#FactCheck: A digitally altered video of actor Sebastian Stan shows him changing a ‘Tell Modi’ poster to one that reads ‘I Told Modi’ on a display panel.

Risk Management

‍

The ‘Information Security Profile’ prioritises and informs cybersecurity operations based on the company's risk administration procedures. It assists in choosing areas of focus for security operations that represent the desired results for producers by supporting periodic risk evaluations and validating company motivations. A thorough grasp of the business motivations and safety requirements unique to the Production system and its surroundings is necessary in order to manage cybersecurity threats. Because every organisation has different risks and uses ICS and IT in different ways, there will be variations in how the profile is implemented.

Companies are currently adopting industry principles and cybersecurity requirements, which the Manufacturing Information is intended to supplement, not replace. Manufacturers have the ability to identify crucial operations for key supply chains and can order expenditures in a way that will optimise their impact on each dollar. The Profile's primary objective is to lessen and manage dangers associated with cybersecurity more effectively. The Cybersecurity Framework and the Profile are not universally applicable methods for controlling security risks for essential infrastructure.

Producers will always face distinct risks due to their distinct dangers, weaknesses, and tolerances for danger. Consequently, the ways in which companies adopt security protocols will also change.

‍

Key Cybersecurity Functions: Identify, Protect, Detect, Respond, and Recover

‍

1. Determine 

Create the organisational knowledge necessary to control the potential hazards of cybersecurity to information, systems, resources, and competencies. The Identify Function's tasks are essential for using the Framework effectively. An organisation can concentrate its efforts in a way that aligns with its approach to risk mitigation and company needs by having a clear understanding of the business environment, the financial resources that assist with vital operations, and the associated cybersecurity threats. Among the outcome characteristics that fall under this function are risk evaluation, mitigation strategy, the administration of assets, leadership, and the business environment.

‍

2.  Protect

Create and put into place the necessary measures to guarantee the provision of crucial infrastructure amenities. The Protect Function's operations enable the limitation or containment of the possible impact of a cybersecurity incident. Instances of results Access Management, Knowledge and Instruction, Data Safety and Security, Data Protection Processes and Instructions, Repair, and Defensive Systems are some of the classifications that fall under this role.

‍

3. Detect

Create and carry out the necessary actions to determine whether a cybersecurity event has occurred. The Detect Function's operations make it possible to find vulnerability occurrences in an efficient way. This function's result subcategories include things like abnormalities and incidents, constant security monitoring, and identification processes.

‍

4. React

Create and carry out the necessary plans to address a cybersecurity event that has been discovered. The Response Function's operations facilitate the capacity to mitigate the effects of a possible cybersecurity incident. Within this Scope, emergency planning, interactions, analysis, prevention, and enhancements are a few examples of result categories.

‍

5. Recover

Create and carry out the necessary actions to uphold resilience tactics and restore any services or competencies that were hampered by a cybersecurity incident. In order to lessen the effects of a vulnerability incident, the Recovery Function's efforts facilitate a prompt return to regular operations. The following are a few instances of outcome subcategories under this role: communications, enhancements, and recovery planning.

‍

Conclusion

‍

The Information Security Profile, when seen in the framework of risk mitigation, offers producers a tactical method to deal with the ever-changing cybersecurity danger scenario. The assessment directs safeguarding operations prioritisation by recognising specific business reasons and connecting with corporate goals. The Profile enhances the cybersecurity standards and established industry guidelines by taking into account the differences in vulnerabilities and organisational subtleties among producers. It highlights the significance of a customised strategy, acknowledging that every business has unique risks and weaknesses. 

The fundamental tasks of the Framework, to Identify, Protect, Detect, Respond, and Recover, serve as a thorough roadmap, guaranteeing a proactive and flexible approach to cybersecurity. The Profile's ultimate goal is to increase the efficacy of risk mitigation techniques, understanding that cybersecurity is a constantly shifting and evolving subject for the manufacturing sector.

‍

References

• https://csrc.nist.gov/news/2020/cybersecurity-framework-v1-1-manufacturing-profile
• https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8183r1.pdf
• https://mysecuritymarketplace.com/reports/cybersecurity-framework-version-1-1-manufacturing-profile/

‍

Introduction

Smartphones have revolutionised human connectivity. In 2023, it was estimated that almost 96% of the global digital population is accessing the internet via their mobile phones and India alone has 1.05 billion users. Information consumption has grown exponentially due to the enhanced accessibility that these mobiles provide. These devices allow accessibility to information no matter where one is, and have completely transformed how we engage with the world around us, be it to skim through work emails while commuting, video streaming during breaks, reading an ebook at our convenience or even catching up on news at any time or place. Mobile phones  grant us instant access to the web and are always within reach. 

