In this blog, Ayush Agarwal, a student of UPES Dehradun, pursuing B.Tech LLB specialization in Cyber law describes the cyber security policy and the governments plans for securing India from cyber crime, during his internship at Cholamandal IP under the supervision of Senior Counsel of Cholamandal IP Law Firm P. Sanjai Gandhi .
India is a developing country with the establishment of new technologies and innovations, but there are many consequences in the cyberspace. Many people of the country misusing the internet and indulging themselves in the cyber threat. We all know about the cyber crimes cases and their increasing numbers. We know about the happenings of crimes, but are we aware about the special organization, task force or Governmental Institution to stop all the menace. What are the projects or government initiative to stop these crimes which leads to rise the need of cyber security in India. The cyber security in India is in meager condition.
Every Indian needs to safeguard themselves for not becoming the victim of the cyber crimes. Is India bound with the advance technology to secure the people using the internet. Will it catch the attackers of crimes. Are we having the trained expertise with proper computer programs and softwares to catch the person indulging in the criminal activities.
One good initiative taken by many websites, emails, messaging apps and in the banking sector is the encryption method which is the end-to-end user connection where no one can hack the established network between them and do not interchange the messages or hacks the bank accounts. As India gears up the cyber security challenges the threat goes multiplied.
The cyber security awareness programme must be further improved so that various stakeholders can contribute significantly to the growth and implementation of cyber security initiatives of Indian government
National Cyber Security Policy, 2013
The vision of Ministry of Electronics and Information Technology, organization on behalf of Government of India behind this policy is to build up the secure and volatile cyberspace for citizens, businesses and government and their mission is to protect data and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber crimes, reduce vulnerabilities and minimize the damages caused from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
Objective of the policy
● To create a secure cyber environment and to generate the trust in IT systems and transaction which the user performs and providing IT to all sectors of businesses
● To develop appropriate security technologies through research, and to provide new techniques to help in minimizing the crimes and to catch the hackers or the criminals.
● To provide financial benefits to businesses for adoption of standard security practices and processes
● To enable protection of information while in process, handling, storage & transit so as to safeguard citizen data and for reducing economic losses due to cyber crime or data theft.
● To develop effective public private partnerships and collectively engagements through technical and operational cooperation and contribution for enhancing the security of cyberspace.
● Creating a secure cyber environment: – To encourage all the organization to have a security policy, according to their business plans and have a specific budget for the security and information storage of the company and with firewalls and other basic security entities.
● Creating an assurance framework: – the company should have an International organization of Standardization (ISO) certificates 270001 especially for IT sectors.
● Strengthen the regulatory framework: – the steps taken by the companies and the government for securing the information are to be regularly checked and updating of the software to overcome the new threats of cyber crime in the market
● Promotion of Research and Development in cyber security: – To encourage Research & Development to produce cost-effective, indigenous security solutions meeting a wider range of cyber security challenges.
● Creating Cyber Security Awareness: – to promote comprehensive national awareness programs on security of cyberspace and to conduct seminars and workshops and certification courses of cyber security
Governmental organizations for cyber security
Government started many programmes and projects related to cyber security but are not well functioning. The cyber security and information technology are under Ministry of Electronics and Information Technology( MeitY), Government of India. The organization governance for empowering citizens, promoting the inclusive and sustainable growth of the Electronics, IT industries, enhancing India’s role in Internet Governance, adopting a multipronged approach that includes development of human resources, promoting R&D and innovation, enhancing efficiency through digital services and ensuring a secure cyberspace.
Objectives of MeitY
● e-Government: Providing e-infrastructure for delivery of e-services
● e-Industry: Promotion of electronics hardware manufacturing and IT industry
● e-Learning: Providing support for development of e-Skills and Knowledge network
● e-Security: Securing India’s cyber space
● e-Inclusion: Promoting the use of ICT for more inclusive growth
● Internet Governance: Enhancing India’s role in Global Platforms of Internet Governance.
Along with Government organizations, many IT sector industries also started cyber security services to other industries to secure information from theft and other crimes. India is far behind other countries in the sector of cyber security which is the need of every individual or industry.
Project related to Cyber Security
Many projects are not yet started, but the plan has been proposed before the Government of India.
Crime And Criminal Tracking Network and Systems (CCTNS) Project Of India:-It aims at creating a comprehensive and integrated system for enhancing the efficiency and effectiveness of policing through the adopting of principle of e-Governance and creation of a nationwide networking infrastructure for evolution of IT-enabled-state-of-the-art tracking system around ‘Investigation of crime and detection of criminals’
National Cyber Coordination Centre (NCCC) Of India:-It’s aim is to provide protection of metadata, not personal data and improving the information sharing making it more vulnerable for citizens and government.
Central Monitoring System (CMS) Project Of India:-In the month of April 2013 Government of India wishes to implement this project as the infrastructure of information security is increasing, but the failure of the projects related to cyber security also leads this project down. Even after the privacy law, data protection law and cyber security laws these projects are lacking behind.
National Critical Information Infrastructure Protection Centre (NCIPC) Of India:-It is a very ambitious and much needed cyber security initiative of India. It can strengthen the cyber security infrastructure of India and help in establishing the offensive and defensive cyber security capabilities of India.
As we all know the need of cyber security in India, but there is no such laws relating cyber security. The Information Technology Act 2000 is implemented to such extent where applicable. The Indian government has in the past declared that cyber security breach disclosure norms of India would be formulated very soon. However, till now no action has been taken in this regard and companies and individuals are still not reporting cyber security breached to the Indian government and its agencies.