You are on page 1of 8

India 2020 defexpo

Cyberspace and Securing


National interests
VIJAY KUMAR KAUL
examines the importance
of cyberspace, the
opportunities and challenges
it offers, the type of
capabilities and system it
need to develop and the
India’s standing in terms of
cyber security capabilities
and system

as they detected ransom-ware attack on


City’s network. In ransom-ware attacks,
criminals try to extort money by blocking
access to computers.
Similarly, in 2015 and 2016, hackers
snuffed out the lights for hundreds of
thousands of civilians in Ukraine in
the first power outages ever triggered
by digital sabotage. Then came the
most expensive cyberattack in history,
NotPetya, which inflicted more than $10
Wikimedia Commons

A visualisation of the various billion in global damage in 2017. Finally,


routes through a portion of the 2018 Winter Olympics became the
the internet target of the most deceptive cyberattack
ever seen, masked in layers of false flags.

T
In fact, these unprecedented events
he world has witnessed out likely by a state or state-sponsored aren't merely the recent history of
a disturbing increase in organisation. Iran is suffering from the cyberwarfare’s arms race, they are all
disruptive cyberattacks since US sanctions. After withdrawing from the linked back to a single, highly dangerous
2014-15. On December 11, Iran’s Nuclear Deal of 2015, the USA has group of hackers: Sandworm. Sandworm
2019, newspapers reported imposed sanctions on Iran which have is suspected to be linked with Russia. In
a statement that Iran has ‘identified crippled the Iranian economy. In June case of Ukraine’s outage in 2015, many
and diffused a massive cyber-attack 2019, the USA cyber-attacked the Iranian global cybersecurity analysts believe
on its electronic infrastructure. It was Intelligence system with a devastating Russia is using Ukraine as a laboratory
very large, organised and government effect. It was reportedly in response to for perfecting new forms of global online
attack.’ No country or group has been Iranian attack on commercial vessels in combat. And the digital explosives that
named as attacker. In November 2019, the Gulf. Earlier in the year- 2009-2010 Russia has repeatedly set off in Ukraine
the details of 15 million Iranian debit also, Washington used Stuxnet computer are ones it has planted at least once
cards were published online, exposing virus, a US-Israel joint creation, and before in the civil infrastructure of the
the account information of almost one- disrupted thousands of Iranian centrifuge United States.
fifth of Iran’s population. Though, Iran (enriching uranium) in the Iran’s nuclear In the Cyberspace, cyber-attacks are
denied the breach a result of a hack, cyber sites. On 13 December 2019, the city of the medium to inflict damages to the
experts believe the attack was carried New Orleans declared State of Emergency targeted entity, city, state or country. This

70 February 2020 www.geopolitics.in


defexpo

medium connects, in every direction, to


the all activities of civilisation itself. In
contrast to the use of force and the armed
military attack, a vast majority of state
cyber-attacks are persistent, low-level
attacks that may leave no physical trace.
With the increased use of cyberspace for
social, economic, political and military
uses, these cyber-attacks have become
common in large number of countries
organised by states and non-state actors.
These attacks are capable of significant
damage to critical infrastructure,
military assets, financial network, and
political and social stability and inflict
huge economic costs. It, therefore,
becomes essential for the state to create
a strong cyber security capabilities and

Wikimedia
system to create resistance to any cyber
intrusion and attack, as well as offensive
capabilities. Blockchain panel discussion at the first IEEE Computer Society TechIgnite conference

Shifting Global Politics, National Interest


and Cybersecurity for communications, logistics, and
The global security landscape among finance.
the major power has changed with the The world is fast moving towards
ch
emergence of China and the internet.
a n d e n i e d t he br ea r t s digital economy. The size of the USA’s
Ir p e
Though, f a hack, cyber ex ied
During the Cold War period, global digital economy in 2017 was almost $1.5
rivalry was between the US and Russia trillion, that is 6.9 percent of the total
(erstwhile USSR) for military superiority lt o
a resu e attack was c - a r r GDP. Globally, UNCTAD estimates that
believe th by a state or state
and geopolitical influence. There was e-commerce was worth $29 trillion in 2017

