Government of India had first come out with a National Cyber Security Policy in the year 2013. The policy may have been apt for that era of time, but the present scenario of Cyber Threat and Cyber Crime Proliferation, demands a more exhaustive Policy. This call for a New Cyber Security Strategy comes a month after the cyber attack on Kudankulam Nuclear Power Plant’s information technology system (not the operational network that controls the actual functioning of the power plant). It was also reported that during the same time ISRO had also been breached by the same cyber attackers.
After due deliberation and actions there-off, the National Security Council Secretariat (NSCS), Government of India, had met and decided to Revise the National Cyber Security Policy, and bring out a more exhaustive and meaningful National Cyber Security Strategy 2020. The first agenda of National Cybersecurity Strategy is to secure the national cyberspace, which has been subjected to privacy breaches and hacks in the past. Secondly, the government aims to strengthen the infrastructure and processes that are connected to the internet. Thirdly, the government aims to synergise the resources available through cooperation and collaboration with different players.
The Government further decided to take feedback from the environment so as to come out with the National Cyber Security Strategy 2020 (NCSS 2020). It also launched a website “https://ncss2020.nic.in/ “, and also here make provisions to submit the feedback and comments on the website (Click here: https://ncss2020.nic.in/review/form). The comments to assist Government to come out with the NCSS 2020, are sought on three pillars of cyber security: secure (national cyberspace), strengthen (structures, people, processes, capabilities), and synergise (resources including cooperation and collaboration). The deadline is 31 December 2019.
The Need for National Cyber Security Strategy 2020 (NCSS 2020)
India was one of the first few countries to propound a futuristic National Cyber Security Policy 2013 (NCSP 2013). Since the adoption of NCSP 2013, the technologies, platforms, threats, services and aspirations have changed tremendously. The transformational Digital India push as well as Industry 4.0 is required to be supported by a robust cyberspace. However, Cyber intrusions and attacks have increased in scope and sophistication targeting sensitive personal and business data, and critical information infrastructure, with impact on national economy and security. The present cyber threat landscape poses significant challenges due to rapid technological developments such as Cloud Computing, Artificial Intelligence, lnternet of Things, 5G, etc. New challenges include data protection/privacy, law enforcement in evolving cyberspace, access to data stored overseas, misuse of social media platforms, international cooperation on cybercrime & cyber terrorism, and so on. Threats from organised cybercriminal groups, technological cold wars, and increasing state sponsored cyber-attacks have also emerged. Further, existing structures may need to be revamped or revitalised. Thus, a need exists for the formulation of a National Cyber Security Strategy 2020.
What is Ahead
National Cyber Security Coordinator (NCSC) Lt Gen. (Dr) Rajesh Pant had said in June 2019 that a cyber security strategy would be released in 2020.
“5G will change the entire scope of cybersecurity in India. There are new aspects like ransomware, and IoT was not there. So with these changes, there is going to be a new strategy for dealing with cybersecurity. We have created a small team and we will write something and we will get comments from people.”
— Lt Gen. (Dr) Rajesh Pant on June 21, 2019
At that time, he had indicated that there would be a consultation on the concerns and the same will be addressed in a systematic manner. A task force, under NSCS, is responsible for formulating a five-year strategy (2020-25). The call for comments takes into account that Dr Pant had previously mentioned and includes cloud computing and AI, too. It also raises issues of “include data protection/privacy, law enforcement in evolving cyberspace, access to data stored overseas, misuse of social media platforms, and international cooperation on cybercrime & cyber terrorism”.
The step taken by the Indian government, and its concerns towards cybersecurity in India, was not been enough; yet this present strategy of inviting comments from the Indian Citizens (and others) is the need of the hour. The loss to businesses and also to the common citizens’ due to lack of Cybersecurity measures had affected multifold. The New National Cybersecurity Strategy is likely to play a crucial role in helping businesses overcome security challenges in the Indian context where the common man is affected. “Cyber Secure India” thus encourages each one of you who can contribute, to submit their inputs on the website by 31 December 2019 on the website (Click here to submit an input: https://ncss2020.nic.in/review/form).