Smart
cities are the future of urbanisation and population sustainability.
The aim of smart cities is to provide a conductive environment for
living, commercial activities, healthcare and overall development.
Smart cities also predominantly rely upon use of information and
communication technologies (ICT) to render public services. Wherever
applicable, Internet
of Things (IoT) (PDF), cloud computing and virtualisation and
machine to machine (M2M) system usage is also there. However, this
omnipresent usage of ICT, IoT, M2M, cloud computing, etc has a
potential drawback as well in the form of indifference towards smart
cities cyber security.
It is not difficult to visualise a scenario of cyber attacks
against the critical infrastructures of the smart cities that are run
by ICT and technology. Such a cyber attack can cripple the entire
smart city if properly executed. Critical
infrastructure protection in India (PDF) is still at nascent
stage. The national cyber security policy of India 2013 is also very
weak and even that has not
been implemented by Indian government so far. The much awaited
cyber
security policy of India 2015 is also missing so far.
A strong cyber security infrastructure of India is need of the
hour especially when there is no well settled international
legal issues of cyber attacks that can be invoked in the case of
a cyber incidence. It is very important that international legal
issues of cyber attacks must be resolved
by various government and non government stakeholders. There is no
globally acceptable cyber
law treaty and cyber
security treaty (PDF) that can govern the relationships between
various countries. Even the Tallinn
Manual on the International Law Applicable to Cyber Warfare
(PDF) is just an academic document with no legal binding obligations.
The truth is that Tallinn Manual is not
applicable to international cyber warfare attacks and defence and
countries are free to take measures as per their own choices.
This has necessitated that cyber security related projects in
India must be not only expedited but they must also be successfully
implemented as soon as possible. Unfortunately, cyber projects like
National Cyber
Coordination Centre (NCCC) of India, National
Critical Information Infrastructure Protection Centre (NCIPC) of
India, Grid
Security Expert System (GSES) of India, National
Counter Terrorism Centre (NCTC) of India, Cyber
Attacks Crisis Management Plan of India, Crisis
Management Plan Of India For Cyber Attacks And Cyber Terrorism, Cyber
Command For Armed Forces Of India, Tri
Service Cyber Command for Armed Forces of India, Central
Monitoring System (CMS) Project of India, National
Intelligence Grid (Natgrid) Project of India, Internet
Spy System Network And Traffic Analysis System (NETRA) of India,
Crime
and Criminal Tracking Network and Systems (CCTNS) Project of India,
etc have still not been implemented successfully by Indian
government.
This raises the pertinent question as to how Indian government
would ensure cyber security of smart cities in India. We at Centre
of Excellence for Cyber Security Research and Development in India
(CECSRDI) believe that Modi government must take cyber security
seriously. The cyber
security challenges in India would increase further and India
must be cyber
prepared to protect its cyberspace. CECSRDI believes that the
starting point is to draft the cyber security policy of India 2015 as
the 2013 policy is highly defective and of little significance. We
also believe that a dedicated cyber
security law of India is need of the hour. The same must be a
techno
legal framework keeping in mind contemporary cyber security
threats. Further cyber
security disclosure norms in India must be formulated by Modi
government. The cyber
security awareness in India must be further improved so that
various stakeholders can contribute significantly to the growth and
implementation of cyber security initiatives of Indian government.