Stronger encryption requirements, protection of decentralised internet and awareness programmes are some of the suggestions put forth recently by technology experts to the National Security Council Secretariat to strengthen cybersecurity in India. The suggestions come just ahead of India’s National Cybersecurity Strategy.
The National Cybersecurity Strategy 2020 is scheduled to be released before February this year. Last year, the government had asked for inputs from technology think tanks and the public on issues including access to data stored overseas, misuse of social media platforms, international cooperation on cybercrime and cyber terrorism and others.
According to ET report, the Centre of Internet and Society (CIS) has said that the government must strengthen legal and technical security standards and allow for cross-border sharing of data by focussing on a solution to the Mutual Legal Assistance Treaty process. Internet Freedom Foundation (IFF) has also said that the policy should promote encryption, protect decentralised internet, encourage robust data breach reporting mechanisms and prohibit the use of malware and reward the community of security researchers.
Related Article: Govt Calls For Citizen Feedback On National Cybersecurity Strategy
Software Freedom Law Centre (SFLC) said the government should roll out cybersecurity awareness programmes for all stakeholders and plan comprehensive cyber security-specific legislations. “The government should adopt free and open-source software and open standards so that the software used is auditable and verifiable. The government should also partner with various stakeholders, including private sector entities, academia, civil society and independent security researchers,” SFLC said, as quoted ET.
Why Cybersecurity Is Crucial For Indian Startups
The cybersecurity strategy is expected to boost the government’s efforts to achieve its goal of making India a $5 Tn economy, Rajesh Pant, national cybersecurity coordinator on cyber policies, had said last year. He also added that the most important requirement for internet security is increased effective coordination between ministries that are overseeing various aspects of cybersecurity, proper critical infrastructure protection and public-private partnership.
The strategy will also play an important role in helping businesses overcome security challenges since there has been an increase in the number of cyber-attacks lately. Last year, bike-sharing startup Bounce and Bengaluru-based edtech startup Vedantu were home to vulnerabilities. Most prominent one of all cyber-attacks was the Pegasus spyware debacle. Phones of a group of journalists, lawyers, academics, writers and social activists were hacked through Facebook-owned WhatsApp by Israeli cyber-arms firm, NSO Group, accused of deploying the spyware. The spyway was allegedly also used to hack into Jeff Bezos’ phone by Saudi Arabia.
According to a Data Security Council of India (DSCI) report this year, India witnessed the second-highest number of cyber attacks in the world between 2016 and 2018. This comes at a time when digitisation of the Indian economy is predicted to result in a $435 Bn opportunity by 2025.
Additionally, a report by Cisco says that Indian organisations rely more on automation, machine learning and artificial intelligence for cybersecurity. It says that 75% of Indian organisations relied on automation, while over 60% depended on machine learning and artificial intelligence. The reason behind the trend was stated as a heavy workload for cybersecurity officers (CISOs) that makes it difficult for them to take on new responsibilities.