Get in Touch
Get in Touch

Blog

Securing India’s Cyber Frontiers

September 20, 2019

Kanwal Sibal   

Former Foreign Secretary to Government of India & Chairman, CII Task Force on Cyber Security

Kanwal Sibal, Chairman, CII Task Force on Cyber Security gives his thoughts on how India is preparing for the future of digital security.

Cyber space is rapidly transforming our lives—how we live, interact, govern and create value. With almost ubiquitous mobile penetration and rising financial inclusion, India is at the cusp of digital transformation. Make in India, Digital India and the Smart Cities programmes are amongst the world’s largest technology-led programmes of their kind.

“While the proliferation of technology and communication have created enormous opportunity and have been great levers of growth as well as citizen prosperity, they have also increased risks and vulnerabilities.”

PwC’s 2018 Global Economic Crime and Fraud Survey found that 31 per cent of global organisations say they’ve experienced fraud via cybercrime in the past two years. These crimes not only cause financial and reputational loss for companies, they also impact business relationships, including those with regulators and hurt employee morale. The report concludes that in reality “too few companies are fully aware of the fraud risks they face.”

Cyber security is rightly ranked among the top threats by governments and corporates. However, putting the accent solely on cyber security without considering regulations, data use and transparency misses the woods for the trees.

Concerns about data use have resulted in a multitude of regulations both in India and globally. India is now in the process of enacting a comprehensive data security and privacy regulation.

“However, effective cyber security is more an ecosystem – where laws, organisations, skills, standards, and technology mesh together.”

Thus, a robust regulatory and legal framework, with the development of a holistic cyber security effort involving academia and industry and proactive cyber diplomacy is called for.

For instance, at present, a mix of Indian legislations constitute the overall framework looking at security in cyberspace (some of these include legislations dating back to before India’s independence). Streamlining the legal, investigative and response framework will necessitate a dedicated, horizontal legislation that consolidates various laws and provisions pertaining to cyberspace while addressing key gaps in the current legal framework and promoting speedy resolution of disputes.

India will need to create a National Digital Security Commission to provide a national direction on security in cyberspace by consolidated policymaking across all nodal agencies; oversee counter-attack systems against international attacks; and enable local industry development through the ‘Make in India’ initiative.

Given that attacks increasingly originate from nation-states, India must also establish a National Cyber Command to address cyber warfare and related challenges with representation from the armed forces, intelligence community and cyber security agencies.

“Given the size of our economy and our technical manpower, we must play a proactive role in developing global technology standards in areas such as 5G, IoT, Cloud, AI, Blockchain, Application Security, Robotics, Quantum Cryptography and PKI.”

Apart from industry, academia, Government and R&D labs jointly addressing this, it will also require crafting of necessary curriculum for academic institutions to foster innovation and a standards mindset. The Indian industry must also mentor and financially support the translation of innovation from labs to IP creation.

The Confederation of Indian Industry (CII) has been actively working in the cyber security space. The CII Task Force on Public Private Partnership for Security of the Cyber Space has been set up to help facilitate collaboration and cooperation between the Indian Government and industry in the protection of critical information infrastructure in particular, covering cyber threats, vulnerabilities, breaches, potential protective measures, and adoption of best practices.

To address many of the security skilling challenges that still exist, the CII–Tata Communications Centre for Digital Transformation (CDT) regularly conducts a Cyber Security Training cum Certification Programme for both security professionals and aspirants.

It is this multi-pronged approach, involving the government, industry, academia and civil society that the CII believes will help to strengthen our cyber frontiers and keep the nation and its economy resolutely on the path to growth and prosperity

 

Read more about India’s preparation for the digital age.