Cybersecurity Initiatives In India

With the growth of the internet, reliance on computers has rapidly increased. The challenge is to protect critical information infrastructure, such as in civil aviation, railway passenger reservation systems, communication networks, port management, electricity, oil and gas sectors, and banking and finance, from cyber attacks. According to the Internet Crime Complaint Center (IC3), India ranks fourth among the top 50 countries for reported cybercrime complaints, with only the U.S., Canada, and the U.K. ahead, based on the 2014 IC3 Annual Report (The Telegraph, 2015).

The lack of a trained cybersecurity workforce is a significant concern for India. Compared to China, the U.S., and Russia, which have 125,000, 91,080, and 7,300 trained cybersecurity professionals respectively, India has only 556 deployed across various government agencies (Joshi, 2013). India is regarded as an IT powerhouse, being a major software exporter and hosting numerous IT-enabled service outsourcing businesses. Thus, IT constitutes a large part of the Indian economy. Recently, the European Union identified shortcomings in India’s data security system and suggested forming a joint expert group to advise on how the country can strengthen measures to achieve data secure nation status (Sen, 2013). Therefore, India needs to seriously consider enhancing its information security infrastructure and revisiting its cybersecurity policies to attain data secure status from the European Union. It is crucial for India to maintain high-level outsourcing businesses, with prospects of increasing from the current $20 billion to $50 billion.

Combat Cybersecurity Initiatives in India

To tackle cyber security threats, the Indian government has launched several initiatives, listed below:

1. National Counter Terrorism Centre (NCTC): After the 26/11 attacks in 2008, the Indian government recognized the importance of counter-terrorism initiatives and proposed the NCTC to provide intelligence to decision-makers for planning counter-terrorism activities. NCTC will coordinate among various state and central government agencies, acting as a single, effective point for the control and coordination of all counter-terrorism measures. It is modeled on the U.S. NCTC and the UK’s Joint Terrorism Analysis Centre, with powers derived from the Prevention of Unlawful Activities Act, 1967 (Mrinhal, 2012).

2. National Information Security Assurance Program (NISAP): To raise awareness among government and critical sector organizations, CERT-In has launched the NISAP initiative to develop and implement an information security policy based on ISO/IEC 27001 and best practices for securing their infrastructure. CERT-In has established a computer forensic facility to investigate cyber crimes and provide practical training to law enforcement agencies and the judiciary. This infrastructure is being enhanced to include network forensic and mobile forensic investigation capabilities. CERT-In collaborates with defence, banking, judiciary, and law enforcement agencies to train their staff and assist in investigating cyber crimes (Shreenath, 2006).

3. Computer Emergency Response Team – India (CERT-In): Established in 2004 by the Ministry of Information Technology, CERT-In’s purpose is to respond to computer security incidents, report vulnerabilities, and promote effective IT security practices nationwide.

4. Indo-US Cyber Security Forum (IUSCSF): The India-US Cyber Security Forum was established in 2001 and is dedicated to safeguarding the critical infrastructure of a knowledge-based economy. Members of the forum include various government and private sector organizations from India and the United States that work under the forum’s guidance. They have identified risks and common concerns in cybersecurity and developed a task-oriented action plan for securing network information systems. The forum focuses on cyber security, cyber forensics, and related research, while also working to enhance cooperation between law enforcement agencies of both nations in addressing cybercrime. The defence services of both countries will enhance their collaboration through the exchange of experiences in organizational, technical, and procedural aspects. Ongoing cooperation between India’s STQC and the US National Institute of Standards and Technology (NIST) will expand into new areas, including harmonizing standards. CII and its American counterparts have decided to establish the India Information Sharing and Analysis Center (ISAC) and the India Anti-Bot Alliance (referring to software that can be used by hackers to remotely attack computers and conduct malicious activities) (Press Information Bureau, 2006).

5. India’s National Critical Information Infrastructure Protection Centre (NCIIPC): This has been designated as the nodal agency for the protection of India’s critical information infrastructure and is responsible for all measures, including research and development, for its protection. Some activities carried out by the NCIIPC include (Chander, 2013): a. Identifying critical subsectors b. Analyzing the information infrastructure of identified critical subsectors c. Issuing daily/monthly cyber alerts/advisories d. Malware analysis e. Monitoring IPs involved in zombie and malware proliferation f. Cyber forensic activities g. Research and development for a smart and secure environment h. Assisting Critical Infrastructure (CI) owners in adopting suitable policies, standards, and best practices for CI protection i. Hosting an annual CISOs conference for critical sectors j. Awareness and training k. 24/7 operations and helpdesk

6. India’s National Intelligence Grid (NATGRID) Project: This is an integrated intelligence grid developed by CDAC-Pune that connects databases of key security agencies in the Indian government (CDAC, 2014). It is a counter-terrorism measure that collects vast amounts of information from government databases, including tax and bank account details, credit card transactions, visa and immigration records, and travel itineraries for rail and air travel (Yasmeen, 2013). This combined data will be accessible to 11 central agencies, which include: the Research and Analysis Wing, Intelligence Bureau, Central Bureau of Investigation, Financial Intelligence Unit, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Enforcement Directorate, Narcotics Control Bureau, Central Excise and Customs Board, and the Directorate General of Central Excise Intelligence.