out likely organisation


no economic interdependence between with around 1.3 billion people shopping
these two powers. The USSR was not online—up 12 percent from the previous
a party to the GATT and the US was
founder member of GATT. There was a
s p on s o r ed year. Around 12 percent of global goods
trade is via international e-commerce. As
relative separation between the security per the McKinsey estimates, in the year
and economic spheres at a government 2014 the cross-border flows of data were
and economic level. Wherever there valued at around $2.4 trillion—more than
was overlapping, the issues were dealt global trade in goods.
separately, such as with trade in products In the functioning of digital economy,
with security applications, were dealt with there is need to have access to hardware
separately, in the Wassenaar Agreement and software for production and
and the Missile Technology Control focus for many countries, as the risk of delivery. Small businesses can get instant
Regime (MTCR). With the collapse of cyber-attacks is a key point of security as international presence through website
the USSR, the US emerged as the only well as economic and social vulnerability. and e-commerce that in turn provides
superpower with military and economic a significant opportunity to increase its
capabilities. The USA also pushed and Cyberspace and Digital Economy: participation in international trade. The
supported globalisation and growth in Opportunities and Challenges use of digital technologies across sectors
international trade as it served its national Opportunities and countries generates lot of data.
interests. Digital evolution and creation of This global flow of data is essential for
Since 2007, China as a military and cyberspace is human mind’s biggest e-commerce, insightful decision making,
economic power has been challenging invention. It has dramatically transformed and innovation. As per the WTO, the use
the US predominance in some areas. human existence. Human’s ability to of digital technologies has also reduced
China is not a US ally and its economic digitise, store, analyse, and transport data trade cost and is likely to increase the
development and governance systems around the globe has had profound effects world trade by up to 34 percent by 2030 as
are different from the US and its Western in every sector of society, and has changed per the WTO. This includes using digital
allies. At the same time, China’s economy the way we conduct personal, business, technologies to reduce transport by
is deeply integrated with the US via trade and political affairs. Today, approximately increasing the efficiency of logistics, using
and investment. The global internet half of the world’s population is online robots to optimise storage and inventory,
has increased such connectivity along and this number is rapidly increasing. But and using block-chain to facilitate
with the scope for attack. This makes even those not personally connected to customs processing.
cyber-security a point where the pulls cyberspace are affected by its reach, since Service trade—the purchase and
of connection and push of competition the entities they rely upon to provide consumption of services online—has got
converge. Reducing cyber risk is now a goods and services often use cyberspace big boost with internet access and cross

www.geopolitics.in February 2020


71
India 2020 defexpo

Swiss European
surveillance: face
recognition and
vehicle make, model,
colour and license
plate reader
Wikipedia

