A robust cyber security is essential to protect critical infrastructures (PDF) and public services rendered through information technology. If world wide events are some hints then India must seriously think in the direction of ensuring effective cyber security for Indian IT infrastructures and cyberspace. However the new Government would face many cyber security challenges as India has ignored cyber security for decades.
Meanwhile, Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, etc have been written to subvert the cyber security of Nations around the world. They are clearly made with the objective to indulge in cyber espionage, cyber warfare and cyber terrorism. If India establishes a counter terrorism centre, cyber security would be integral part of the same. In fact, the intelligence agencies of India have been working in the direction of acquiring a legal immunity for themselves while indulging in cyber deterrent acts.
India would revise her national security priorities now as the new Government is more committed towards that. The same would be techno legal in nature as considering traditional security alone would be counter productive in the long run. Cyberspace has emerged as a new security frontier and the new Government is well equipped to deal with the same.
However, companies, business houses, Government departments, public utility service providers and defence forces must also change the way they are presently managing their cyber security affairs. The cyber security obligations of stakeholders like law firms, e-commerce websites, directors of companies, Government departments, thermal power sector, power and energy utilities, etc must be properly understood and effectively implemented in India.
In order to achieve this, the Government must take pro active steps. For instance, there is an urgent need to formulate and actually implement cyber security breach disclosure norms and cyber crisis management plan. Similarly, National Critical Information Infrastructure Protection Centre (NCIPC) of India, National Cyber Coordination Centre (NCCC) of India, Tri Service Cyber Command for Armed Forces of India, etc. must also be constituted and made active immediately.
The cyber security trends of India (PDF) have shown that Indian cyber security initiative and efforts are grossly inadequate and poorly coordinated. There is no centralised coordination between various cyber security projects of India and all are operating in an independent manner. At times this creates a conflict situation between them and the end result is very disappointing.
There are little efforts towards modernisation of law enforcement and intelligence agencies of India. Cyber forensics methods and techniques are also not widely used (PDF) by our law enforcement and intelligence agencies like Enforcement Directorate (ED), Central Bureau of Investigation (CBI), etc in the absence of techno legal expertise. Even investigations into the cases of IPL match fixing, Nokia’s software download, etc was not upto the mark. The regulations and guidelines for effective investigation of cyber crimes in India are still awaited and many cyber criminals are not prosecuted effectively.
All these lacuna and shortcomings have created a vicious circle of problems that is detrimental to Indian cyberspace. We have to systematically cure these defects and shortcomings one by one as they are interrelated in nature. While doing so we must keep in mind the fragile and precarious nature of Internet and cyberspace that would create troubles for India in the near future.