A detailed cybersecurity policy is must to proactively identify threats in real-time to generate actionable intelligence
Knee-jerk responses, rather than proactive steps, have been the hallmark of India’s approach towards cybersecurity. However, in the changing global environment, it is imperative for nations to formulate robust cybersecurity policies that help proactively monitor threats and quickly neutralise them. A stifling bureaucracy, inadequate infrastructure, lack of coordination among multiple agencies and a glaring absence of strategy are among the hindering factors. Unfortunately, India simply does not have the necessary infrastructure to monitor threats and respond to incidents at the State and sectoral levels. Alerts about attacks and perpetrators often come from external agencies and researchers outside India. The frontline institutions that do exist in India lack teeth. In the absence of powers and resources, enforcement is difficult and often patchy. More worrying is the absolute dearth of cybersecurity monitoring at the State, sectoral, regional, and utility levels. The Indian Computer Emergency Response Team (CERT-In), the nodal agency for incident response, and the National Critical Information Infrastructure Protection Centre (NCIIPC), responsible for the security of critical information infrastructure, often find themselves inadequate to the task and fail to identify threats on their own. The recent Rs 20,000-crore proposal to revamp cybersecurity by centralising all controls is a welcome first step and the next challenge is to improve coordination and accountability among the cyber and intelligence agencies. Apart from stronger agencies at the top, India needs to create institutions to monitor and execute cybersecurity downstream. The September 2020 power outage in Mumbai, due to a cyberattack by a Chinese hacker group, exposed the loopholes in the country’s monitoring and response systems.
India lacks a detailed cybersecurity doctrine policy. Barring a few sectors such as finance, where the regulator actively keeps a tab on threats, there are no mandatory guidelines in place, sectoral or otherwise. Various agencies have the charter for cybersecurity, but they are all disjointed with no clear delineation of roles and responsibilities. Though some tentative attempts were made to proactively monitor and identify threats in real-time to generate actionable intelligence, the project failed to take off because of turf wars and fund shortages. Cybersecurity is not only about incident response, but proactive intelligence gathering and counterintelligence activities also form a major chunk of it. The incidents of cyberattacks on critical IT infrastructure have become commonplace. The country cannot afford to ignore the growing threats posed by well-organised international hackers. There is an urgent need to strengthen the National Cyber Coordination Centre for effectively monitoring internet traffic at the metadata level to identify anomalies and generate alerts. Though the Information Technology law mandates that the NCIIPC protect and advise critical information infrastructure, there are no provisions that give it the enforcement powers.
Now you can get handpicked stories from Telangana Today onTelegrameveryday. Click the link to subscribe.