It is very difficult to predict the future cyber
security issues in India or in other nations. Even it is
very difficult to analyse all the cyber
security issues, challenges and problems of India and
other jurisdictions.
However, one thing is for sure. Cyber
security challenges in India are going to increase with
the advent of sophisticated malware like Stuxnet,
Duqu,
Flame, Shamoon, etc. These customised malware are targeting the
critical infrastructures around the world. To tackle these malware,
cyber
security capabilities in India must be strengthened.
If we analyse the cyber security reflections
of India the position is really worrisome. The cyber
law, cyber
crimes and cyber
security trends by Perry4Law
and Perry4Law’s
Techno Legal Base (PTLB) have marked many shortcomings of
Indian cyber security capabilities.
Critical
infrastructure protection in India is not in a very good
shape. We have no critical
ICT infrastructure protection policy of India as well. The
critical infrastructures around the world like power
grids, nuclear
facilities, satellites,
defense
networks, governmental
informatics infrastructures, etc are vulnerable to known
and unknown malware.
According to cyber security experts cyber
attacks are affecting Indian critical infrastructure and
we are not even aware of the same. Critical
infrastructure protection in India is needed as soon as
possible.
India must develop both offensive and defensive
cyber security capabilities that must be robust enough to detect and
nullify cyber
warfare against India, cyber
terrorism against India, cyber
attacks against India, cyber
espionage against India, etc.
The national imperatives of securing operational
technologies like smart grids, oil and gas, public utilities, etc are
too essential to be ignored by Indian government. Today protecting
key economic assets like securing financial backbone and stock
exchange, payment infrastructures and financial switches is need of
the hour. This includes architecting security for new age banking to
make them cyber secure. Cyber
security of banks in India is still deficient.
The business community must also keep in mind the
cyber law due diligence requirements in India. Cyber
due diligence for Indian companies is now a statutory
obligation and failure to observe cyber due diligence can bring
serious legal ramifications. Ensuring business models, technology
transformations and channel revolutions in the midst of organised,
focused, advanced and persistent cyber threats is not an easy task.
With the growth of enterprise mobility, mobile
applications and cloud enablement data driven businesses, techno
legal issues have become more prominent. Social networking platforms
have further complicated the scenario.
The Internet is truly global in nature and regional
and national regulations and efforts cannot bring the desired
results. Cyber law and cyber security issues are global in nature.
Indian
response to international cyber law treaty is not pro
active. International
cyber law treaty is required to be formulated as soon as
possible.
Similarly, cyber security framework must ensure both
national responsibility and global accountability. Any cyber
diplomacy must congregate both national and international interests
to be effective and enforceable. Thus, an international
cyber security treaty is required to be formulated as
well.
With a growing focus upon electronic
delivery (e-delivery) of services in India additional
responsibilities of securing technology transformation of governance
must be ensured. The e-governance projects of India would bring cyber
security challenges for which we need readymade solutions.
Similarly, cyber security enablement of growing
electronic and mobile commerce would also be required. With the
projected increase in volume and growth of commerce and e-commerce
in India, cyber security as enabler must be ensured.
Further, civil liberties issues like human
rights protection in cyberspace, balancing
of national security and civil liberties, balancing
of national security and right to information, etc must be
kept in mind by India.
The management of consumer
rights and business responsibilities in the information
age is not an easy task. For instance, the present telemarketing
policy of India is anti consumer. Similarly, the telecom
dispute resolution process in India is also anti consumer.
The future of cyber security in India is tough to
manage. The sooner we start working in this direction on ground
level and actual basis the better it would be for the
larger interest of India.