CAG SAI meet: Our focus is cyber security, artificial intelligence, says GC Murmu

Lucknow (Uttar Pradesh) [India], February 6 (ANI): India’s membership into the Shanghai Cooperation Organisation (SCO) reaffirms its age-old connection with the region, Comptroller and Auditor General (CAG) of India, Grish Chandra Murmu said on Monday.

He was speaking at the 6th SCO SAI Leaders meeting SCO Supreme Audit Institutions (SAI) meet. The three-day event was inaugurated today at Lucknow by Uttar Pradesh Governor Anandi Ben Patel.

The countries which participated in the event are namely, India, China, Russia, Kazakhstan, Tajikistan and Uzbekistan, while only Pakistan participated online.

The CAG during his address said that Shanghai Cooperation Organization (SCO) is an eight-member multilateral organization, established on June 15, 2001, in Shanghai, China by the leaders of China, Kazakhstan, Kyrgyzstan, Russia, Tajikistan and Uzbekistan when the Declaration of Shanghai Cooperation Organization, was signed.

"In June 2002 the heads of the SCO Member States signed the SCO Charter which expounded on the organization’s purposes, principles, structures and forms of operation and established it in international law. At the July 2005 Astana Summit, India was granted Observer status. On June 9, 2017, at the historic summit in Astana, India officially joined SCO as a full- member," he said.

Girsh Chandra Murmu said that India shares time-honoured historical and cultural ties with the SCO region.

"This vast land of diverse people and landscapes has hugely contributed to the progress of mankind. The network of routes that crisscrossed the terrain was not only vital for the exchange of goods and trade, but also served as an important link for transmitting ideas and fostering intellectual pursuits like science and art. India’s membership into SCO in 2017, therefore reaffirms its age-old connection with the region," he said.

He further said that the Supreme Audit Institutions (SAIs) play a critical role in promoting good governance and accountability in government.

"Independent bodies are responsible for auditing government finances and operations to ensure that public funds are being used efficiently, effectively and in compliance with laws and regulations," he added.

Highlighting the roles played by SAIs, he said, "It provides valuable insights to national governments by identifying areas of improvement, highlighting inefficiencies, and identifying potential areas of fraud or corruption.

"To take forward our common responsibilities, and after five successful meetings, we have gathered to deliberate and take forward the agenda of ‘Integrating Emerging technologies in Audit’ with the themes of Artificial Intelligence and Cyber Security," he saidHe further stated that Artificial Intelligence (AI) refers to the simulation of human intelligence in machines that are programmed to think and learn like humans.

"AI is a broad field that encompasses many different techniques and approaches, including machine learning, natural language processing, computer vision, and expert systems. These techniques are used to build intelligent systems that can perform a wide range of tasks from the simple to complex, such as recognizing speech, identifying objects, making predictions, and playing games," he said.

CAG Murmu said that technology in general and Artificial Intelligence, in particular, are impacting each and every aspect of our lives, and technology has the capacity to address the world’s thorniest challenges climate, poverty, food, fuel, health and safety.

"Governments around the world are using AI in a variety of areas, including healthcare, transportation, crime and security, innovations in agriculture, provision of government services as well as environmental conservation efforts. AI can aid government agencies, including SAIs, in automating tasks, analyzing data, improving efficiency, not only reducing costs, and providing more effective services but also in predictive analytics, automation of routine tasks, smart cities, public safety, fraud detection and prevention, citizen services, and healthcare," he further said.

India is rapidly rising as a technology powerhouse, as the Information Technology sector and the Digital Economy are key drivers of the country’s economy, contributing over 13% to its GDP. India’s technology industry reached an all-time high in growth, reaching $227 billion in revenue in the financial year 2022, an increase from $200 billion the previous year.

The country’s IT spending is estimated to rise by 7 per cent to USD 101.8 billion in 2022-23. With the second largest telecommunications sector in the world, boasting 130 million internets and about 1.2 billion mobile users, he said.

"At the same time, a fairly good number of users have experienced malware or other attacks. This is particularly dangerous as trillions of online transactions are carried out while billions of dollars are invested every year online. These challenges are to be faced not only by policymakers, and executives implementing programmes and projects but SAIs also have an important role to play as they evaluate the policy of risk mitigation measures," he added.