border data flows. Many of the emerging virus in 1977, to hacking web sites, international community is urging
technologies, like cloud computing, malicious code, to Advanced Worm and for collaboration and cooperation
delivered online are themselves services. Trojan, to Identity theft(phishing) to, invoking UN principles. A UN Group
Data collection and analysis are adding now 2010 onwards. Cyber Espionage and of Government Experts (GGE) agreed
value to goods exports through so-called Cyber warfare. Forbes has predicted that in 2013 and 2015 that the principles in
“servicification.” Data flows enable “In 2020, we’ll see an increasing number of the UN Charter, including sovereignty
digitisation of the entire manufacturing cybercriminals use Artificial Intelligence and the prohibition on intervention in
enterprise, shorter production cycles (AI) to scale their attacks. AI will open another state’s affairs, apply to states’
and collaborative and connected supply the door to mutating malware based on activities in cyberspace. The 2015 GGE
chains. The deployment of 5G networks attackers using genetic algorithms that also recommended eleven (non-binding)
and technologies will accelerate the are capable of learning, increasing their norms of responsible state behaviour
growth of the digital economy and chances of success.” There are 141+42 in cyberspace. However, there was no
digital trade. The ‘most transformative cyber security subject predicted by the consensus among the countries on how
impact will be in bringing faster experts in the year 2020 which ranges to apply these principles. The reasons
processing speeds and increased network from disrupting elections to targeted for this was probably the countries using
functionality. The Internet Protocol will ransom ware to privacy regulations to cyberspace, conducting cyber operations
be used in network architecture as well as deep fakes and malevolent AI. covertly, were reluctant to put their views
by the applications that run on it. 5G will There are four key areas of cyber risk on record. Now, there is some debate,
effectively turn everything into data as with implications for global data flows in principally between countries in the West,
everything becomes an IP app. This will a digital economy. The first is the national about the extent to which sovereignty
create lot of new challenges also. defence space. This includes all branches is a legally binding rule in the context
of the military, intelligence services, the of cyberspace and, if so, how it and the
Cyber Security Challenges and Risks defence infrastructure, networks, and principle of non-intervention might
Cyber security has also created a lot of related software, as well as classified apply in practice.
challenges. Growing global connectivity information stored on the networks. President Emmanuel Macron of
of businesses, governments, and supply The second is critical infrastructure, France, on 12 November 2018, launched
chains with the use of AI and Internet like telecom, power grid, ports etc. The the Paris Call for Trust and Security in
of Things (IoT) and cloud computing third area includes trade secrets and IP Cyberspace, urging for the development
have increased the exposure to the risks with commercial value. The fourth area of common principles at the UNESCO
and costs of cyber-attacks. These risks of vulnerability includes other online Internet Governance Forum. In the
undermine business and consumer trust information. USA, the President’s National Security
in the internet as a basis for commerce Telecommunications Advisory Council
and trade. These challenges in cyberspace Call for International Law and Cooperation observed, the U.S. is “faced with a
in the form of threats, crimes and warfare With increased importance of cyberspace progressively worsening cyber security
have moved a long way: from computer and growing disruptive cyber-attack, threat environment and an ever-

