After months of speculations, Indian Government has finally announced the National Cyber Security Policy 2013. The policy, approved in May this year, has proposed to set up different bodies to deal with various levels of threats, along with a national nodal agency, to coordinate all matters related to cyber security. The National Cyber Security Policy 2013 which aims to protect information and prevent cyber attacks, was released by Kapil Sibal, Union Minister for Communications and Information Technology (IT).
“Information empowers, and in order to empower people with information, we need to secure the data.” He also flagged the need to distinguish between data types, which needs protection from the ones that does not”, he said in a press statement. The policy whose main motive is to build a secure and resilient cyberspace for citizens, businesses and the government was necessary in the wake of possible attacks from state and non-state actors, corporates and terrorists as the Internet world has no geographical barriers and was anonymous in nature.
Sibal said that the policy enables the individual sectors and organizations in designing the appropriate cyber security policies to suit their needs. He further stated that critical infrastructure like the air defense system, power infrastructure, nuclear plants, and telecommunications system needed to be well insulated; otherwise it may lead to economic instability. Under the policy, the government will promote research and development in cyber security segment. According to Sibal, the government plans “to create a workforce of 5,00,000 professionals skilled in cyber security in the next five years through capacity building, skill development and training”. The National Cyber Security Policy was prepared in consultation with all relevant stakeholders, user entities, and public.
Under the policy, the National Technical Research Organisation (NTRO) will set up a new agency called National Critical Information Infrastructure Protection Centre (NCIIPC) that will work 24×7 to ward off cyber attacks in strategic areas such as air-control, nuclear, space etc. The existing agency, CERT, will handle all public and private infrastructure.
Finally, the policy lays out 14 objectives which include creation of a cyber ecosystem in the country, providing fiscal benefits to businesses for adoption of standard security practices and processes, developing effective public private partnerships and collaborative engagements through technical and operational cooperation.
In May, PMO approved Rs. 1000 crores fund to fight rising cyber attacks. It is along time that a country like India with rampant mobile and internet usage had a cyber security policy. Although the policy aims and promises a lot of things I just hope it sticks to it and give out not great but atleast satisfactory results.
Image Courtesy | bbc.co.uk