Perry4Law Organisation (P4LO) has been providing cyber security trends and developments in India for many years. This year as well, we have discussed both cyber security trends in India 2015 and cyber security developments in India. We have provided a research report on cyber security related events in the year 2015. The report is titled Cyber Security Developments in India 2015 and it outlined major cyber security related events that took place in the year 2015. A dedicated blog on international cyber security related legal issues titled International Legal Issues of Cyber Attacks and Cyber Security, Cyber Terrorism and Cyber Warfare was also launched by P4LO on this occasion. The purpose of this blog is to discuss techno legal issues pertaining to international cyber attacks and cyber security.
Cyber security environment in India is fast changing due to growing realisation of threats of cyber attacks and cyber crimes. India is presently facing many sophisticated cyber security problems and challenges that need attention of our policy makers. It is equally important to establish a strong, robust and resilient cyber security infrastructure in India on priority basis. This must include creation of offensive and defensive cyber security capabilities of India. India must also develop indigenous software and hardware so that dependence upon foreign imports can be minimised. Recently, India opposed the proposal to include cyber security technologies under the Wassenaar Arrangement as India is still dependent upon foreign countries for import of cyber security products and services. Sooner or later we would be forced to use Indian cyber security products and services and P4LO recommends that the Electronic System Design and Manufacturing (ESDM) Policy and Regulations in India 2014 must be suitably modified and implemented in India.
According to the report of P4LO, cyber security witnessed many ups and downs in Indian cyberspace in the year 2015. The report has stressed upon formulation of a techno legal framework for India by Indian government that can tackle the challenges arising out of growing cyber crimes in and cyber attacks against India. These techno legal cyber security safeguards can be incorporated into a proposed cyber security policy of India 2015. Similarly, cyber security breach disclosure norms must also be formulated by Indian government for enhanced participation by all stakeholders. The report has also stressed upon strengthening of Indian cyber security infrastructure so that sophisticated cyber attacks can be prevented and eliminated.
There is no second opinion that Narendra Modi government must protect Indian cyberspace on a priority basis. It is high time for the Modi government to be serious about cyber security of India. This is more so when the Supreme Court of India has virtually killed cyber law due diligence in India that could have kept Internet intermediaries and other stakeholders cyber disciplined.
The report has also stressed upon need for smart cities cyber security and smart grids cyber security in India. Similarly, stress has been given for cyber security of Digital India project of Modi government that is presently suffering from various shortcomings. In a welcome move, Modi government appointed Dr. Gulshan Rai as the first chief information security officer (CISO) of India. This is very important as India is facing serious cyber threats from private individuals as well as agencies of other nations.
For instance, it has been revealed that hardware based stealth malware were used by US intelligence agencies against various targets. Recently, Twitter has warned some users that their Twitter accounts were compromised by state sponsored actors. It is clear that cyber attackers are no more script kiddies but state supported crackers who work under a cyber immunity clause. This is also the reason why Indian intelligence agencies are also insisting upon legal immunity against cyber deterrent acts. Besides cyber attacks and planting of malware, intelligence agencies are also using open source intelligence (OSINT) to gather sensitive and personal information.
Banks related cyber security is another area of concern in India. Cyber security of banks in India need to be strengthened by Indian government. In a good move, Reserve Bank of India (RBI) has decided to establish an IT subsidiary to meet cyber security challenges of banks in India.
As per the report, the year 2015 also envisaged an increased interest in cyber liability insurance in India. The major reason for the growth of cyber insurance policies in India is the increased numbers of cyber crimes and cyber attacks in India. However, cyber insurance stakeholders in India have still to understand the technicalities of techno legal aspects of cyber insurance. This is more so as the year 2016 would witness an increased focus upon cyber crimes insurance in India.
Perry4Law Organisation (P4LO) hopes that cyber security stakeholders of India and other jurisdictions would find this research report useful.