But this instant connection has its downsides too, and one of the most worrying of these is the rampant rise of misinformation. These tiny screens and our constant, on-the-go dependence on them can be directly linked to the spread of “fake news,” as people consume more and more content in rapid bursts, without taking the time to really process the same or think deeply about its authenticity. There is an underlying cultural shift in how we approach information and learning currently: the onslaught of vast amounts of “bite-sized information” discourages people from researching what they’re being told or shown. The focus has shifted from learning deeply to consuming more and sharing faster. And this change in audience behaviour is making us vulnerable to misinformation, disinformation and unchecked foreign influence.

The Growth of Mobile Internet Access 

More than 5 billion people are connected to the internet and web traffic is increasing rapidly. The developed countries in North America and Europe are experiencing mobile internet penetration at a universal rate.  Contrastingly, the developing countries of Africa, Asia, and Latin America are experiencing rapid growth in this penetration. The introduction of affordable smartphones and low-cost mobile data plans has expanded access to internet connectivity. 4G and 5G infrastructure development have further bridged any connectivity gaps. This widespread access to the mobile internet has democratised information, allowing millions of users to participate in the digital economy.  Access to educational resources while at the same time engaging in global conversations is one such example of the democratisation of information. This reduces the digital divide between diverse groups and empowers communities with unprecedented access to knowledge and opportunities.

The Nature of Misinformation in the Mobile Era 

Misinformation spread has become more prominent in recent times and one of the contributing factors is the rise of mobile internet. This instantaneous connection has made social media platforms like Facebook, WhatsApp, and X (formerly Twitter) available on a single compact and portable device. These social media platforms enable users to share content instantly and to a wide user base, many times without verifying its accuracy. The virality of social media sharing, where posts can reach thousands of users in seconds, accelerates the spread of false information. This ease of sharing, combined with algorithms that prioritise engagement, creates a fertile ground for misinformation to flourish, misleading vast numbers of people before corrections or factual information can be disseminated. 

Some of the factors that are amplifying misinformation sharing through mobile internet are algorithmic amplification which prioritises engagement, the ease of sharing content due to instant access and user-generated content, the limited media literacy of users and the echo chambers which reinforce existing biases and spread false information. 

Gaps and Challenges due to the increased accessibility of  Mobile Internet 

Despite growing concerns about misinformation spread due to mobile internet, policy responses remain inadequate, particularly in developing countries. These gaps include: the lack of algorithm regulation, as social media platforms prioritise engaging content, often fueling misinformation. Inadequate international cooperation further complicates enforcement, as addressing the cross-border nature of misinformation has been a struggle for national regulations. 

Additionally, balancing content moderation with free speech remains challenging, with efforts to curb misinformation sometimes leading to concerns over censorship. 

Finally, a deficit in media literacy leaves many vulnerable to false information. Governments and international organisations must prioritise public education to equip users with the required skills to evaluate online content, especially in low-literacy regions.

CyberPeace Recommendations

Addressing misinformation via mobile internet requires a collaborative, multi-stakeholder approach. 

• Governments should mandate algorithm transparency, ensuring social media platforms disclose how content is prioritised and give users more control. 
• Collaborative fact-checking initiatives between governments, platforms, and civil society could help flag or correct false information before it spreads, especially during crises like elections or public health emergencies. 
• International organisations should lead efforts to create standardised global regulations to hold platforms accountable across borders. 
• Additionally, large-scale digital literacy campaigns are crucial, teaching the public how to assess online content and avoid misinformation traps.

Conclusion

Mobile internet access has transformed information consumption and bridged the digital divide. At the same time, it has also accelerated the spread of misinformation. The global reach and instant nature of mobile platforms, combined with algorithmic amplification, have created significant challenges in controlling the flow of false information. Addressing this issue requires a collective effort from governments, tech companies, and civil society to implement transparent algorithms, promote fact-checking, and establish international regulatory standards. Digital literacy should be enhanced to empower users to assess online content and counter any risks that it poses.  

References

• https://www.statista.com/statistics/1289755/internet-access-by-device-worldwide/ 
• https://www.forbes.com/sites/kalevleetaru/2019/05/01/are-smartphones-making-fake-news-and-disinformation-worse/
• https://www.pewresearch.org/short-reads/2019/03/07/7-key-findings-about-mobile-phone-and-social-media-use-in-emerging-economies/ft_19-02-28_globalmobilekeytakeaways_misinformation/ 
• https://www.psu.edu/news/research/story/slow-scroll-users-less-vigilant-about-misinformation-mobile-phones 

‍

Introduction

‍

In today’s digital environment, national security challenges extend well beyond traditional military domains. One growing concern is the unauthorised extraction of information, which is increasingly being used through subtle and gradual methods rather than overt force. Recent advisories point to a rising pattern in which foreign organisations seek to recruit individuals to collect and handle sensitive material, often using financial cybercrime networks as part of their operational ecosystem. This trend has implications for journalists, defence personnel, researchers, students, and academics working in strategic, geopolitical, and security-related fields. The core risk lies in the fact that these activities can proceed quietly and without coercion, with participants sometimes unaware that their actions may contribute to intelligence gathering efforts.

