBERCARNIVAL.IN 90
 STUDENT’S CORNER

Email Security: Protecting Digital Communication

Email security has become a cornerstone of modern cybersecurity strategy, especially as
organizations face increasingly sophisticated threats. At its core, email security relies on three
fundamental authentication protocols: SPF, DKIM, and DMARC, working together to create a
robust defense against email-based attacks. SPF acts as the first line of defense, verifying that
emails come from authorized servers. By maintaining a list of approved sending sources in DNS
records, organizations can prevent email spoofing and reduce the risk of phishing attacks.
DKIM (DomainKeys Identified Mail) adds another layer of protection by attaching a digital
signature to each email, ensuring the message hasn't been tampered with during transit.
DMARC builds upon these protocols by providing clear instructions to receiving servers about
handling emails that fail authentication checks. This system not only blocks fraudulent emails
but also gives organizations valuable insights into potential security threats that could arise.
Beyond these authentication measures, Data Loss Prevention systems play a crucial role in
preventing data exfiltration. DLP policies monitor outgoing emails for sensitive information,
blocking unauthorized data transfers and protecting against both accidental leaks and
malicious insider threats. With the average cost of a data breach reaching millions of dollars,
strict DLP enforcement has become non-negotiable for businesses of all sizes.
Organizations must also recognize that technical solutions alone aren't enough. Regular
security awareness training helps employees identify phishing attempts and understand the
importance of following security protocols. Combined with robust authentication measures and
DLP systems, this creates a comprehensive approach to email security. As cyber threats
continue to evolve, maintaining strong email security isn't just
about protecting communications, it's about safeguarding an
organization's data, reputation, and bottom line. By
implementing these essential security measures and regularly
updating security policies, businesses can significantly reduce
their risk of email-based attacks and data breaches.

GOKUL R
3RD CSE CYBERSECURITY

CYBERCARNIVAL.IN 91
 STUDENT’S CORNER

Cyber Security – BE VIGILANT !

"Cybersecurity aims to protect devices, networks, software and data from external cyber
threats," - Rodney Royster
CYBERSECURITY is all about keeping computer systems and electronic data safe.
Cybersecurity compromises of all the technologies and practices that keeps the electronic data
secure . As cybercrimes have increased in recent days, cybersecurity professionals are
increasingly needed to protect data and information.

WHY IS CYBER SECURITY PIVOTAL ?

It aims at protecting the functional data and services from external sources which might lead
into a cyber threat. This sector also helps in assisting remote workspaces and creates a
pathway to build trust and credibility among one’s own personal as well as professional data.

CYBER ATTACKS AND THREATS :

Cyber attack is an effort taken by the unauthorized community to access computer systems
and data to expose, modify or disable information. Cyber attacks are of various types :
PHISHING : Involves users into fraudulent links through the channels of email and social
media.
RANSOMWARE : involves the term called “encryption”, where an individuals or greater
organization’s data is encrypted through various harmful malwares.
SOCIAL ENGINEERING : It aims at deceiving users for sensitive information through phone
calls wanting for one time passwords and direct password thefts.
Types of cyber securities also include : Cloud security, Infrastructure security , Iot, network
security.
CYBER AWARENESS :
One can stay safe from cyber threats by using strong passwords ,
avoiding suspicious links and keeping software updated. Also
cyber tools such as :
antivirus software
firewalls,
IDS and IPS

YOGITHA D
1ST CSE BDA

CYBERCARNIVAL.IN 92
 STUDENT’S CORNER

Cybercrimes: A Modern-Day Menace

Cybercrimes involve illegal activities leveraging technology to harm, steal, or disrupt. In today’s
interconnected world, these crimes pose serious challenges to individuals, corporations, and
governments.

Cybercrimes Targeting Individuals

Individuals are often the primary victims of cyberattacks, with hackers exploiting personal data
for malicious purposes. Key examples include:
1. Social Engineering – Manipulating individuals to share sensitive information, like passwords
or credit card details.
2. Revenge Porn – Sharing private images or videos without consent, leading to emotional and
reputational harm.
3. Credential Theft – Stealing login credentials to access financial accounts or sensitive
services.