72 February 2020 www.geopolitics.in


defexpo

increasing dependence on internet Ended Working Group (OEWG) under a sovereignty’, distinct from the
technologies fundamental to public resolution proposed by Russia to consider international law concept of sovereignty.
safety, economic prosperity, and overall how international law applies to states’ This term describes the wide-ranging
way of life. Our national security is now activities in cyberspace. In the OEWG powers it assumes under domestic law to
inexorably linked to cyber security’. discussions at the UN in September 2019, regulate its citizens’ access to the internet
In the last few years, certain countries several countries claimed that a new legal and personal data within its territory. This
have put on record how they consider instrument was needed to fill the ‘legal approach of China is being used by other
international law to apply to states’ vacuum’ (Cuba) or ‘the gap of ungoverned authoritarian countries. For instance,
activities in cyberspace, namely the UK, areas’ (Indonesia). Russia’s has recently enacted ‘Sovereign
Australia, France and the Netherlands. The existence of the OEWG exploring Internet Law’.
While there may be some differences the same issues in a separate process
in their approaches, there also remains reflects the fact that cyber norms have India’s Cyberspace capabilities
important common ground: namely, become an area of geopolitical rivalry. India is second largest country in terms
that existing international law already Though all countries demand for the of population, third largest country
provides a solid framework for regulating application of international law, most in terms of GDP on PPP and seventh
states’ cyber activities, as it regulates every of them are also adopting divergent largest country in terms of geographical
other domain of state-to-state activity. approaches to the domestic regulation of area. It is multi-cultural, multi-lingual,
However, other countries have cyberspace within their own territory. The multi-religious country with very
called for ‘new legal instruments’ in this emerging trend towards a ‘splinterne’– i.e. fertile agriculture landmass, diversified
area. This includes a proposal by the between states that believe the internet industrial base and vibrant services
Shanghai Cooperation Organisation should be global and open on the hand, sector. Its economy has been growing fast
(led by Russia and China of which India and those that favour a ‘sovereignty and during the last two decades and it has
is also a member) for an International control’ model on the other – is making become around $3 trillion economy. It
Code of Conduct on Information Security. discussions at the GGE more challenging. has aimed to achieve $5 trillion economy
The UN has also formed a new Open- China has coined a term ‘cyber status in the coming years. India is also
surrounded by enemy countries which
have been raising a low intensity proxy
Table-1: Trends of cyberattacks war against India. In addition, increased
power of non-state actors/terrorist to
Trends Explanation disrupt the economic functioning of
Hackers are increasingly targeting Malware targeting such devices are more easily the country is a serious threat. India’s
connected smart Home devices available. It is also possible that first time hackers modern critical infrastructures like
energy, telecom, ports, transportation,
are targeting these devices to gain experience
etc are using digital technologies and
High reconnaissance activity India continues to be in the cross hairs of state control systems. A large population of
and non-state actors India is using internet and smartphones,
and India is counted as having the second
Critical infrastructure continues to be a Such installations are targets for sophisticated largest online population. E commerce
key target attacks launched by state-backed and is flourishing and generating huge data.
experienced hackers Increased use of digital payments, vast
financial system and e governance, the
Attacks on Operation technology (OT) With more OT systems getting connected with cyberspace has become critical area to be
systems continue to rise IT networks, they are attracting more attacks. protected and secured.
Hackers are targeting IT and OT systems using India is facing continuous cyber-
similar malware. As OT systems are often using attacks on its cyberspace. A report
older technology and security aspects are not prepared by Subex Ltd ‘The state of
getting adequate attention, the chances of hackers internet of Things security in India-Q3
succeeding remains high. 2019’ in November 2019 has given the
following key numbers of cyber-attacks in
Attacks on smart city and defence These two are the usual targets the quarter ending October 2019: 14000
installations remain high critical attacks detected of very high
sophistication and persistence, 70,300
Hosted botnets still active Lack of adequate security measures, use of High grade attacks, 8300 malware variants
second hand devices and default passwords identified, 3507 modular malware
have all contributed to devices turning into bots. samples isolated, 90 days average
Botfarms continue to expand as newer devices malware persistence, Bengaluru, Mumbai
get added on a daily basis and New Delhi together account for 38
percent of all attacks detected. The report
Increased detection of military A huge cache of such malware was released also presents the trends of cyber-attack
grade malware by some developers in January 2019 some of shown in Table-1.
which have now ended up in the hands of hackers The key numbers and trends showed
targeting Indian installations in Table-1 shows that India urgently needs
protection and strong cyber security
Source: Subex Ltd, Report the state of IoT security in India | 03, November 2019(10) capabilities. It lacks effective offensive

www.geopolitics.in February 2020


73
India 2020 defexpo

A 5G mobile tower
installed in Germany
Wikipedia

and defensive cyber security capabilities low commitment. Table-4 gives GCI score
and lack access to mechanism vital to Table-2: Five Dimension of Global Cyber of selected developed and developing
confronting sophisticated malware. Security Index countries. India’s score is 0.719 and rank is
In order to further explore the India’s 47. This is considered high commitment
cyber capabilities, data from two Global 1. Legal: Measures based on the existence in all pillars. South Africa, Iran and Brazil
cyber security index has been taken and have committed and engaged in cyber
compared with other leading countries’ of legal institutions and frameworks dealing security.
cyber security capacity. First, Global with cyber security and cybercrime. The report has also projected that
Cyber Security Index (GCI) 2018 prepared cyber-crimes will cost world US$2 trillion
by ITU has placed India on 47 rank. As 2. Technical: Measures based on the by 2019. There will be less ransom-ware
per this GCI, shows that India has strong existence of technical institutions and attack but more of personal data breach
commitment and capabilities in cyber and critical infrastructure breaches. There
framework dealing with cyber security.
security. Global Cyber Security Index 2018 is widening gap among countries in terms
has examined the cyber capabilities and of cyber security legislation, strategies,
commitment of 194 countries on five 3. Organisational: Measures based emergency response teams, awareness,
pillars: Legal, Technical, Organisational, on the existence of policy coordination capacity to spread out strategies,
capacity building and cooperation (see institutions and strategies for cyber security capabilities and programme.
Table-2). development at the national level. To get a further insight in the
On the basis of five dimensions on capabilities another Index ,National
which GCI score has been prepared, 4. Capacity building: Measures based on Cyber Security Index, is used. The
a comparison of top 10 countries is National Cyber Security Index (NSCI) is
presented in Table-3. This table clearly the existence of research and development, a global index, prepared by e-governance
shows that most of the top countries have education and training programmes, Academy of Estonia. This Index measures
high commitment on all the dimensions certified professionals and public sector the preparedness of countries to prevent
except cooperation. There is a need to cyber threats and manage cyber incidents.
agencies fostering capacity building.
increased international cooperation in The NCSI is also a database with publicly
the field of cyber security. Two Asian available materials and a tool for national
countries, Singapore and Malaysia have
5. Cooperation: Measures based on the cyber security capacity building.
been included among top nations. existence of partnerships, cooperative The NCSI focuses on measurable
All the countries in GCI score are frameworks and information sharing aspects of cyber security implemented
ranked and placed in three categories: high networks. by the central government:1) Legislation
commitment, moderate commitment and in force – legal acts, regulations, official

