The draft of National Cyber Security Strategy 2020 that envisages creating a secure cyberspace in India is likely to be finalized this year.
The first comprehensive document brought out by the government in 2013 had several action points, such as setting up a National Cyber Security Center, Test Infrastructure, Malware Monitoring and National Critical Information Infrastructure Center etc., and needed a revamp, with technologies like artificial intelligence, machine learning, internet of things and big data complicating the cyber attack ecosystem.
At the same time, nation-state bad actors from countries like China, Russia and Pakistan amid the demand to keep the data of Indians to remain within the boundaries of the country. Further, digitization is dramatically on the rise in a post COVID-19 scenario which in turn will increase demand for greater cybersecurity and privacy.
In the current scenario, it is vital to understand the outlook of the industry leaders on the upcoming cyber security policy:
“There has been a recent surge in cyberattacks on Indian digitalscape that are only increasing in scope and sophistication, targeting sensitive personal and business data and critical information infrastructure, with an impact on national economy and security. Cyber warfare is relentless in trying to erode the security fortification of several sectors in the country. This is certainly a wakeup call for India to have stronger policies in place. And while formulation and adoption of policies might still take time, this is a clarion call to the Indian internet users to pay attention to the threats, on creating robust ‘firewalls’, and conducting regular cybersecurity and data protection audits.” – Nikhil Korgaonkar, regional director, India and SAARC, Arcserve
“With cyberattacks increasingly becoming sophisticated, cybersecurity and digitization cannot and should not exist in silos. What we need now is a robust cybersecurity roadmap that will address the gaps and provide us a strong cyber-armor. Covid-19 situation has only accelerated the pace of digitization, potentially amplifying these security concerns. It is time for businesses to take advantage of approaches like micro-segmentation, encryption and dynamic isolation, enhanced by the power of emerging technologies like AI and ML to up their cybersecurity game.” – Sumed Marwaha, regional services vice president and managing director, Unisys India
“India has one of the highest users of cyberspace and cybersecurity is a national concern. The government is putting a lot of emphasis on implementing a robust and enhanced cyber policy for the citizens and businesses. What the policy needs to address is to protect information and the information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology, and corporations. As we progress towards having a comprehensive and unified government institution for creating a cyber defense network. The government would need a secure and reliable infrastructure to support the process.” – Sunayana Hazarika, Marketing Manager at Aten India
“Covid-19 has shown the importance of having a strong cyber security measure, while organizations have done their best in trying to secure their employees, users and vendors from cyber attacks, the government too should safeguard the sensitive data it holds that, if breached, would lead to a colossal damage. Threat actors have time and again targeted government agencies, banks and other organizations for data which is in huge demand in the dark web. To overcome and take control of the situation, a strong policy is of dire need. The government must first regulate the many ‘institutions’ that teach ethical hacking without taking responsibility for what their trainees intend to do with that knowledge as there is no legal check point.” – Gurpreet Singh, Managing Director at Arrow PC Network
“With a large percentage of work, interaction and engagement moving online, cyberspace is going to become the next hunting ground for unethical practices and felonies. In fact the outcome of COVID has opened up a huge potential target base for cyber criminals. Companies now need to incorporate and mandate best practices at an enterprise, department and employee level. An apt policy would take into consideration all touchpoints and introduce transformational interventions across them. Make in India companies need to be actively involved in galvanizing the new policies ensuring the implementation is cost-effective, secure and beneficial to the nation at large. We look forward to any policy that ensures the safety and security of businesses, users and the public at large.” – Satish Kumar V, CEO at EverestIMS Technologies
“The policy that we are looking forward to should cover the entire spectrum of challenges – be it in terms of Data or in terms of Identity. The new policy that we are looking for should include guidelines and compliances for organizations and government departments so that the citizens of the country can freely participate in this Digitization of the country which is now going to be a way of life going forward. While compliances and regulations are required, what is more important is a mechanism to effectively make the compliances matter. India has been notorious about very lax implementation of laws – so amongst everything else I personally will look forward to how this new policy will ensure effective and timely implementation of the regulations in spirit and in law.” – Prashanth GJ, CEO at TechnoBind
“I believe the cybersecurity policy will address the fundamental problems and loopholes in the current digital infrastructure. We are in fact behind most other economies in implementing a cybersecurity policy, so we need to act fast. Digital transformation will not be successful or feasible if we do not have a strong shield of data protection laws and privacy policies. With COVID’s impact on our lives, we are now welcoming the addition of digitization with far less skepticism or procrastination. Given the recent cyber assaults attempted on India’s digital ecosystem, it is now important to prepare for an India-centric cybersecurity umbrella that will protect the country’s data and cyber infrastructure.” – Vikas Bhonsle, CEO at Crayon India
“While we have moved towards achieving a big transformation in terms of digital movement, we are still in a nascent state when it comes to cybersecurity. It is high time for threat actors to be held responsible for their acts. From phishing attacks under the pretext of Covid-19 information to siphoning off hard earned money from a citizen’s account, there is a need of not just holding such threat actors responsible but also to provide justice to those who have suffered. The government should set up a separate agency under the IT wing to deal with cyber crimes and this wing must include its own centre where people can report cyber crimes, investigation can be made and technology can be used to apprehend or even predict before such acts are carried out.” – Shibu Paul, Vice President – International Sales at Array Networks