Institutional and Legislative Measures for Cyber Security

Steps taken by the Government to spread awareness about Cybercrimes
  • Online cybercrime reporting portal has been launched to enable complainants to report complaints pertaining to Child Pornography/Child Sexual Abuse Material, rape/gang rape imageries or sexually explicit content.
  • A scheme for establishment of Indian Cyber Crime Coordination Centre (I4C) has been established to handle issues related to cybercrime in the country in a comprehensive and coordinated manner.
  • Establishment of National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country.
  • All organizations providing digital services have been mandated to report cyber security incidents to Indian Computer Emergency Response Team (CERT-IN).
  • Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for providing detection of malicious programmes and free tools to remove such programmes.
  • Formulation of Crisis Management Plan for countering cyberattacks and cyber terrorism.
Cybercrime volunteer programme

Indian Cyber Crime Coordination Centre (I4C) has envisaged the Cyber Crime Volunteers Program to bring together citizens with passion to serve the nation on a single platform and contribute in the fight against cybercrime in the country. The programme targets to rope in around 500 persons to flag unlawful content on the Internet.

National Cyber Security Strategy 2020
  • The government will release a new cybersecurity strategy.
  • The strategy would holistically cover the entire ecosystem of cyber space in India.
  • The vision of this strategy is to ensure safe, secure, resilient, vibrant, and trusted cyber space.
  • The new strategy would serve as a guideline to tackle various aspects, be it data as a national resource, building indigenous capabilities or cyber audit.
National Security Directive on Telecom Sector
  • On December 16, 2020 the Cabinet Committee on Security headed by Prime Minister Narendra Modi gave its approval for a National Security Directive on the Telecommunication Sector (NSDTS) that will impact the digital and telecom ecosystem in the country. 
  • The NSDTS is aimed at preserving the integrity of the supply chain under which the government will declare a list of trusted sources and trusted products for installation in the country’s telecom networks. There will also be a list of designated sources from where no procurement is to be made.
  • Those which meet the criteria of the Department of Telecom’s preferential market access scheme (PMA) will be certified as “India Trusted sources”.
  • While other nations have created a black-list of companies that cannot operate in the country, India is the only nation to create a white-list of telecom companies that are allowed to operate in India.
  • The National Security Committee on Telecom will take measures to increase use of equipment from Indian trusted sources.
  • This will give a boost to the use of indigenous products in the telecom networks. It will strengthen the domestic industry and national security of India.
National Cyber Security Policy, 2013
  • The Government of India took the first formalized step towards cyber security in 2013, vide the Ministry of Communication and Information Technology, Department of Electronics and Information Technology’s National Cyber Security Policy, 2013.
  • The Policy is aimed at building a secure and resilient cyberspace for citizens, businesses and the Government.
  • Its mission is to protect cyberspace information and infrastructure, build capabilities to prevent and respond to cyber-attacks, and minimize damages through coordinated efforts of institutional structures, people, processes, and technology.
Concerns / Challenges and Wayforward
  • Unlike the US, Singapore, and the UK where there is a single umbrella organization dealing in cybersecurity, India has 36 different central bodies—most ministries have their own—that deal with cyber issues, and each has a different reporting structure; each state government has its own CERT.
  • Indian laws are not in tandem with the ever-changing global cyberspace.
  • The laws are old and hence need to be more dynamic in nature to deal with issues like cyber-espionage, data theft and so on.
  • The Information Technology Act, 2000 (IT Act 2000) is the sole law that deals with cyberspace in India and was passed way back in 2000.
  • Also, the Cyber Law of India has been subject to amendments on various occasions but hasn’t served the changing dynamics and the growing threats and manifestations of cyberwar.

 

Way Forward:

  • Impart cybercrime investigation training and technological know-how to the various law enforcement agencies.
  • Cyber awareness must be spread and there should be multi-stakeholder approach– technological inputs, legal inputs, strengthening law enforcements, systems and then dealing with transborder crime involves lot of international cooperation.

 

Conclusion:

With innovative, technology led programmes such as AADHAAR, MyGov, GeM, Digital Locker the new India is the land of technological prowess and transformation. Government and the private sector jointly have to give cyber security some priority in their security and risk management plan.