It “comes at the right time” to meet the need for a competent policy for India’s immature level of cybersecurity.

India’s Prime Minister Narendra Modi recently announced that the nation will soon have a new cybersecurity policy as technology will play a big role in developing the country. 

Addressing the nation in his Independence Day speech, the prime minister said the threats emanating from cyberspace have the potential to affect the development of the economy and society. Threats from cyberspace can endanger all these aspects of Indian life. “Cybersecurity is a very important aspect, which cannot be ignored. The government is alert on the increasing cyberattacks, and will reveal the details related to the cybersecurity policy in the days to come.”

During the speech, Modi also announced plans to connect all villages of the country to the internet. Nearly 600,000 villages will be connected with optical fiber. “This goal will be met in the coming thousand days… every village in the country will be connected with optical fiber.”

In his speech, Modi highlighted that until 2014, only 5 dozen village councils in the country were connected with optical fiber. In the last five years, 150,000 grassroots-level councils have been connected with optical fiber. Modi also added that in the upcoming 1,000 days, Lakshadweep will be connected to submarine optical fiber cable.

Digitalization is taking place at a faster pace in all walks of life and business. In the absence of stringent cybersecurity infrastructure, cyber threats can be disastrous for India’s entire social fabric. As a result of this, there has been a recent surge in cyberattacks on India’s digital landscape. As the nation contributes around 75% of global digital talent, it is pivotal that it comes up with sturdier cybersecurity policies. 

Corporate experts weigh in

Said Satish Kumar V, CEO, EverestIMS Technologies, a firm in the infrastructure management space: “The PM’s announcement has a long-term perspective aligned to it. We look forward to a policy that incorporates security as a core and mandatory aspect permeating the various facets of cyber interaction. We envisage a top-down flow where actions and interventions have to take place by governments at a framework and policy level, businesses at a security level, and community at a behavioral level. The various crime-fighting bureaus and agencies need to be empowered so that they can speed up their response times without red tape miring them down.”

With work interaction and engagements moving online, Cyberspace is becoming the next hunting ground for unethical agents and felons. Most systems are seeing inundation of usage (from simple broadband to video chat to educational software and a host of others) with no extra security precautions. The hacking of zoom video sessions was a recent case in point. In fact, COVID-19 has opened up a huge target base for cybercriminals. Kumar added that an apt policy would take into consideration all touch points and introduce transformational interventions across them.

“Companies need to be actively involved in galvanizing the new policies, ensuring the implementation is cost effective, secure and beneficial to the nation at large. We strongly believe that the eminent experts will define a policy that not only covers the current scenario but also prevention. We look forward to any policy that ensures the safety and security of businesses, users and the public at large,” he said. 

Shibu Paul, Vice-President, Array Networks, was of the opinion that the PM’s announcement is exactly what India needs now. “While we have moved towards achieving a big transformation in terms of the digital movement, we are still in a nascent state when it comes to cyber security. It is not just loss of data that is a concern, but what happens when such data is being misused. From phishing attacks under the pretext of offering critical Covid-19 information, to siphoning off hard-earned money from a citizen’s account—there is a need to not just hold such threat actors responsible but also to provide justice to the victims.”

Paul said the government should set up a separate agency under the IT wing to deal with cybercrimes, and this wing must include its own center where people can report cybercrimes, investigation are carried out, and technology can be used to apprehend or even avert such acts. “The Indian IT sector is ready to invest its time and talent to help the government in this effort as this policy is what all of us need,” said Paul. 

Holistic, orchestrated, coordinated

Cybersecurity is essential for critical infrastructure as it is under relentless attack every minute. The frequency and sophistication of cyberattacks have grown enormously recently past due to geopolitical issues threatening government and business entities.

Said S Sriram, Chief Strategy Officer, iValue InfoSolutions, a value-added distributor in India focused on security: “India has seen tremendous progress in digital infrastructure, but time is now ripe to take a total assessment and review of our cybersecurity posture covering state and central government initiatives and infrastructures.”

Sriram said the ongoing war in Cyberspace is more frequent, intense and severe, with no rules or guidelines, making it even more dangerous. “We need a dynamic, holistic and evolving cybersecurity policy leveraging the best brains across India and the world to address IT, OT and IoT areas comprehensively. As with beefing up the Air Force with new fighter planes, we need the same with cybersecurity—covering all areas in an orchestrated and coordinated way.”

“Time to assign top priority to cybersecurity, to bridge the widening gap between where we need to be and where we are in an ever-evolving threat landscape… the sooner we do, the better for all of us,” he concluded.