© NatStrat
Over the last two decades, India has imbibed digital technology for optimising governance delivery and empowering citizens in many ways. The success stories of the electronic voting machines, the Aadhar based unique identification ecosystem and the digital payments networks have gone a long way to leapfrog India in a position of global reference in the usage of digital technology. Alongwith large-scale hardware network deployments across the country, software applications for various services have provided online connectivity to more than 76 crore people to communicate, engage in citizen services and undertake online commerce. Usage of technology to bolster and reorient India’s strategic security has also been a hallmark in the last five years. As India assumed the role of G20 Chair and proposed to showcase its successful adoption and utilization of digital technology for common good, as well as enhance its digital capacity building, it is imperative to understand the digital landscape in which secure and sustainable communication is imperative.
"In terms of priorities for 2023, the foremost step should be to announce a National Cybersecurity Policy."
Cyber technology and its dynamics
One of the focus areas that emerges is cyber security. Technology and the related dynamics is evolving very significantly in terms of the emerging geopolitics and global economies are shifting more to the digital horizon. So it is pertinent to understand the two broad avenues that define such attention and the related risks that emerge. First, the infrastructure that supports and sustains digital networks and second the issues arising out of the usage of the technology. While there are risks that arise with such deployments of networks and thus entail functional risks, there is a growing menace of criminal syndicate, dark elements and rogue nations misusing their skills to target digital assets and launch cyber attacks ranging from hacking and distributed denial of services attacks to debilitating and destructing the networks. The recent attack on the AIIMS digital networks has shown how many aspects emerge with such attempts and attacks. The regular probing and hacking attempts at defence establishments, as well as the targeting of critical infrastructures like banking, power, telecom and civil aviation networks have reinforced the need for closer look and action on the cybersecurity front.
Importance of a National Cybersecurity policy
In terms of priorities for 2023, the foremost step should be to announce a National Cybersecurity Policy so that the technology governance by the government incorporates the recent developments in technology and related management aspects. Subsequently, the organisational and institutional structures must be realigned to ensure the sustained and optimal functionality of national security, law enforcement and digital assets availability, in accordance with the policy. Access management, network security, managed security services and mandatory audit reporting have to become part and parcel of every network.
"The linkages of cyber attacks to kinetic attacks is growing by the day and forcing nations to consider cyber security as a key element of national security."
These functions have to be performed as a standard task in an approach prepared on the basis of national security considerations. Both CERT In and NCIIPC need to be provided with more manpower and technical assets and should expand their cooperation with domestic and international organisations to be better equipped. As new legislations have been promised by the union government in the form of Digital India Act that will replace the existing Information Technology Amendment Act 2008 and the introduction of the Data Protection Bill, the legal edifice will be strengthened and give more teeth for effective encapsulation of the emerging technological scenarios. The law enforcement networks across the states have to be strengthened with more orientation of tech into the forces and building a network of trusted ecosystems where sanitised security providers are also incorporated who can be used for investigative and monitoring purposes. A special effort has to be undertaken to foster digital skilling at all levels where individuals are trained to be able to follow a cyber-hygiene regime as well create the work force that will be required for various roles as digital footprints further increase. The Digital India initiative of the government needs to be holistically built with cyber security measures at multiple levels being integrated to the core build up. At the citizen level, a concerted awareness drive has to be undertaken to educate the people on digital safety that would have to be undertaken by the service providers as well as civil society supported by the government to keep the last mile safe for networks.
Cyber attacks have no borders
As much as steps are taken domestically, there has to be work on the diplomatic front too. Cyber attacks do not have geographical constraints and more nations see this as a concomitant tool for expanding physical conflict and some of the recent conflicts have also shown that cyber attacks could become a key element of warfare. The linkages of cyber attacks to kinetic attacks is growing by the day and forcing nations to consider cyber security as a key element of national security. Globally there is no binding regulatory regime on cyber issues unlike for space and nuclear and while efforts through the UN Group of Government Experts are trying to work towards that direction by laying out norms of behaviour, there has to be real action on the ground. This is where India can take the lead being a nation that has worked on most aspects of cybersecurity through its own critical deployments as well as its manpower managing cyber assets for many critical infrastructures across the globe. India’s resources for software coding and Artificial Intelligence have also been at the forefront for building much of the cyber defence programmes whether for business continuity or for protection of critical infrastructures. As part of India’s G20 leadership, it could bring together all the finer points of the many multilateral and multi stakeholder dialogues on cyber security to a common ground and foster a binding agreement among nations so that cyberspace functions as a safe and manageable medium.
There is a clear need to address cybersecurity at various levels, both nationally and globally. India’s role is crucial, presenting an opportunity to showcase its global leadership in this emerging area, promptly and in a time bound manner.
(Exclusive to NatStrat)