74 February 2020 www.geopolitics.in


defexpo

operations is poor to non-existent. This


Table-3: Global Ranking of GCI score of Top 10 countries clearly shows the areas in which India
Rank Member GCI Score Legal Technical Organisational Capacity Cooperation needs to develop.
States Building Let us look at the legal framework
and the institutions created by the
1 United 0.931 0.200 0.191 0.200 0.189 0.151 Government of India. There has been
Kingdom constant institutional capacity building.
India has enacted Information Technology
2 United 0.926 0.200 0.184 0.200 0.191 0.151 Act 2003 and National Cyber Security
States of Policy 2013 (NCSP). NCSP is criticised
America on number of points as it just talks of
3 France 0.918 0.200 0.195 0.200 0.186 0.159 principles and no integrated framework is
presented to operationalise cyber security
4 Lithuania 0.908 0.200 0.168 0.200 0.185 0.155 threats etc. and there is no discussion on
new technology risk. There are multiple
5 Estonia 0.905 0.200 0.195 0.186 0.170 0.155 stakeholders in the policy which leads to
6 Singapore 0.898 0.200 0.186 0.192 0.195 0.125 ambiguity and indecisiveness. Moreover,
India is yet to develop a Data protection
7 Spain 0.896 0.200 0.180 0.200 0.168 0.148 law. Draft legislation has been submitted
8 Malaysia 0.893 0.179 0.196 0.200 0.198 0.120 to the parliament in December 2019
and has been referred to Committee for
9 Norway 0.892 0.191 0.196 0.177 0.185 0.143 further scrutiny and approval. There is no
10 Canada 0.892 0.195 0.189 0.200 0.172 0.137 cyber security legislation of strategy.
India has created overtime a large
Source: Based on Global Cyber security Index, 2018 number of cyber security institutions and
capabilities. Some of these institutions
are as follows: National Cyber Crime
orders, etc. 2) Established units – Germany, France, etc, India’s capacity is Coordination (NCCC), Indian Computer
existing organisations, departments, average except in case of Education and Emergence Response Team (CERT-
etc. 3) Cooperation formats – council, professional development, protection In), National critical Information
committee, official working group, etc 4) of essential services, E-identification Infrastructure Protection Centre
Outcomes / Products – policies, exercises, and trust services, cybercrime and crisis (NCIIPC), Cyber Swachhta Kendra,
technologies, websites, programmes, etc. management. India’s capacity in terms National Technical Research Organisation
The index has 3 categories, 12 capacities of cyber threats analysis and informing, (NTRO), Network Traffic Analysis System
and 46 indicators. The result of this index contribution to global cyber security, (NeTRA) of DRDO, CERT-Fin (For
is different from GCI. The NSCI score has protection of digital services, protection Financial Sector), Crisis Management
been compared with Digital Development of personal data, and military cyber Plan.
Level (DDL). The digital development
level is calculated according to the ICT
Development Index (IDI) and Networked Table-4: Global Rank of GCI of Selected Countries Including India
Readiness Index (NRI). The DDL is the Country Score Global Rank GCI group
average percentage the country received
from the maximum value of both indices. United Kingdom 0.931 1 high commitment in all five pillars
The difference between DDL and NSCI
USA 0.926 2 high commitment in all five pillars
shows that difference between the two.
If NSCI is higher than DDL, it shows France 0.918 3 high commitment in all five pillars
that there is more commitment and
capabilities on cyber security than the Japan 0.880 14 high commitment in all five pillars
general digital development level in the Germany 0.849 22 high commitment in all five pillars
country and vis a versa. Table-5 presents
the comparison of national cyber security Russia 0.836 26 high commitment in all five pillars
index with digital development level. China 0.828 27 high commitment in all five pillars
Table-5 clearly shows that most of
countries, including top nations have India 0.719 47 high commitment in all five pillars
more developed digital capabilities than
South Africa 0.652 56 Developed commitment & engage in
the cyber security capabilities. However,
in case of India, the commitment and cybersecurity
capabilities are more for cyber security. Iran 0.641 60 Developed commitment & engage in
This confirms the earlier GCI score report cybersecurity
showing India’s high commitment to
cyber security. A further detailed analysis Brazil 0.577 70 Developed commitment & engage in
of 12 capacities has been given in Table-6. cybersecurity
Table-6 shows that in comparison of
other top countries, like the US, the UK,
Source: Based on Global Cyber security Index, 2018

