You are here

How to draw lines in space

But the National Cyber Security Policy, 2013, is short on detail

Cyberspace is a new global commons, albeit of a different kind. It is man-made, with infrastructure — the information and communications technology (ICT) — that is owned by different countries, but is part of the cyber commons. Cyber attacks against the infrastructure of any country can come from anywhere in the world, with tracks that can be successfully hidden. No wonder the global cyber commons requires international cooperation to identify cyber attackers. Nations need to protect their respective cyber boundaries, even though cyber space is borderless. This is done through appropriate instruments, including policies, legislation, security programmes, awareness and training. The launch of the National Cyber Security Policy (NCSP), 2013, is a welcome step.

The government has taken several steps to enhance cyber security in the country. The first major step was the setting up of the Indian Computer Emergency Response Team (CERT-In) in 2002-03, to create awareness on cyber threats, understand vulnerabilities and devise ways to mitigate them. The National Technical Research Organisation (NTRO) was given the responsibility of protecting the critical information infrastructure (CII), and of developing offensive capability. The latter has done precious little.

The Information Technology Act, as amended in 2008, has raised the level of awareness about cyber crimes. It has identified many kinds of cyber attacks, including unauthorised access, spreading virus and spam, identity theft, voyeurism, bodily privacy compromise and cyber terrorism. It helps prosecute cyber criminals. But a comprehensive national cyber security strategy that empowers different agencies with coordination at the highest level is essential to secure India’s cyberspace. The NCSP articulates a broad policy structure.

A sound cyber security strategy should be based on a strong coordination mechanism that can lead the nation in awareness, education security standards and their effective implementation, confirmed through independent audits, as well as information sharing on threats and vulnerabilities, incident management, technology and practices development led by the private sector and clarity on the role of different government agencies. The NCSP takes a holistic view of the challenges and details strategies to address them. The policy presents a complete ecosystem for a secure computing environment, keeping in view the latest developments in other countries. The challenge, however, is implementing the policy and defining the specifics.

… contd.

Please read our terms of use before posting comments

TERMS OF USE: The views expressed in comments published on indianexpress.com are those of the comment writer’s alone. They do not represent the views or opinions of The Indian Express Group or its staff. Comments are automatically posted live; however, indianexpress.com reserves the right to take it down at any time. We also reserve the right not to publish comments that are abusive, obscene, inflammatory, derogatory or defamatory.

Top
error: Content is protected !!