What is Cyber security?
The most significant development in the last couple of decades is the information revolution. World has witnessed tremendous breakthroughs in areas of computing, communication and information management. Development of new mobile and computing devices which are cheaper, ever increasing in their computing power and decreasing in size, along with development of internet has led to use of information technology in every sector of human activity be it communication, banking, trading, learning and teaching, entertainment, socializing, government and management. Cyber space as we call it has become an integral part of our daily lives and our dependence on its underlying infrastructure is ever increasing.
With time Cyberspace has been growing exponentially both in terms of information and population of users. Cyberspace users range from students looking for academic information for assignments, businesses seeking information for profits; governments for e-governance services for public, terrorists and such non state actors use it for online communication and covert operations. Thus, over a period of time, this unregulated Cyberspace has become a source of information worth billions for netizens to acquire information and also to sabotage the same to fulfil their own objects.
Cybersecurity refers to preventative methods used to protect information from being stolen, compromised or attacked. Cybersecurity is a very broad category which encompasses numerous hardware and software technologies, and can be applied on any level, including personal, corporate or governmental devices or networks.
Cyber Security Challenges in India
India ranks 3 in terms of the highest number of internet users in the world after USA and China, the number has grown 6-fold between 2012-2017 with a compound annual growth rate of 44%.
India was ranked among the top five countries to be affected by cybercrime, according to a 22 October report by online security firm ”Symantec Corp”.
Some recent and major Cyber Attacks in India include:
- Union Bank of India Heist (2016) Through a phishing email sent to an employee, hackers accessed the credentials to execute a fund transfer, swindling Union Bank of India of $171 million, Prompt action helped the bank recover almost the entire money.
- WannaCry Ransomeware (May2017) The global ransomware attack took its toll in India with several thousands computers getting locked down by ransom-seeking hackers. The attack also impacted systems belonging to the Andhra Pradesh police and state utilities of West Bengal
- Data theft at Zomato.com (2017) The food tech company discovered that data, including names, email IDs and hashed passwords, of 17 million users was stolen by an ‘ethical’ hacker-who demanded the company must acknowledge its security vulnerabilities-and put up for sale on the Dark Web
Cyber Security status in India
Government of India published The National Cyber Security Policy on 02 July 2013. The salient aspects of the Policy are:-
- Creating a secure cyber ecosystem.
- Creating an assurance framework.
- Encouraging Open Standards.
- Strengthening the Regulatory framework.
- Creating mechanisms for security threat early warning, vulnerability management and response to security threats.
- Securing E-Governance services.
- Protection and resilience of Critical Information Infrastructure.
- Promotion of Research & Development in cyber security.
- Reducing supply chain risks.
- Human Resource Development.
- Creating Cyber Security Awareness.
- Developing effective Public Private Partnerships.
- Information sharing and cooperation.
- Prioritized approach for implementation.
India has taken several steps in the recent past to strengthen its cyber defence capabilities which include:
- A National Cyber Security Policy has been announced and is being implemented.
- An elaborate National Cyber Security assurance framework is under implementation.
- The National Cyber Security Coordinator was appointed in 2015.
- Coordination amongst various agencies has improved.
- A National Critical Information Infrastructure Protection Centre (NCIIPC) has been set up. There is a regular dialogue with the key sectors of the economy.
- Public-private partnership is being developed. There is an active dialogue between the government and the private sector.
- A National Cyber Coordination Centre (NCCC) is being set up.
- Efforts are being made to develop cybersecurity skills in the country. New cybersecurity curricula are being introduced in the colleges.
- Cybersecurity Research and Development (R&D) policy has also been under active consideration of the government.
- The Indian Computer Emergency Response Team (CERT-In), an organisation that was set up in 2004, has done significant work in dealing with cyber incidents as well as spreading awareness.
- India is pursuing active cyber diplomacy by setting up cybersecurity dialogues with several countries and is participating in several international fora including the UN on cybersecurity.