7. Crime and Criminal Tracking Network and Systems (CCTNS) Project in India: This is a project under the National e-Governance Plan (NeGP) that covers all 28 states and 7 Union Territories, aimed at developing a nationwide network infrastructure powered by IT for ‘investigating crimes and tracking criminals’ (PTI, 2013). The goal of CCTNS is to facilitate the collection, storage, retrieval, analysis, transfer, and sharing of data and information at police stations and between police stations, state headquarters, and central police organizations. CCTNS will provide a comprehensive database for crimes and criminals, making it easier for law enforcement agencies to track criminals moving from one location to another.

8. National Cyber Coordination Centre (NCCC): The National Cyber Coordination Centre is a proposed cyber security and e-monitoring agency in India. It aims to examine communication metadata and coordinate the intelligence-gathering activities of other agencies. Some components of the NCCC include strategies for preventing cyberattacks, investigating cyber incidents, and training.

9. Botnet Cleaning Center: As part of the Digital India initiative, the government is establishing a center to detect malicious programs like “botnets” and assist people in removing such harmful software from their devices. According to media reports, the government is setting up a “botnet” cleaning and malware analysis center. A botnet is a network of malicious software that can steal information, take control of device functions, and carry out cyber attacks like Distributed Denial-of-Service (DDoS).

10. Indian Government Email Policy: Currently, email is considered a primary communication source between individuals and organizations. This also applies to the Government of India (GoI). Email has become the main medium of communication for the entire government. With the increasing use of email for communication between various government bodies, the email policy was established by the Government of India (GoI) in October 2013. Here, we will cover some key sections of the policy, and readers are advised to download the policy from the Electronics and IT Department’s website.

11. Ministry of Home Affairs (MHA): The Ministry of Home Affairs (MHA) is a ministry of the Government of India. It is an internal ministry primarily responsible for maintaining internal security and domestic policy. Readers are advised to review the MHA’s annual report. The MHA has various responsibilities, including important areas like internal security, border management, center-state relations, administration of union territories, management of central armed police forces, and disaster management.

12. National Crime Records Bureau (NCRB): The NCRB aims to empower the Indian police with information technology and criminal intelligence to enforce the law effectively and efficiently while improving public service delivery. This will be achieved through coordination with police forces at both national and international levels, upgrading crime analysis technologies, and developing IT capabilities and IT-enabled solutions.

13. Data Security Council of India (DSCI): The DSCI is a leading industry body in India focused on data protection, established by NASSCOM. It is committed to making cyberspace secure, protected, and reliable by establishing best practices, standards, and initiatives in cyber security and privacy. The DSCI brings together national governments and their agencies, IT-BPM, BFSI, telecommunications, industry associations, data protection authorities, and think tanks for public advocacy, thought leadership, capacity building, and outreach initiatives. To further its objectives, the DSCI collaborates with governments, regulators, industry associations, and think tanks on policy matters. To strengthen thought leadership in cyber security and privacy, the DSCI develops best practices and frameworks, publishes studies, surveys, and papers. It builds capacity in security, privacy, and cyber forensics through training and certification programs for professionals and law enforcement agencies, engaging stakeholders via outreach initiatives including programs, awards, consultations, and membership programs. The DSCI also seeks to increase India’s share in the global security product and service market through global business development initiatives, aiming to enhance the culture of security and privacy in India.

Read Also:

1. Some Recent Cyber Security Attacks
2. Investigation Of Cyber Crimes: Introduction To Cyber Forensic
3. Introduction To Cyber Space
4. Major International Agencies And Organizations Against Cyber Crime
5. Types Of Cyber Crime
6. Malware And Its Types
7. Introduction To Cyber Crime
8. Cyber Security/Crime
9. Cyber Crime / Part -Time Job / Pongi Scheme Scam Through Fraud / Investment
10. What Does Intruder Means
11. Cyber Crime Against Women And Children
12. Fraud In Mobile Financial Services: Safety Of Consumers, Providers And Systems
13. Disability And Pension Benefits
14. Health Care Fraud
15. Online Romance Scam
16. Causes And Types Of Cyber Crimes
17. Something About Cyber Crime
18. Big Awareness Alert: Fraudulent Contact Numbers And Playboy Job Scams In India
19. Cyber Crime In India
20. Cyber Fraud And Fraud Types You Should Be Aware
21. Fraud And Scams
22. Prevention Of Cyber Financial Fraud Scams: Role And Responsibility Of International Organizations
23. Fraud Scams
24. Common Types Of Health Fraud Scams
25. Skokka, Oklute And Locanto Platforms Sex Romance Frauds Scams Are Increasing Day By Day
26. Real History Frauds And Scams Of BJP Government
27. Preventive Measures From Matrimonial Fraud And Scams
28. What Are Matrimonial Frauds and Scams
29. Types Of Scams And Frauds
30. Types Of Frauds And Scams
31. What Are Fraud And Scams
32. Artificial Intelligence: How Fraud Happens Through Voice, How To Avoid It
33. Immediate Requirement Of Judicial Reforms To Deal With Financial Fraud And To Ensure Compensation For Victims
34. Bribery And Threats After Online Dating Or Romance Scams
35. Public Warning: Beware Of Online Dating And Romance Scams Connected To These Bank Accounts
36. Investigation Of India Digital Financial Scenario: A Comprehensive Study Of Cyber Fraud Trends And Digital Literacy In India

 

 

1539900cookie-checkCybersecurity Initiatives In Indiayes