Cybercrimes Affecting Larger Entities

Organizations and governments face significant risks from targeted cyberattacks, which can
have severe consequences. Hacktivism involves cyberattacks by activist groups aiming to
disrupt services or promote political agendas. Malware infections deploy malicious software to
corrupt or steal sensitive data, compromising security and operations. Election interference is
another critical threat, where digital systems are manipulated to influence democratic
processes.
To combat cybercrimes effectively, several measures must be implemented. Installing robust
firewalls and antivirus software helps defend against malicious attacks. Regular cybersecurity
training ensures employees are aware of potential threats and can act cautiously. Governments
must enforce stricter laws against cybercriminals to deter illicit
activities. Additionally, encouraging ethical hacking allows
security experts to identify and fix vulnerabilities before malicious
hackers exploit them.By fostering awareness and investing in
cybersecurity infrastructure, society can better tackle the ever-
evolving threats of cybercrimes.

MRUTHUN VIJAY
2ND CSE AIML

CYBERCARNIVAL.IN 93
 STUDENT’S CORNER

Cyber and Digital Forensics

Cyber and digital forensics is a critical field that focuses on investigating and responding to
cyberattacks. It combines knowledge from computer science, law enforcement, and
investigative methods to analyze digital evidence left by cybercriminals.As cyber threats
become more sophisticated, digital forensics plays a vital role in identifying attackers,
mitigating risks, and preventing future incidents
The process of cyber forensics involves several stages. First, cyberattacks are identified
through indicators of compromise (IOCs), such as abnormal network traffic, unauthorized
access, or malware. After detection, forensic experts work quickly to contain the threat and
preserve evidence, which may include system data, logs, network traffic, and mobile devices.
Ensuring the integrity of this evidence is crucial for its admissibility in court.
Once the evidence is collected, forensic professionals analyze it to understand how the attack
occurred, identify vulnerabilities, and trace the responsible party. This process can be
challenging due to the use of encryption, spoofing, and anonymizing tools by attackers, which
make attribution difficult. After analysis, the next step is to recover and remediate affected
systems by removing malware, patching vulnerabilities, and improving security measures.
Despite its importance, digital forensics faces challenges, including the large volume of data
generated by modern devices, the use of encryption, and legal and ethical concerns regarding
privacy. Attribution is also complex, as cybercriminals often use tools like VPNs or botnets to
hide their identity. In conclusion, digital forensics is essential in investigating, responding to,
and preventing cyberattacks. It helps organizations understand cyber threats, respond to
incidents, and strengthen their defenses. As technology evolves and cyberattacks grow more
complex, digital forensics will continue to play a vital role in cybersecurity and upholding the
law.

PRIYADHARSHINI
2ND CSE CYBER SECURITY

CYBERCARNIVAL.IN 94
 STUDENT’S CORNER

Poem: The Cyber Trap

A message pops, so loud and bold,

“Click this link, you have won gold!”
But I know better; I will not be tricked,
These cyberelite’s are old and cruel.
They steal your data, observe your screen,
Acting all nice and tidy.
One move, and your files are vacant,
Your secrets lifted before sunrise.
So, you gotta (stay alert), don’t fall as quickly,
Stop, think before you click or you blast.
RAJ DWIVEDI
There are cascades of schemes in the online world, 2ND CSE AIML
Nothing is how it seems!

JESHEBA FEDORAH
2ND CSE CORE

CYBERCARNIVAL.IN 95
 STUDENT’S CORNER

KOMAL BHARATI
2nd CSE CS

SAKETH REDDY
3rd CSE CS

CYBERCARNIVAL.IN 96
 STUDENT’S CORNER

BHAVAN KRISHNA
1ST CSE CORE

ISHAA J V
2nd CSE CORE

CYBERCARNIVAL.IN 97
 DEPARTMENT ACTIVITIES

CYBER CARNIVAL ‘24 – INAUGURAL CEREMONY & CYBER CONCLAVE

The Cyber Carnival '24, organized by the Department of CSE (Cybersecurity) at SRM IST,
Ramapuram, was inaugurated on February 12, 2024, at the TRP Auditorium. The event
featured keynote sessions, panel discussions, and expert insights from industry leaders like
Shri. S. Gopinath (NIC, Chennai) and Dr. Juliet Rajan (Microsoft) on the latest cybersecurity
trends. The unveiling of the Cyber Chronicle magazine and a promo video added to the
excitement. The event successfully fostered awareness and innovation in cybersecurity

CYBERCARNIVAL.IN 98
 DEPARTMENT ACTIVITIES

Cyber Awareness Campaign: Empowering Minds for a Safer Digital Future

The Department of CSE (Cybersecurity), SRMIST, Ramapuram, organized a Cyber

Awareness Campaign on February 13, 2024, as part of Cyber Carnival’24. The event
featured cyber awareness stalls, mime acts, and a human chain to promote
cybersecurity awareness among students. Led by Dr. M. Murali Krishna (Dean), the
campaign engaged over 500 students, emphasizing online safety and data protection.
The initiative successfully fostered a culture of cybersecurity awareness on campus.