‍

Digital Platforms as Vectors for Targeted Recruitment

‍

Professional networking and job portals have become central to modern career development. The same visibility that supports professional advancement is being misused by others. Foreign entities reportedly use these platforms to identify individuals with experience in journalism, defence services, strategic studies, cybersecurity, and international relations.

Early-career professionals and students from reputed Higher Education Institutions (HEIs) are particularly vulnerable because they seek freelance work, research experience and international partnerships. Initial outreach is often framed as legitimate consultancy, research assistance, or content development work, which creates the impression of professional credibility through normal business operations.

‍

Task-Based Information Extraction

‍

The organisation assigns writing and research duties to new employees, which seem simple to perform. The topics of source-based articles and analytical pieces include the following two subjects about India.

• The first subject examines India's foreign relations with its strategic partnerships.
• The second subject investigates how armed forces operate through different military movements.
• The third subject focuses on defence procurement activities, which include weapon system development and modernisation projects.
• The fourth subject investigates military activities through joint training exercises and war simulation exercises.

The public possesses most of this knowledge, but its threat emerges from the process of collecting and interpreting data with contextual information. The collection of insights from various sources enables organisations to identify operational patterns, strategic priorities and capacity evaluations which go beyond particular data points.

‍

The Financial Cybercrime Nexus

‍

The financial system that pays contributors presents itself as a major problem for this activity. Payments are often routed through:

• Indian bank accounts, including student accounts
• Funds originating from cyber fraud or financial crimes
• Occasional overseas transfers structured to avoid scrutiny

The system establishes a direct connection between financial cybercrime activities and the theft of confidential information, which brings unintentional danger of legal issues and public image damage to those involved. The Indian legal system considers all connections to illegal financial activities as serious offenses even when the person involved did not intend to commit any crime.

‍

Concealed Identities and Data Harvesting
‍

The entities that conduct recruitment activities willfully hide their real identities. The organisation uses intermediaries for their operations, which they present as foreign consulting firms, think tanks and analytics companies. Contributors who have defence or security experience will face requests to provide their personal data, which includes their PAN and Aadhaar information.

The collection of such data raises significant concerns. The system creates permanent privacy hazards that permit unauthorised access to personal data and identity theft and coercive practices. The ultimate use of this information often remains opaque to the individuals providing it.
‍

Why Incremental Leakage Matters
‍

The threat operates silently because it lacks the visibility of major cyberattacks. The combined effect of all articles and research notes becomes dangerous because no single element can cause harm. Hostile organisations can use incremental information leakage to undermine national security because they can analyse their gathered data to create:

• maps of strategic capabilities,
• defence readiness evaluations,
• security and foreign policy narrative control.

The process of information sovereignty erosion occurs through the establishment of undefined boundaries between journalism and academic research, and consultancy and strategic analysis. The lack of clear boundaries between journalism and academic research, consultancy and strategic analysis makes it difficult to determine who is responsible for research outcomes.
‍

The Role of Institutions and Individuals
‍

The universities and media outlets, together with the professional organizations have essential functions in their quest to diminish environmental effects. The organisation should perform the following proactive steps:

• The organisation should organise training programs which will educate people about its services.
• The organisation should require researchers to conduct thorough investigations before they accept paid assignments for research work and writing tasks.
• The organisation should recommend that people do not share their identity documents except when their institution requires it for authentication purposes.
• The organisation should create specific methods to report any suspicious activities that people might encounter.

Students and professionals need to understand that their specialised knowledge and trustworthiness can be used against them. People must protect their digital identities through three actions, which include verifying their affiliations and assessing the complete effects of their daily activities.
‍

Conclusion

‍

Cyber enabled threats to national security increasingly operate in grey zones, which makes their legality, legitimacy, and true intent difficult to assess. The convergence of foreign recruitment efforts, financial cybercrime, and covert information gathering creates a persistent risk that is still not widely recognised or fully understood. The state does not bear exclusive responsibility for protecting sensitive information. National resilience in an interconnected knowledge economy requires organisations to develop three core capacities, which include institutional awareness and restraint and institutional vigilance. Cyber resilience depends on two essential factors, which include secure systems and informed citizens, because data continues to determine power relationships.
‍

References
‍

• https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
• https://www.cyber-espionage.ch/
• https://www.theguardian.com/world/2025/nov/18/mi5-issues-alert-to-mps-and-peers-over-chinese-espionage
• http://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/263/92
• https://www.researchgate.net/publication/368461675_Cyber_Espionage_Consequences_as_a_Growing_Threat

‍