Journalism of Courage

Premium

Virtually secure

The National Cyber Security Policy is a much awaited blueprint. The devil is in the trade-off

Written by The Indian Express
July 4, 2013 05:58 AM IST

3 min read

The National Cyber Security Policy is a much awaited blueprint. The devil is in the trade-off

Against the backdrop of continuing revelations on the US National Security Agencys mammoth electronic surveillance and data-mining programme,the Centre has released the National Cyber Security Policy,2013 NCSP. The policy is an attempt to create a cyber security framework that will shore up Indias offensive and defensive capabilities in cyberspace. With the increasing international focus on cyberspace as a vulnerable strategic space that needs to be secured against attacks from a variety of external state and non-state actors,as well as on the opportunity it accords to nations to conduct similar operations of their own,there is little doubt that India needs to address cyber security on a national level. The NCSP offers a starting point,especially as it conceives of securing cyberspace as a more broad-based task than the admittedly important job of protecting critical infrastructure,like power grids and nuclear plants.

This story requires a subscription

Select a plan and use IE10 code to get 10% extra off

POPULAR

EXPRESS EDGE

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹133/month

Best for UPSC aspirants

This story requires a subscription

Please Select A Plan

POPULAR

EXPRESS EDGE

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹133/month

Best for UPSC aspirants

Still,the NCSP reads like a collection of lofty goals with inadequate clarity on how any of them is to be achieved. Details are scarce. For instance,while the policy calls for the creation of several agencies,including a 24215;7 National Critical Information Infrastructure Protection Centre NCIIPC,to be housed under the beleaguered NTRO,it fails to outline their operational structure. The NCIIPC is to be the nodal agency to protect critical infrastructure,while another 24215;7 agency,CERT-In,is to coordinate all emergency response and crisis management. The policy fails to outline the ways in which the objectives of these agencies are different,or even lay out protocols to establish inter-agency chains of command. Similarly,the NCSP says it will create a workforce of five lakh cyber security professionals in five years,but vague hints at capacity-building and skill development to achieve that goal do not inspire confidence,given that the IT industry has,for years,struggled to find employable labour.

Creating a national cyber security policy is no easy task. It involves reconciling contradictory goals,such as data privacy and collection of threat information. The NCSP precludes a discussion on these rather important questions by not acknowledging that such trade-offs exist.

Tags:

editorial ie

Journalism of Courage

Edition

Install the Express App for
a better experience

Featured

Today's E-paper
Dec 20, 2025