CYBERCARNIVAL.IN 99
 DEPARTMENT ACTIVITIES

SRMIST Ramapuram’s CSE-Cybersecurity department

hosted a Poster Design Competition on March 11,
2024, as part of "Cyber Jagrookta Diwas – Fifth
Edition." The event, inaugurated by Dr. K. Raja,
encouraged students to showcase creativity on
"Cyber Hygiene and Digital Wellness" through
handmade and digital posters. Planned by Dr. Shiny
Duela J and Dr. Sathya Priya, with support from
faculty coordinators and student coordinator Bhavna
J, the competition was a grand success, highlighting
cyber awareness and security

SRMIST Ramapuram’s CSE-Cybersecurity

department hosted a one-day workshop,
Exploring Cybersecurity through the
Industry Lens, on March 15, 2024. Led by
alumnus Mr. Saiharikrishnan M,
Associate Technical Analyst at
Computacenter India, the session
provided hands-on training on SIEM
Azure Sentinel, Red RDP Brute Force
attack tracking, and geolocation-based
threat analysis, enhancing students’
cybersecurity awareness.

CYBERCARNIVAL.IN 100
 DEPARTMENT ACTIVITIES

A guest lecture on Mastering

Vulnerability Assessment and
Penetration Testing was held
on March 22, 2024, where
students gained hands-on
experience with Burp Suite
Professional and Caido,
exploring web security,
network penetration testing,
and exploit development under
expert guidance.

A guest lecture on Cyber Security &

Ethical Hacking was held on April 8, 2024,
providing students with insights into
cybersecurity concepts, ethical hacking
techniques, and threat mitigation
strategies. Organized by the Department
of CSE with Cybersecurity specialization
at SRM IST, Ramapuram, the session
enhanced awareness of digital asset
protection and security testing.

CYBERCARNIVAL.IN 101
 DEPARTMENT ACTIVITIES

A Poster Presentation Competition on

“Cybersecurity in the Age of AI: Risks,
Challenges, and Opportunities” was
held on August 7, 2024, as part of
Cyber Jagrookta Diwas - Seventh
Edition at SRM IST, Ramapuram. The
event showcased student’s creativity
and technical insights, with top teams
presenting innovative perspectives on
AI’s impact on cybersecurity

The Investiture Ceremony of Eleet Club

2024 at SRM IST, Ramapuram, held on
22nd August 2024, honored new office
bearers, marking a new chapter in
cybersecurity leadership. Guest speaker
Mr. Shyam Sundar (KPMG) shared
insights on risk management, inspiring
students to excel in the field. The event
emphasized cyber safety, leadership,
and the club’s vision for the year ahead.

CYBERCARNIVAL.IN 102
 DEPARTMENT ACTIVITIES

Guest Lecture on Modern Practices in Digital Forensics: Exploring the

Future of Cyber Investigation

The Department of CSE (Cybersecurity) at SRM IST, Ramapuram successfully hosted a one-
day workshop on "Modern Practices in Digital Forensics" on August 30, 2024. Mr. Sylesh
(Senior Manager, DFIR, Alibi Technologies) delivered an insightful session on evolving
forensic techniques. 65 students participated, gaining hands-on experience with FTK Imager,
Autopsy, and TryHackMe. The event, coordinated by Dr. Visnu Dharsini and Ms. Sridevi,
was a great success in enhancing students' practical cybersecurity skills.

CYBERCARNIVAL.IN 103
 DEPARTMENT ACTIVITIES

On 8th October 2024, the

Department of CSE
(Cybersecurity) at SRM IST,
Ramapuram, organized a Guest
Lecture on "Securing the Digital
Frontier: Privacy and Security
Challenges in the Age of AI."
Experts from Microsoft and T-
Mobile shared insights on AI-
driven cybersecurity threats,
enriching student’s knowledge on
emerging security trends.