www.geopolitics.in February 2020


75
India 2020 defexpo

Table-5: Comparison of National cybersecurity Index with Digital Development Level

eply inte- d
Country Rank National cyber Digital Development Difference
security Index Level m y i s d e
c on o e an
United Kingdom 8 75.32 83.96 -8.64 China’s e h the US via trad rnet
it
grated w nt. The global inte ivity
USA 21 64.94 82.33 -17.39 t
i nv e s t m e a s e d s u c h c o n n e c c k
has in h the scope for ta
r e a t
France 1 83.12 79.06 4.06 c
Japan 17 66.23 82.15 -15.92
along wit
Germany 2 83.12 81.95 1.17
Russia 22 63.64 67.49 -3.85
China 53 38.96 58.00 -19.04
India 39 50.65 42.29 8.36
South Africa 69 28.57 54.80 -26.23 These CDCs are powered with cyber
next platform (a platform powered
Brazil 67 29.87 59.17 -29.30 with next-generation cybersecurity
capabilities) and deliver 24x7 next-
Source: Based on The National Cyber Security Index, 2018 gen managed security services with a
combined capacity of 1000 plus seats.
India has also built strong IT companies have been incorporated in the The company is taking three-pronged
capabilities in terms of a vibrant IT last one decade. Some of the companies approach to constantly skills, reskill
ecosystem that includes IT corporate are enjoying an average annual growth and upskill. For the first part of skilling,
sector, IITs and engineering education rate of 60 percent. These companies the company has partner in Purdue
institutions etc. As the IT sector is evolving have achieved turnover of over $450 University in Indiana, US. Re-skilling is
with computer, internet, server services to million in 2018. Around one third of these done through ‘training, certification and
high volume data sharing over internet, to companies are offering products in AI/ constant development of skills in specific
smartphone and cloud to smart devices MI domain. Among all these companies technology and domain, infrastructure
now, along with ever growing cyber around 65 percent are offering both cyber security, Security information and
security risks and challenges, the Indian security product and services and around event management (SIEM), security
IT enterprises are also evolving their 35 percent are offering pure product orchestrations, automation and response
capabilities and strengths. As estimated solution. These companies have filed 116 (SOAR) etc. Finally, constant up-skilling is
by the Gartner cyber security market patents out of which 44 patents have been done on niche technology training, such
worldwide is going to be $124 billion by granted. as cloud operational technology/Internet
2019. Indian IT sector has potential to be Infosys, an Indian IT giant, is also of things, block chain and 5G.
a global hub for cyber security product expanding its cyber defence centres There is, however, a shortage of skilled
solutions. The cyber security companies (CDCs) from existing 5 (located in Pune, manpower. NASSCOM has estimated
in India have increased from 1 in 1990 Hyderabad and Bucharest) to 7 (2 new that India needs 1 million skilled people
to 175 in 2018. Seventy percent of these ones in Indianapolis and Mysuru). whereas at present we have around 50000
Wikimedia Commons

