Information and Network Security: Important Issues

As ICT becomes increasingly integrated with day-to-day life, there is an urgent need for a specialist organisation to identify and address vulnerabilities

S Reghunathan, Former Chief Secretary, Government of NCT of Delhi

As the Internet and the World Wide Web become more and more ubiquitous, concerns related to privacy and security would increasingly assume centrestage. In the physical world, events are somehow attributed to divine powers and super powers. Activities of individuals are, to a large extent, modulated and controlled by religions and organisations. Larger organisations even wield influence over national policies. In the physical world, we have well-defined structures of control, but the virtual universe that is springing up at such a rapid rate still lacks that structure. This is a major issue as there is no organisation that really controls the virtual world. This is a great threat because today IT infrastructure can be very effectively used to disturb all the physical features, physical universe which is becoming increasingly dependent on the cyber world. Cases of cyber attack or cyber threats are becoming increasingly common nowadays.

Our important assets such as power plants, power distribution lines, cyber networks etc., which are now distributed between the public and private sector, are all critically reliant on ICT. Just like in religions where interdependence is absolutely established and one cannot live without another, in the cyber space also interdependence is going up every day. Therefore there is absolute necessity for the public and private sectors to coordinate and collaborate to work together, especially when issues related to security come up. There are organisations working on aspects of cyber security, but there is the need for an organisation that can focus on all major issues related to the cyber world in a comprehensive manner. One feels that the private organisations are not making requisite investments into security-relate aspects of critical networks. A specialised organisation that can identify vulnerabilities and ensure that critical network and infrastructure is secured is badly needed today.

“Just like in religions where interdependence is absolutely established and one cannot live without another, in the cyber space also interdependence is going up every day”

In order to be effective, such an organisation would need participation from all stakeholders and not just the government. It would be virtually impossible to ensure high-level security for the entire network, and therefore the need is to identify those critical components of the network that must be guarded against breach. As we go on deepening and widening our networks down to the level of Gram Panchayats, the amount of critical infrastructure that is coming up and the complexity of the security need is huge. This challenge can be met only if all interested parties come together and pool their resources and expertise towards a common end.
Finally, there is also the need for a framework governing the use of networks during times of national emergencies and disasters. Many public and private organisations have fibre that can be utilised in times of emergency so as to mitigate the sudden load on the common communications networks. However, there is as of now, law that can authorise the use of such networks during times of crisis. It is imperative that such a framework also be put in place.

While the Information Revolution has given rise to unprecedented opportunities and has ushered in massive change, it is imperative that the threats to and from ICT and networks are also recognised and steps taken to address the same on a priority basis.