The Department of CSE (Cybersecurity)

hosted a guest lecture on "From Attacks
to Defense: Real-Time Cyber Attacks and
Their Prevention" on January 8, 2025, as
part of the 10th Cyber Jagrookta Diwas.
Dr. S. Revathy delivered an insightful
session on detecting and responding to
cyber threats. Around 60 second-year
Cybersecurity students gained valuable
knowledge to strengthen their careers in
cybersecurity.

CYBERCARNIVAL.IN 104
 DEPARTMENT ACTIVITIES

The Department of Cybersecurity, SRM IST,

Ramapuram, officially launched the Cyber
Carnival Website – Third Edition on
January 10, 2025, at the BMS Conference
Hall. The event, inaugurated by Dr. M.
Sakthi Ganesh (Dean), introduced an
immersive VR technology experience for
this year’s carnival. Faculty, students, and
dignitaries witnessed the launch, marking a
new milestone in innovation.

SRM IST, Ramapuram, in

collaboration with DRDA & SERP,
Andhra Pradesh, conducted a
Cyber Awareness Program – A
Successful Initiative on 24th & 25th
January 2025. Led by the
Department of Cybersecurity, III-
year students educated staff on
digital security. DRDA and SERP
appreciated SRMIST for promoting
cybersecurity awareness!

CYBERCARNIVAL.IN 105
 DEPARTMENT ACTIVITIES

Cyberthon '25 Valedictory Ceremony: A Celebration of

Cybersecurity Excellence

The grand finale of Cyberthon '25 at SRMIST, Ramapuram was a proud moment of
recognition, where the winners and participants were celebrated for their exceptional
skills in cybersecurity. Team 0xZ3RODAY from Sri Ramakrishna Engineering
College, Coimbatore, claimed the first prize of ₹30,000, while Team Fire Bytes 2.0
from Saveetha Engineering College, Chennai, took home ₹20,000 as the runner-
up. Mr. Ramu Para, Director of Cybersecurity at HTC Global Services, awarded the
prizes to the deserving teams, with heartfelt gratitude expressed to all those who
contributed to the event’s success. The ceremony also featured a motivating speech
by Mr. Rajesh Kannan, Vice President at Barclays, who shared insights into the
evolving cybersecurity landscape and the importance of continuous learning. As
Cyberthon '25 concluded, the event left a lasting impact, fostering innovation,
collaboration, and excellence in cybersecurity, bridging the gap between academia
and industry.

CYBERCARNIVAL.IN 106
 DEPARTMENT ACTIVITIES

Industrial Visit to HTC Global Services – 04.02.2025

106 students from III Year CSE - Cybersecurity, SRMIST Ramapuram, visited HTC
Global Services, Chennai, for an insightful session on cybersecurity trends, cloud
security, and industry applications. Guided by faculty coordinators, students
engaged in interactive Q&A, explored security frameworks, and gained career
insights. The visit bridged academia and industry, providing a valuable real-world
learning experience. Heartfelt thanks to HTC Global Services for their hospitality and
knowledge-sharing!

CYBERCARNIVAL.IN 107
 STUDENT ACTIVITIES

Final-year B.Tech Cybersecurity students Dig Vijay, Sowndarya Lakshmi, and

Hemanth Kumar are gaining hands-on experience at the Cyber Crime Division,
Pondicherry Police during their internship. From digital forensics to cyber law
enforcement, they are actively involved in real-time cybersecurity operations. This
internship, starting January 2025, is a significant step in shaping their careers in
cybercrime investigation.

CYBERCARNIVAL.IN 108
 STUDENT ACHIEVEMENTS

Sanjay Sagar and Rohith C from 2nd year CS Attended SummitUp2024 hosted by
NSRCEL IIMB, where industry experts shared insights on launching and scaling startups.
Sessions covered everything from the fundamentals of starting a business to the critical
factors that influence a venture capitalist’s decision. The networking sessions were
particularly impactful, providing opportunities to connect with fellow entrepreneurs,
exchange business cards, and build meaningful relationships.

CYBERCARNIVAL.IN 109
 STUDENT ACHIEVEMENTS

The School of Computer Science and Engineering proudly congratulates our first year
students, Vishwakshenan, Josh Thomas, Srisaimurari (CSE E), Keshav (CSE CS C),
and Ashmit Saxena (CSE H) for securing the Second Top position in Ingenium 4.0
during TANTROTSAV '25 at Amrita Vishwa Vidyapeetham, Chennai. Their team,
Roadstars, excelled among nine teams, reaching the final round and winning a
₹10,000/- cash prize! A remarkable achievement showcasing their dedication,
teamwork, and innovation. Wishing them continued success!

