The Government has begun efforts to put in place a comprehensive cyber security strategy as Indian representatives head to Budapest for the Cyber Space Conference this week. In the last few months, National Security Adviser Shivshankar Menon has slowly built a case for the Government to get its house in order.
Three areas of focus are revitalising the Computer Emergency Response Team (CERT-IN), the creation of a professional body that certifies security of networks and cyber defence of critical information infrastructure networks that may be vulnerable to foreign governments or non-State actors.
The focus is equally on international cooperation since the most dangerous cyber attacks usually come from across borders. In the absence of a clear consensus among nations on the best way to approach the issue of cyber security, India could well take the lead in shaping the global dialogue.
Union Minister of State for Communications & IT Sachin Pilot is leading a government delegation this week to the Budapest conference, which will have participation from roughly 600 delegates representing government, private sector, civil society and academia.
A nuanced position
Mr. Pilot joins the league of several senior leaders, including European Union’s High Representative for Foreign Affairs and Security Policy Catherine Ashton, British Foreign Secretary William Hague, Estonian President Toomas Hendrik Ilves and Sweden’s Foreign Minister Carl Bildt. CEOs of companies such as BT, Google, Fujitsu, Hewlett Packard, Intel, Microsoft and Vodafone will also attend.
On the eve of his departure, Mr. Pilot told The Hindu : “India is taking a far more nuanced position on the issues of cyber security and enhanced cooperation than in the past. We wish to cooperate with international governments at one level through a formal enhanced cooperation process while simultaneously involving other crucial stakeholders in the discussion.”
Cyber security is a complex issue that cuts across multiple domains and therefore needs a set of multidimensional and multilayered structures. It also requires the government to think and act as a single entity even though several ministries are impacted differently.
Mindful of the great vulnerability that India faces due to cyber threats at one level and the tremendous opportunity that it has to shape global dialogue on the other hand, Mr. Pilot said, “We have had extensive inter-ministerial consultation and have agreed on how to proceed with our international dialogue.”
Cyber threats take various forms, including cyber warfare, cyber crime, cyber terrorism and cyber espionage. All these require a comprehensive cyber security policy that is well coordinated through a nodal authority within the country and international cooperation, preferably through conventions on cyberspace.
The real challenge that Mr. Pilot will face in driving consensus arises due to mismatched capabilities among countries, limited number of treaties, large disparities across national legislations and, most importantly, lack of trust among nation-states.
The two best known international sources of cooperation are the United Nations Convention Against Transnational Organized Crime and the Council of Europe’s Council on Cyber Crime. India also has several bilateral agreements with countries like the United States and Korea.
One of the reasons why India’s position becomes pivotal on the global cyber-security dialogue is its over 800 million mobile subscribers and a targeted half-a-billion Internet users, who could contribute $100 billion (Rs. 5 lakh crore) to India’s GDP by 2015 as per a report that will soon be released by global management consulting firm McKinsey.
Equally, India’s IT & BPO industry, which is expected to cross $100 billion in 2012 with export revenues of $69.1 billion, is in the business of software development and outsourcing contracts for large global corporations and governments, making India’s cyber security a matter of deep concern for global companies and western governments alike.
Increased attacks
Recent data shows that the number of cyber security incidents, including website intrusion, malware, spam, virus, network scanning and probing and phishing have gone up from less than 400 in 2005 to over 13,000 by 2011.
The Indian government’s move to get its house in order through inter-governmental dialogue and to approach global forums with a well-collaborated strategy, coupled with wide-ranging engagement with domestic stakeholders, lends it both a credibility and an edge over several other countries.
