Battleground Cyberspace

In India cyber security is being addressed at various levels. The setting up of the high-powered National Information Board NIB under the chairmanship of the national security adviser is a major initiative. Recently, the report of the working group on information technology for the 10th Five Year Plan in India positions cyber security as a major focus area. It mentions that Indian corporations and government agencies need to be trained in IT security and specialised institutions need to be developed for the same. At the same time, research in cryptography needs to be given a thrust. There is need to devise a national strategy to counter cyber attacks and an efficient and prompt emergency response structure is call-ed for.

In this context, the concept of critical infrastructure protection CIP becomes a fundamental concern. The need to identify critical infrastructures and then define the critical functions is already an important agenda for many nations now. We in India also need to immediately define the same. Already the government has set up an inter-ministerial working group on CIP for this purpose. The goal of the Indian CIP initiative, as envisioned in this working group8217;s agenda, is to assure the continuity and viability of critical infrastructure and at the same time also ensure RAS reliability, availability and survivability of systems. Some references to the CIP policies of nations like the US, Canada, Germany, Switzerland is in order. Most of these nations now have experience in handling their critical functions under their CIP policy and their experience would stand us in good stead. The Chinese CIP strategy could be of relevance, although also of concern to us is China8217;s simultaneous pursuit of a pro-active information warfare strategy.

There must be a clear agenda for understanding all the issues concerning the Indian CIP. Some issues that crop up immediately are to do with the poor security infrastructure and a careless culture. There is a lack of urgency among senior government functionaries and senior management of corporations to prioritise security. There is almost no security education and awareness among stakeholders. There is also a serious lack of trust between government functionaries and private corporations. This is coming in the way of a teamwork culture that is prevalent in many other countries.

Lack of awareness of the effective use of the existing legal framework and a mechanism to adjust the legal framework to suit the dynamic nature of cyberspace is another important point. Another serious issue of concern is the multiplicity of agencies and the command structure for CIP. In case of a complicated terrorist attack, how to segregate the cyber elements from the general attack and then have a response in no time?

For now the working group will deliberate on two areas 8212; the Critical Information Infrastructure Assurance Protection Plan CIIAPP and liaison activity pertaining to threat assessment and sectoral initiatives. In the former, key security organs of the government including the Ministry of Home Affairs MHA, Defence, Intelligence Bureau IB, Research and Analysis Wing RAW, Central Bureau of Investigation CBI and National Informatics Centre NIC will work out the modalities for CIP including the funding pattern for critical functions. In the latter, individual sectors will have their own committees to study their vulnerabilities and threats. Presently, the definition of critical infrastructure in the Indian context is most important. We need to move fast. Else, the cyber attackers will be here.

Curated For You

Kamakhya-Howrah: Indias 1st Vande Bharat Sleeper train to start commercial run from Jan 22 check stops, timings

Kolkata set to experience 4-5C rise in next few days, Met predicts warm weather during Saraswati Puja

I worked even on day my daughter died: Paid just Rs 66 daily, Chhattisgarh midday meal cooks seek better wages