CYBERCARNIVAL.IN 110
 STUDENT ACHIEVEMENTS

Heartiest Congratulations to Rithanya

The Department of Computer Science and Engineering w/s in Cybersecurity, at SRM Institute
of Science and Technology (SRMIST) extends its warmest congratulations to Rithanya for
winning the Radio City Super Singer Season 16 Grand Finale!
Rithanya, a second-year student in our CSE-Cybersecurity program, has showcased
remarkable talent and dedication. Her soulful voice and unwavering passion have truly set her
apart, earning the admiration of both the judges and the audience. We are incredibly proud to
see one of our own shine on such a prestigious platform.

Her singing skill was judged by esteemed judges – V.V. Prasanna, Srilekha Parthasarathy,
and Dharan Kumar.

CYBERCARNIVAL.IN 111
 STUDENT ACHIEVEMENTS

At Cyber Carnival ’24, held at SRMIST Ramapuram on February 12th–13th, the team
participated in Behind the Crime, a thrilling cybersecurity challenge that tested
investigative and analytical skills. With strategic thinking, teamwork, and technical
expertise, the case was successfully cracked, securing first place in the event! This
achievement highlights a strong passion for cybersecurity and a commitment to tackling
digital challenges. Gratitude goes to the organizers and mentors for this opportunity,
paving the way for future explorations in the field.

CYBERCARNIVAL.IN 112
 STUDENT ACHIEVEMENTS

Students demonstrated exceptional technical skills at TECHMATRIX'24, hosted by Velammal

Engineering College. PortOS (Portable Operating System) secured first place in the Paper
Presentation category, highlighting innovative research and presentation excellence. During
the Project Presentation, an unexpected bug was swiftly resolved, showcasing quick
problem-solving under pressure. The event provided a platform for learning, networking,
and knowledge sharing, making it a valuable experience for all participants. A proud
achievement in the journey of innovation and excellence!

CYBERCARNIVAL.IN 113
 SEMESTER ABROAD PROGRAM

SRM IST Students Secure Admission to Binghamton University

Five final-year B.Tech Cybersecurity students from SRM IST, Ramapuram, have
secured admission to Binghamton University, New York, under the 3.5+1.5 degree
program. M.K. Sundeep, S. Shreejiha, Y. Hemapriya, Dhanushkumar M, and
Ashwathaman S have completed their seventh semester and are continuing their
eighth semester at Binghamton University. This achievement highlights SRM IST’s
commitment to global education. We wish them success in their academic journey!

Global Exposure: SRM IST Student at

National Tsing Hua University,
Taiwan

Niranjan Acharya, a fourth-year B.Tech

Cybersecurity student at SRM IST, Ramapuram,
successfully pursued his sixth semester at National
Tsing Hua University, Taiwan. This international
academic experience reflects SRM IST’s
commitment to providing students with global
learning opportunities. We wish him continued
success in his journey!

CYBERCARNIVAL.IN 114
 O
OUURR
S
SPPO
ONNSSOOR
RSS
 COMMUNITY & INDUSTRY PARTNER

Chennai,
Tamil Nadu 600089

NULL is proud to sponsor this exciting initiative, reinforcing our commitment to innovation,
collaboration, and technological excellence. As a company dedicated to driving progress in
the industry, we believe in supporting platforms that bring together ideas, expertise, and
forward-thinking solutions. This sponsorship reflects our passion for empowering growth,
fostering creativity, and contributing to groundbreaking advancements. We look forward to
being part of an inspiring journey that shapes the future and drives meaningful impact.

4th Floor, TICEL BIOPARK,

5, CSIR Rd, Phase II,
Tharamani, Chennai, Tamil
Nadu 600113

YUNIQ as our esteemed industrial partner, joining hands to drive innovation, excellence, and
technological advancements. With their expertise and commitment to industry-leading
solutions, this partnership marks a significant step toward achieving new milestones in
efficiency, sustainability, and cutting-edge development. Together, we aim to foster
growth, push boundaries, and create impactful solutions that shape the future. We look
forward to a successful collaboration that brings transformative opportunities and drives
progress.