Feature detection (pictured: edge detection) helps Artificial Intelligence compose informative abstract structures out of raw data

76 February 2020 www.geopolitics.in


defexpo

on the cyberspace take information of


Table-6: Detail score of 12 dimension of National Cybersecurity Index of select countries individual and their activities as price.
United Germany USA France Russia China India The business models of the companies
Kingdom operating in cyberspace keep on
changing. An up to date awareness of
Cyber security policy Policy 86% 100% 57% 86% 86% 14% 57% these issues needs to be given to the
development people. Government should develop
some mechanism of providing these
Cyber threats Threats 100% 100% 20% 80% 60% 20% 20% services.
analysis Technology Development as National
and informing Priority: Second pillar of such strategy
Education and Education 100% 100% 89% 89% 89% 89% 100% is the development of technology to
protect from the cyber threats, attack
professional and wars. At the same time, it needs to
development develop offensive capabilities also to send
Contribution to global Global 100% 33% 100% 50% 17% 17% 17% signals and impose cost on the attackers.
cyber security Technology is changing fast. There
is need to develop skilled manpower
Protection of Digital 0% 100% 20% 80% 40% 60% 0% and research talent to continuously
digital services improve their capability. There is need
to support cyber security ecosystem by
Protection of Essential 67% 100% 100% 83% 67% 83% 67% the government in terms of funding,
essential services market access and opportunity creation,
E-identification and eID& TS 89% 89% 11% 89% 89% 22% 78% testing and certification, R&D capacity
development etc. IITs providing active
trust services
support to incubators and accelerators
Protection of Personal 100% 100% 0% 100% 100% 25% 0% need to be encouraged.
personal data Legislation: Third pillar is legal
framework to protect the data, capabilities
Cyber incidents CIRC 50% 67% 67% 67% 50% 50% 50% and institutions. It should also penalise
response 24/7 the entity for breach of privacy and data.
India has developed Draft Data Protection
Cyber crisis Crisis 40% 20% 80% 60% 0% 20% 60%
Bill based on Sri Krishna Committee
management report. The same was presented in the
Fight against Police 67% 100% 100% 100% 78% 11% 78% parliament for approval. However, this
cybercrime has been referred to parliamentary
committee for further consultation.
Military cyber Military 100% 67% 100% 100% 50% 50% 0% There is also a need to relook and
operations redevelop the old legislation in view of the
dynamic technological development and
Source: Based on the National Cyber Security Index, 2018 geopolitical developments.
Cooperation-Internal and External:
trained workers. It needs the involvement Lastly, there is need to develop
of universities and higher educational cooperation internally and externally.
institutions. This will also take care of Internally, there is a need to develop

t m o v i ng T h e
unemployment problems in India. cooperative environment among the
r ld i s f a s institutions looking after cyber security.
Integrated Cyber Security Strategy and The wo igital economy. nomy Even for developing skill capabilities,
Policy-Need of the Hour towards de USA’s digital eco ion, a collaboration between educational

size of th as almost $1.5 trill l


India needs an integrated cyber security institutions and government institutions
strategy and policy in view of ever- is required. Industry should also
changing technology and threats. As in 2017 w percent of the tota collaborate to identify new types of
mentioned above, the use of AI in
cybercrime and attacks needs new
that is 6.9 technology and threats. Internationally,
with the growing threats of cyber war and
strategy and technology. Cyber security G DP crime, collaboration at the UN and other
policy is also increasingly risk-based, international bodies is required. New
requiring governments, organisations, networks and institutions are emerging
and businesses to assess the risk of attack, with collaborative mindset and to protect
determine potential harm, and develop others from cyber security threats and
appropriate measures to reduce the risk wars. There is a need to identify and
or impacts. India’s cyber security strategy the people need to be made aware of the collaborate with them.
should be based on the following four risk involved in the use of cyberspace and
pillars: sharing their information and loosing The author is Professor, Department of
Public awareness and education: All privacy. All the services freely available Business Economics, University of Delhi

www.geopolitics.in February 2020


77

You might also like