With a vision of achieving the 5 trillion economy, the Indian government is set to unveil its cybersecurity strategy policy in January 2020. This would also be the government’s first vital step towards creating a cyber-secure nation for businesses and individuals.
Important high ranking government officials have the need for a secure internet and have added that for such an initiative there has to be a proper formation of critical infrastructure and seamless partnership between public and private which are the two key aspects of a secure cybersecurity framework.
The necessity of creating a secure IT framework has never been more crucial, with various cyber breaches emerging across the county, the prominent one being the hacking of the government’s website itself.
In this article, our experts take a look at the progress that the country has made with the initiatives it has taken towards drafting its cybersecurity strategy in 2020
Due to the advancements in the national agency which is responsible for tackling the nation’s cybersecurity CERT or The Indian Computer Emergency Response Team has considerably lowered the rate of cyber attacks on the government’s networks. To assist the government’s employees to combat cybercrimes, they have implemented the anti-phishing and cybersecurity awareness training across the Indian government agencies countrywide. Apart from this, the cybersecurity body also issues alerts and advisories on the latest threats to emerge from the cybersecurity domain and how to prevent or mitigate them.
The Cyber Surakshit Bharat initiative was launched by the Ministry of Electronics and Information technology with the aim of strengthening the cybersecurity ecosystem in India which also falls in line with the government’s Digital India plan. The Program was launched in association with the National e-governance Division (NeGD).
The requirement for a good governance system has been deemed crucial since digitization has rapidly transformed the governance system. With such an initiative it is forecasted that there would be a rise in awareness about cybercrime and cybersecurity along with building capacity for securing the CISOs and frontline IT staff across all government departments. Apart from these steps the first of many public-private partnerships which are to be planned, includes a series of workshops to make people known an understand about the best practices and help the officials with the cybersecurity tool kits to fight cyber threats.
NCIIPC – National Critical Information Infrastructure Protection Centre
Formed to protect the critical information of our country, the NCIIPC is a central government agency that has an enormous impact on national security, economic growth and public healthcare. The establishment of this body was amended as per the provisions of section 70A of the IT act of 2000. This organization is responsible for conducting the cybersecurity exercises to keep a check of the cybersecurity postures of the government and critical sectors.
The following have been deemed critical sectors by them –
- Strategic and Public Enterprises
- Banking, Financial Services, and Insurance
- Government
- Telecom
- Transport
- Power And Energy
Appointment of Chief Information security officers
With advancements in the cyber universe, the need to adopt stringent measures is becoming the need of the hour. Even the smallest breach can lead to catastrophic effects when it comes to the government bringing it to a standstill. Consequently, it’s imperative that every government body is headed by a skillful security leader who is also otherwise known as a Chief Information Security officer. The government has also recently issued a set of guidelines for the CISO to follow the best practices while securing applications, infrastructures, and compliance.
Website Audit
Amidst the increasing number of cyberattacks that have taken place on the government’s websites, they have realized the importance of a Vulnerability management suite like Nemasis. Hence, they have impaneled more than 90 auditing organizations for auditing the best practices of Information security.
Crisis Management Plan
The formulation and Implementation of a Crisis management plan by all the government departments and the above mentioned critical sectors are other major initiatives by the central government. The initiatives are aimed at establishing a strategic framework for employees and leaders to prepare for a security breach. In every critical sector of a government, it also ensures to manage the cyber interruptions of critical functions. This helps organizations to implement the correct mechanisms behind the desk to effectively deal with a cybersecurity crisis. If managed and implemented properly, this can also be able to pinpoint responsibilities and accountabilities right down to the individual level.
Mock Drills and Training
To access the cybersecurity postures of organizations the government has also started organizing and conducting Cybersecurity Mock Drills. Major organizations that have participated in such drills have originated from finance, defense, power, and telecom. For the Network or system administrators along with the CISOs regular workshops and training programs have been conducted to prepare them towards cyber-attacks.
Malware Protection
A cleaning bot has been employed by the central government for malware analysis and detection of malicious programs under the Cyber Swachatta Kendra, which comes with a free tool to remove or omit them. Along with this unit the government has also set up a department to generate situational awareness about existing and potential cybersecurity threats – National Cyber Co-ordination center.
Personal Data Protection Bill
The most prominent initiative for the Indian citizens has been the approval of the PDP – Personal Data Protection Bill, which focuses on data localization. The bill strongly implies to the storage and processing of any critical information related to individuals within the country. It states that any personal and sensitive information of an Indian Citizen should be stored locally, however it can be processed abroad subjected to certain conditions. The bill also aims at making social media companies more accountable and push them to solve issues related to the spread of offensive content being circulated on various social media platforms.
With these steps, the government is planning to take giant strides in making our nation a digital one, not just with the access to the internet but along with security to curb the criminal advancements that could prove to be a hindrance to the progress of our great nation.
To read more, please check eScan Blog