CYBERCARNIVAL.IN 115
 ED-TECH & KNOWLEDGE PARTNER

Module #9, 3rd floor, D block, Kanagam Rd, Tharamani, Chennai, Tamil Nadu
600113

GUVI as our esteemed industrial partner, strengthening our commitment to technology,

learning, and innovation. As a leader in upskilling and tech education, GUVI brings invaluable
expertise to bridge the gap between industry and academia. This partnership paves the way
for enhanced learning opportunities, hands-on experiences, and cutting-edge solutions that
drive future advancements. Together, we aim to nurture talent, foster innovation, and create
a lasting impact in the tech ecosystem.

199 Oakwood Avenue

West Hartford, CT 06119-2150
p: +1 (860) 233-0011

DISAI as our esteemed industrial partner, joining us in our mission to drive technological
advancements and industry growth. With DISAI's expertise in [mention relevant field, e.g., AI,
automation, data science, etc.], this collaboration paves the way for groundbreaking
innovations, skill development, and impactful solutions. Together, we aim to bridge the gap
between academia and industry, fostering a future driven by technology and excellence.

CYBERCARNIVAL.IN 116
 EVENT SPONSOR

39, Dhanakotti Raja St, Achugam Nagar, Ekkatuthangal, Chennai, Tamil Nadu 600032

Astral Garments as our esteemed industrial partner, strengthening our vision of

innovation and industry excellence. With their expertise in [mention relevant areas,
e.g., textile technology, sustainable fashion, advanced manufacturing], this
collaboration opens new avenues for growth, skill development, and cutting-edge
solutions. Together, we aim to bridge the gap between industry and academia,
fostering creativity, sustainability, and technological advancement in the garment
sector.

plot 3, Sakthi Nagar, Lakshmipuram, Chennai, Tamil Nadu 600099

Digi Alert as our esteemed industrial partner, reinforcing our commitment to

cybersecurity, innovation, and technological excellence. With their expertise in
[mention relevant areas, e.g., cybersecurity solutions, ethical hacking, threat
intelligence], this collaboration aims to bridge the gap between industry and
academia, fostering a safer digital future. Together, we strive to enhance
cybersecurity awareness, skill development, and cutting-edge solutions that
protect and empower businesses and individuals alike.

CYBERCARNIVAL.IN 117
 EVENT SPONSOR

37, Govinda St, Ayyavoo Colony, Aminjikarai, Chennai, Tamil Nadu 600029

Crossfires Health Techs as our esteemed industrial partner, strengthening our

commitment to innovation in healthcare and medical technology. With their
expertise in [mention relevant areas, e.g., health tech solutions, AI in healthcare,
medical diagnostics], this collaboration aims to drive advancements in patient
care, digital health, and cutting-edge medical solutions. Together, we strive to
bridge the gap between technology and healthcare, creating impactful solutions
for a healthier future.

CYBERCARNIVAL.IN 118
 EDITORIAL MESSAGE

Innovation thrives when curiosity meets action. The ideas we explore today are the
seeds of a future driven by collaboration and progress. AI’s true strength lies not just in
its technology but in the passionate minds that shape its evolution. By pushing
boundaries and challenging limits, we can create a smarter, more connected world. The
future isn’t just something we anticipate, it’s something we build together.

Dr.J.Jean Justus
Associate Professor
Computer Science and Engineering

Dr.R.M.R.Shamija Sherryl
Assistant Professor
Computer Science and Engineering

Ms.P.Malathi
Assistant Professor
Computer Science and Engineering

CYBERCARNIVAL.IN 119
 EDITORIAL BOARD

ROHITH C
Department of CSE with
Specialization in Cyber Security
B.Tech CSE CS ‘B’

SAI PRATHUMNAN .N
Department of CSE with
Specialization with Cyber Security
B.Tech CSE CS ‘B’

POOJYA SREE V
Department of CSE with
Specialization in Cyber Security
B.Tech CSE CS ‘B’

NITHYA SREE
Department of CSE with
Specialization in Cyber Security
B.Tech CSE CS ‘C’

BHAVANA SR
Department of CSE with
Specialization in Cyber Security
B.Tech CSE CS ‘B’

CYBERCARNIVAL.IN 120
 SRM INSTITUTE OF SCIENCE AND TECHNOLOGY
FACULTY OF ENGINEERING AND TECHNOLOGY
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
WITH SPECIALIZATION IN CYBER SECURITY
RAMAPURAM, CHENNAI - 600 089
srmrmp.edu.in

cybercarnival.in cyber_carnival_srmrmp cyber_carnival_srmrmp