People are increasingly shopping, banking, and entertaining online, which requires them to share their personal information – phone numbers, addresses, credit card details, and so forth. This makes both people and businesses vulnerable to cyber-attacks. In time to come, managing privacy will be the new normal, like paying electricity bills, paying taxes, securing data, etc. It’s time for the government to build a holistic cyber security policy and establish cyber defense organizations to lead the country into a safe, secure, and resilient digital future. Here’s what the government should focus upon to place India in the highest echelons of cyber leaderships, globally:
One, the first step towards building a holistic cyber security strategy is the amendment of the IT Act 2000, commonly known as the Cyber Law as some of the provisions of the cyber law have become redundant and cannot address the issues arising from the evolving threats;
Two, government, to protect critical information like personal data, business information, financial information, etc., must look to enact data protection laws on the lines of European Union’s General Data Protection Regulation (GDPR);
Three, cyber threats have put governments, citizens, and businesses at risk. Our cyber security must be robust to intercept and block any such cyber-attack attempts. The government must make the Cyber Defense Agency functional, that is entrusted with the responsibility of securing the cyber space.
Four, Computer Emergency Response Team (CERT) is the team that handles cyber security incidents and provides guidelines based on research to improve cyber security systems. CERT also conducts public awareness campaigns. The central government must replicate the CERT at the state-level in the country to ensure speedier incident response.
Five, Country needs an elite cyber commando force that can neutralize any cyber enemy. The government must look to establish a National Defense Academy that provides rigorous training to cyber cadets.
Six, the cyber cells in the police forces are limited in terms of capabilities. The government must lay emphasis on empowering these cyber cells by deploying specialized cyber police cadres in all state police departments.
Seven, the government must consider investing in building a business ecosystem that can leverage artificial intelligence and robotics to improve operations and enhance productivity.
Eight, ensure that the cyber defense infrastructure is built only on qualified and trusted telecom and security equipment, government must establish testing labs in India that will certify the equipment after rigorous tests.
“New and emerging technologies like Artificial Intelligence and Robotics are perhaps the most important determinants/ of defensive and offensive capabilities for any defence force in the future. India, with its leadership in Information Technology domain, would strive to use this technology tilt to its advantage” PM Narendra Modi, Def Expo 2018, Chennai
Understanding the need of emerging cyber security the government of India has worked on National Policy on Electronics (NPE), 2019. This is just one of the may first steps that government, organization and regulatory bodies have taken in the recent times to strengthen the ecosystem. In recent times to optimize the cybersecurity business opportunities and build a strong cyber safe nation we have witnessed multiple initiatives by government, including –
One, ‘data protection regulation’ like the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), etc., which was demand of the business for long; Two, reserved 10 percent of the IT budget for cyber security, and various state governments – Andhra Pradesh, Telangana and Haryana have also announced a policy of reserving budget for cyber security; Three, announced development of Cyber Security Framework for Smart Cities under the guidance of National Cyber Security Coordinator in association with the industry; Four, a sharp focus on cyber security by Regulators. Some of the key initiatives by regulatory bodies include – Cyber Security Framework in Bank by RBI, Guidelines for Information and Cyber security for Insurer by IRDA, Cyber security & cyber resilience framework for registrars to issue share transfer agent by SEBI.
The cybersecurity for business, government and individual is a must but one that concerns all is the cybersecurity of defense. It is a known fact that legacy systems simply do not have the capabilities to keep up with the evolving security threats and relying solely on human oversight will not serve the purpose. The need of the hour is capable automated systems that can monitor, detect, manage, and prevent cyber-attacks in real time. Understanding the growing concern, MHA has developed National Information Policy Guidance (NISPG), which sets up requirements for protection of information generated in government departments and bodies.
The National Policy on Electronics (NPE), 2019 is holistic, investor-friendly and market-driven, and focused on upgradation of infrastructure, providing incentives to offset disabilities, promoting innovation and human resource development. NEP includes schemes such as Modified Special Incentive Package Scheme (M-SIPS) to provide financial incentives across the Electronics Systems Design and Manufacturing (ESDM) value chain to compensate for cost disability in manufacturing; Electronics Manufacturing Clusters (EMC) for providing world-class infrastructure and logistics; mandating safety standards; rationalization of tariff structure and providing preference to domestically manufactured electronic products in government procurement under the aegis of the Public Procurement Order 2017, are under implementation. As a result, ESDM industry has witnessed significant upward growth in India and has the potential to become a vehicle of economic growth and development.
Some of the objectives of National Policy on Electronics (NPE), 2019 include – One, promoting domestic manufacturing and export in the entire value-chain of ESDM for economic development to achieve a turnover of USD 400 billion (approx. INR 26,00,000 crore) by 2025; Two, improving ease-of-doing Business for the ESDM industry; Three, encouraging industry-led R&D and innovation in all sub-sectors of electronics; Four, promoting and creating a framework for comprehensive Start-up eco-system in emerging technology areas such as 5G, IoT, Artificial Intelligence, Machine Learning, Drones, Robotics, Additive Manufacturing, Photonics, Nano-based devices etc., and their applications in areas such as defence, agriculture, health, cyber security, smart cities and automation, with special focus on solving real-life problems; Five, providing fiscal incentives and support for export-led growth, including significantly enhancing economies of scale in electronics manufacturing; Six, developing core competencies in all the sub-sectors of electronics, including inter- alia electronic components, sub-assemblies and semiconductors, telecommunication and broadcasting equipment, IT hardware, medical electronics, defence and strategic electronics, automotive electronics, industrial electronics, consumer electronics, etc., and fabless chip design; Seven, becoming a global leader in the Electronics Manufacturing Services (EMS) segment by promoting progressively higher value addition in manufacturing of electronic products; Eight, encouraging and incentivizing Transfer of Technology (ToT) for core technologies; Nine, promoting research, innovation and support to industry for green processes and sustainable e-Waste management, including inter-alia facilitation of citizen engagement programmes for safe disposal of e-Waste in an environment friendly manner, development of e-Waste recycling industry and adoption of best practices in e-Waste management