India To Launch National Cybersecurity Policy In The Next Three Months

The Indian government recently revealed that it is working on a new cybersecurity policy that would address all the concerns related to cyber threats and data vulnerabilities happening across government departments and the private sector in India.

At the Sixth Cyber Security India Summit 2020, held in New Delhi, Dr Rajesh Pant, national cybersecurity coordinator from Prime Minister’s Office, said that the new policy is expected to be launched in the next two to three months. Further, he said that the new policy will address all the issues related to the cyber ecosystem, be it standardisation, testing, auditing and capacity development among others.

This is not the first time that the government has announced such plans, but so far, nothing concrete has emerged in this regard. In August 2019, the national cybersecurity coordinator had reportedly said that it will be launching the policy in January 2020, which did not happen.

At the time, Pant had said that to effectively mitigate cybersecurity risks in the country there has to be strong coordination between ministries, secure infrastructure and public-private partnerships.

According to the Data Security Council of India, Indian is the second most cyber-attacked country in the world after the US. In the recent past, there has been a significant increase in cyber threats, and if the situation is not addressed, this could impact the GDP of the country, massively.

The average cost for a data breach in India has risen up to 7.9% since 2017, with the average cost per breached record of INR 4,552 ($64). In fact, the increase in cyber-attacks has resulted in more and more companies opting for cyber insurance policies to mitigate cyber vulnerability risk, where 350 cyber insurance policies have been sold in India till 2018, which is a 40% increase from that in 2017.

Amid the increasing cybercrime and frauds in digital payments, IT minister Ravi Shankar Prasad last month also announced that the government is looking to change the existing norms laid out in the Information Technology (IT) Act, 2000. In the process, the government plans to appoint an expert committee which will suggest a new framework.

He also said that 20 years back, there were no platforms such as unified payments interface (UPI) or the goods and services tax network (GSTN), and mobile phones and social media were also not that popular. A lot of things have changed and with the digital revolution happening across India, the government has now realised that an amendment is required to regulate internet norms.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.