"I am happy to share that SAI India is utilizing Artificial Intelligence techniques to gain insights from the data collected from the audited entities," he said.

He further pointed out that the risk areas or areas of interest identified through the application of AI techniques are used to identify audit objectives and develop Audit Design Matrix during the Audit Planning stage. This allows for a more targeted and efficient approach to the audit process.

In addition to this, SAI India is also using AI techniques to identify a specific and focused set of sample units for in-person audit, CAG Murmu said.

"This allows for the collection of corroborative evidence in support of potential deviations identified from the data. The organization is also working towards receiving data periodically from audited entities and incorporating feedback from substantive checks to improve the model. This allows for the incorporation of new data sources and further training and refining of the AI model," he added.

The CAG said that SAI India sees the use of AI not as a one-off process for a specific audit assignment, but as building an evolving AI model for quicker and more detailed analysis during both the Audit Planning and Execution stages.

"This allows for a more efficient and effective approach to the audit process and can improve the overall quality of the audit. With any new technology, there are debates echoing utopian dreams as well as dystopian nightmares. The use of AI by the government also raises ethical and governance concerns, including issues related to data privacy and security. The need for unbiased AI must also be addressed," he said.

However, CAG Murmu also said that the digitization of government operations and adoption of advanced/emerging technologies has also brought its own challenges and responsibilities and protecting against AI-powered advanced malware.

"AI is being used in cyber-security as well for offensive and defensive roles as there are threats from AI-powered advanced polymorphic malware-trojan possessing the capacity to change their behaviour and bypass security defences," he said.

The CAG said that Cybercrime has become a major economic threat, costing the global economy an estimated USD 6 trillion annually which is projected to reach nearly USD 10 trillion by 2025.

"Cyber criminals have a history of embracing cutting-edge technologies, and AI is no exception. There are reports of AI-powered malware being developed to even evade two-factor authorisations like ‘OneTime Passwords’ (OTP), security software and spam filters. AI algorithms are being used to guess passwords and analyse social media profiles. Cybercriminals are now using AI to create convincing fake images, audio, and video to deceive their targets," he said.

Girsh Chandra Murmu said that these malicious AI applications make it easier for criminals to gather information, trick people, and steal sensitive information, thereby increasing the need for robust cybersecurity measures"Thus, one of the main challenges is the constant evolution of cyber threats. which makes it difficult for governments to keep up with the latest risks and vulnerabilities. Additionally, governments often have limited resources to devote to cybersecurity, which can further hinder their ability to protect their systems and networks. Another challenge that governments face is the presence of legacy systems," he further said.

The CAG said that many government systems and networks are based on older technology, which may not be able to withstand modern cyber threats.

"Upgrading these systems can be costly and time-consuming, which makes it difficult for governments to keep their systems secure. Governments also need to balance the need to protect sensitive information with the need to collaborate with private sector partners to improve cybersecurity," he said.

Stressing the need for international cooperation, he said, "Cybersecurity threats often do not respect national boundaries, so international cooperation is vital to protecting against them. Governments must work together with SAIs to share information and best practices and to coordinate efforts to combat cyber threats.""I look forward to engaging and fruitful discussions on the use of Artificial Intelligence by governments and public sector undertakings for promoting good governance, catalysing social and economic development and providing the required oversight and underlining the need for equipping Supreme Audit Institutions in use of pioneering technologies for efficient and effective audits," he said.

Girish Chandra Murmu said, "I am of the firm view that the adoption of Information Technology in the public sector has brought the concerns related to cybersecurity, to the forefront and it is thus becoming imperative for SAIs to develop an adequate capacity to audit cybersecurity issues."India currently holds the SCO presidency, which annually rotates among member countries. India’s 2023 theme is ‘Towards a SECURE SCO’’.

The concept of SECURE stands for: ‘S’ for security for citizens, ‘E’ for economic development, ‘C’ for connectivity in the region, ‘U’ for unity, ‘R’ for respect of sovereignty and integrity, and ‘E for environment protection.

Within the theme, the participating delegates are expected to hold dialogues and share experiences on two of the biggest global developments as well as concerns of digital technology today — Artificial Intelligence and Cyber Security. (ANI)