Is India Ready to Protect its Digital Glory? Samvada World

Approximately 83 per cent of Indian organizations experienced cybersecurity incidents in 2023, ranging from web attacks and phishing attempts to supply chain infiltrations, which have not only posed significant threats but have also led to substantial financial losses.
The Indian government has adopted several measures to strengthen its cyber security architecture. The most notable was the 2013 establishment of the National Cyber Security Coordinator (NCSC) under the National Security Council Secretariat.
India also depends on various co-operational programs including workshops wherein it depends on major powers like the United States to guide India in this field.

India was ranked among the top five countries to be affected by cybercrime, according to a 22 October report by online security firm Symantec Corp.^[1] “Power to empower” -This is the motto of the ongoing widespread digitalization campaign in India which is called Digital India, which was introduced by Prime Minister Narendra Modi in 2015. India is in a new age of digitalization which has been thrust further by the current government through several programmes. Nowadays in India, even your boarding pass has to be authorized on a digital platform named Digiyatra. India has also taken a huge leap in digital payments through platforms like Paytm acing in UPI (Unified Payments Interface). A government ID, Aadhar, has also been digitalized which stores all the biometric information of the registered citizens.

However, the security backdrop of this is vulnerable and questionable. For India, a nation with a rapidly growing digital footprint, the question of cybersecurity readiness takes centre stage. Recent reports indicate a concerning trend, with approximately 83 per cent of Indian organizations experiencing cybersecurity incidents in 2023. These incidents, ranging from web attacks and phishing attempts to supply chain infiltrations, have not only posed significant threats but have also led to substantial financial losses, with 48 per cent of organizations reporting 10 or more incidents resulting in million-dollar damages.^[2]

Malicious software such as Stuxnet, Flame, and Black Shades exacerbate India’s inadequate cybersecurity capabilities. India has a lower number of cybersecurity initiatives compared to other prosperous nations.^[3] The threat, again is massive because information in India is heavily interlinked and arguably vulnerable. Cyber security is an arena wherein India should try and build up to ‘securely’ expand its digital footprint.

In India, cybercrime encompasses a wide range of activities, including the dissemination of viruses, unauthorized access to computer systems, stealing personal identities, sending unsolicited emails, overwhelming email servers with excessive messages, sabotaging websites, and engaging in cyberdefamation. The country’s global ranking for internet access is 85th, but its ranking for cyber-attacks is third. India also accounts for 8 per cent of global detections of ransomware, the fourth-largest share in the world.^[4]

Malicious software such as Stuxnet, Flame, and Black Shades exacerbate India’s inadequate cybersecurity capabilities. India has a lower number of cybersecurity initiatives compared to other prosperous nations.

Over the last decade, the Indian government has adopted several measures to strengthen its cyber security architecture. The most notable was the 2013 establishment of the National Cyber Security Coordinator (NCSC) under the National Security Council Secretariat. The NSCS plays a crucial role in coordinating with other central-level agencies on matters related to national cyber security. One of its key responsibilities is to monitor communication metadata, providing valuable inputs to law enforcement agencies for investigating potential cybercrime cases.

The forthcoming National Cyber Security Reference Framework (NCRF) will replace the outdated strategy and adopt a common but differentiated approach. There have also been other measures such as the creation of Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) which is a new desktop and mobile security solution for cyber security in India. It was launched by the Indian government’s Computer Emergency Response Team (CERT-in) in 2017 to combat cyber security violations and prevent their increase. CERT-in also functions as the nodal agency for the coordination of all cyber security efforts, emergency responses, and crisis management. It is responsible for monitoring and responding to cyber threats, providing technical assistance to organisations, and disseminating information about cyber security best practices.^[5]

India’s Cyber Security is also maintained by the Defense Cyber Agency which is also responsible for managing cyber security in the arena of defence which is extremely tangible, bonded by the intangible form of power. In today’s world, even the country’s tangible form of power available at its disposal like missiles or nuclear weapons is heavily linked to the cyber security of the country. Another organisation handling cybersecurity games is the NCIIPC. National Critical Information Infrastructure Protection Centre (NCIIPC) is an organisation of the Government of India created under Sec 70A of the Information Technology Act, 2000 (amended 2008), through a gazette notification on 16th Jan 2014 Based in New Delhi, India, it is designated as the National Nodal Agency in respect of Critical Information Infrastructure Protection.^[6]

All these sound like credible responses in the last decade but in reality these are not keeping up with the pace at which India’s digital footprint is growing. India depends on cooperation programmes in cyberspace. It also depends on MoUs, to develop in this space. For cyber security, the Indian Computer Emergency Response Team (CERT-In) has formed agreements with peers in Malaysia, Singapore, and Japan. The Memorandums of Understanding (MoUs) would foster greater cooperation between India and the three nations for the exchange of information and experience in the detection, resolution, and prevention of surveillance incidents. CERT-In functions to improve the efficacy of cyber security in the country and strives to prevent and respond to Cyber threats.^[7]

India relies on collaborative work as well in many cases but it still faces shortcomings in matching the security standard with data breaches on an evident rise in recent times.

India also depends on various co-operational programs wherein it depends on major powers like the United States to guide India in this field. These programs also take place in the form of workshops. These also take place in the form of drives wherein a framework for cyber security is weaved for India collaboratively by powers like the United States or the European Union. Some namely drives or co-op programs are the India-US Cyber Framework Agreement signed in 2016, the India-European Union Cyber Dialogue, the India-UK Cyber Dialogue, the India-Israel Cyber Cooperation, the India-Japan Cyber Dialogue, India-Russia Cyber Dialogue.

A recent program wherein Indian entities collaborated with European partners on cybersecurity research and innovation projects was the Horizon 2020 framework. It is quite evident that India depends more on an advisory approach from the major powers, rather than the advanced powers. It relies on collaborative work as well in many cases but it still faces shortcomings in matching the security standard with data breaches on an evident rise in recent times.

It is incorrect to say that India outrightly rejects foreign help for its cybersecurity footprint but is also evident that India has a lot of scope to implement stronger policies to safeguard its vividly expanding digital footprint.

References:

Aadeepto Majumdar

Aadeepto Majumdar is pursuing a Masters Degree in political science at O.P. Jindal Global University. He has a keen interest in Indian politics and International Relations. Views expressed are the author’s own.

Spread the love