From the past few years, India has been heading to be a country powered by digital interventions and advanced technology. Aadhaar system, UPI online payments, Digital India mission, Digilocker, etc. are evidence for the fact. However, the Coronavirus pandemic gave a sudden boost to the wave of digital transformation in India. And, with rapid digitization to keep the government, businesses, the economy running, ‘Cybersecurity’ takes the centre stage. – Adarsh Som, Elets News Network (ENN).
On the occasion of 74th Independence Day, August 15, 2020, Prime Minister Narendra Modi announced the constitution of a robust policy to monitor and manage the cyberspace and issues related. The PM said that the Government of India is well aware of the cyber threats and vulnerabilities and hence, is in process of developing a robust Cybersecurity policy. PM Modi projected the Government of India’s objective to create a secure cyber ecosystem in the country.
“Soon, a draft of a new cybersecurity policy will be presented to the nation. In times to come, we will have to integrate everything and then work within the cybersecurity framework. The government will further formulate strategies to move forth,” said the PM during his address.
With the ambitious address by the PM on Independence Day, the country looks forward to the measures and framework that the government is planning to secure the cyberspace. And, the citizens are all eyes awaiting the glimpse of the promised Cybersecurity Policy which is much needed now.
India’s Cyberspace – Status at Present
India has been an evergrowing area for industries, businesses, technology, culture, innovation and now the ‘Internet’. In January 2020, the country made a benchmark in term of internet users and became the second-largest internet user base with 560 million users. As per the industry estimates, the user base will keep on with ascending order and is expected to touch 600 million in the year 2021. The figures are quite confirmative of the digital boom ongoing in India.
On the other hand, however, is not a rosy picture. A report released for the first quarter of the year 2020 by Kaspersky Security Network revealed a 37 per cent increase in cyberattacks compared to the final quarter of the previous year. Also, it stated that India ranks 27 globally in terms of cyber threats.
In this huge population of internet users, most access it through their smartphones and hackers or cybercriminals are well aware of the fact. The abovementioned report also underlined that most victims of cyberattacks were targetted through their smartphones.
Looking at a few trends in the digital space globally, we see the cybersecurity is a growing concern not only in India but worldwide. And, this has opened doors for the cybersecurity firms to boost their economic trends. It is estimated that the global cybersecurity market will reach over $170 billion in 2022. Considering the cybercrime aspect, the estimates from Verizon states that 52 per cent of the cybercrimes are breach featuring hacking, 32 to 33 per cent phishing attacks and 28 per cent cyberattacks involve malware.
Hence, the PM Modi’s announcement regarding the constitution of a robust cybersecurity policy sounds like hope to a secured future as the coming times will see from a small child to a job-retired adult, from a peon or sweeper to a CEO and people from all walks of life open on the digital space. So, security a must!
Projecting a serious concern of cybersecurity from the Government’s end, Dr Rajendra Kumar, Additional Secretary, MeitY in an exclusive interview with Elets Technomedia said, “Security of platforms is of prime importance and it should be considered even while conceptualizing any development. Security is not confined to a single level but needs to be addressed at business (defining security policies), infrastructure (appropriate configurations at the network, data centre, and hardware), application (application deployment, OS hardening) and data (storage, access) levels… Safety and security of digital platform should be taken into account when the platform is being developed and after its development. Security by design should be the mantra for a safer and secure digital platform.”
Bhavin Bhansali, Founder and CEO, ProgIST Solutions, in a webinar with Elets Technomedia highlighted that 90 per cent of the cyber attacks begin with a mere email that looks ditto of original emails from repeat brands. These fraudulent emails carry a link and a lucrative message or offer which the recipients tend to click as the brands are trusted. And, with this simple tactic, a phishing attack begins. Further, speaking on vulnerability to cyberattacks, Bhansali said, “It was notified that a hacker group from North Korea ‘Lazarus’ has over two million email Ids of Indian citizens and businesses with them and on the pretext of free COVID-19 testing they might send out an email which will be ditto of emails from the government. Through this, information regarding bank details, personal information or other financial details can be stolen.”
Measures for Augmenting Existing System
The way to betterment begins with a robust and effective policy framework which the Government of India is constituting. Why is it so important? The policy framework will be a set of guidelines or rules governing the digital doings in India. Moreover, it will give a clear distinction on cyberspace regulations. Cybercrime or cyberattacks can be a threat to the social fabric of India, economy, and can even threaten the development of the nation, said PM Modi while addressing the gathering from the Red Fort. “The Government of India is well aware of the fact and is taking steps to combat these risks,” he added.
In an effort to strengthen the digital infra in India and make it safer, the Ministry of Electronics and IT has launched various challenges for tech-based startups. These challenges include the development of video conferencing tools, AI-based monitoring and surveillance tools, online education system, etc. Also, the ministry is looking forward to upscale the winning technologies by providing aids in various ways to the entrepreneurs.
Privatization is one of the steps as many reputed firms have advanced technology-based systems which can help not only the government functions but services and functions in the public domain as well. Moreover, smart cities have also been in focus in terms of augmenting online security.
Security of cyberspace is not only limited to applying advanced tech for the safety of information, data or placing firewalls but also basic digital literacy so that people do not fall easy victims to the cyberattacks. So, one area where more than the robustness of the digital infra, its reach is important is ‘digital literacy’. People living in rural areas and many remote corners of the country are not digitally literate enough to adapt to the sudden shift to online platforms. And, to bridge the gap, the government needs to provide capacity building programmes for such population. Considering capacity building, there is also a need to upscale the skills and knowledge of the government employees who are used to working in a traditional pen-paper manner and face challenges in operating through digital mediums.
The Way Forward
This is not the first time that a need for cybersecurity has been realised. The coming times are witnessing a shift from digital silos to integrated and connected technology and hence the need for a more robust policy framework is realised. India already has the Information Technology (Amendment) Act 2008 which governs many cyber-related issues. However, with the evergrowing technology, there is a need for ever-developing rules governing and limiting the use of the tech. So, the Government of India came up with the National Cyber Security Policy in 2013 and today there is a need to further upgrade the policy.
Therefore, to realise the dream of digital India, a digitally secure India should be of primary concern. And with the Government of India’s upscaled efforts, it seems we’re close to achieving the so-called ambitious targets. However, there should be a move to build the capacity of the people and bridge the digital literacy gap along with providing affordable and accessible online services to make India, really, a digital India.
Cybersecurity Policy – Background
The cybersecurity issues and cyber crimes are governed by Information Technology (Amendment) Bill 2008 and National Cyber Security Policy 2013. In the Information Technology (Amendment) Act, 2008, cybersecurity is exercised under sections 43 for data protection, 66 for hacking, 66A for measures against sending offensive messages, 66B for punishment for illegally possessing stolen computer resources or communication devices, 67 for protection against unauthorised access to data, 69 for cyberterrorism, 70 for securing access or attempting to secure access to a protected system and section 72 for privacy and confidentiality, etc.
However, in a move to strictly monitor the cyberspace and prevent hacks or other cyberattacks, the Government of India came out with the National Cyber Security Policy in 2013. According to the Ministry of Electronics and Information Technology (MeitY), the objective of the policy is to safeguard information and the digital infrastructure, build capacity to prevent and respond to cyber threats, reduce vulnerabilities and minimise damage from cyber incidents through institutional structures, people, processes, technology and cooperation.