The number of internet users in India has more than doubled in the last five years and is projected to reach nearly a billion by 2025. As the country progresses on its digital path, accelerated by the pandemic, the challenges of emancipation from cybercrime will have reached unprecedented proportions. According to CERT-In, the number of cybersecurity incidents observed in India increased almost three times (3) in 2020 compared to 2019 to 11.58.208. This means that nearly 2.2 cybersecurity incidents have been observed in the country every minute and such incidents are expected to continue to increase in the future.
Technology is another term for ease and convenience in the world we live in. From online education to e-commerce, the digital world is inundated with potential opportunities and India is unaware of it. The Government of India has been unprecedentedly quick and convenient with web and mobile platforms, from real-time Covid-19 tracking to vaccination registrations, from e-services to e-payments. Indeed, the government has strongly encouraged digital transformation to conduct e-transactions and online payments through UPIs, integrate utility and bill payments, and implement paperless ways to comply with government regulations. It is safe to say that India has steadily grown into a digital nation financially, economically and socially.
As the country has embraced digitization in daily life, cyber attacks and cyber crime are on the rise. According to the World Economic Forum, cyberattacks rank first among global human-made risks. Cybercrime is expected to cost the world more than $ 10 trillion by 2025, which is more than the GDP of all but two countries and therefore deserves urgent attention. If we look at some of the most recent cases around the world, we would find that cyberattacks are becoming more complex, threatening and affecting all facets of life. Attacks these days are aimed at causing physical damage (e.g. – attempting to poison Florida’s water system by increasing the amount of sodium hydroxide) or crippling important utilities (e.g. – ransomware attack on the largest fuel pipeline in the United States) or try to compromise security (e.g. – ransomware attack on Washington’s Metropolitan Police Department). In India we have seen examples of financial fraud, personal data breaches (e.g. Air India passenger data), among other things.
Now is the time to take action against cybercrime and cyber incidents. The government’s intent was right in this regard when Prime Minister Shri Narendra Modi, in his Independence Day 2020 speech, highlighted the need for a robust framework for cybersecurity and the need to change 2013 policies to meet international standards Privacy and creating a secure digital community for people. While the Indian government has taken several steps in this direction, including the formulation of a Cyber Crisis Management Plan (CCMP) for ministries and departments, the launch of Phase 1 of the National Cyber Coordination Center (NCCC), the launch of the ” CyTrain “-Portals for capacity building of police officers / judicial officers, however, much more needs to be done. Some of the steps that can be considered are:
- Protecting Our Critical Assets: Starting with the identification of critical assets (i.e. defense sites, power plants, space stations, nuclear and nuclear research centers, airports, and air traffic control systems), projects and assets must have dedicated cyber defense and security teams. With an increasing focus on defense, space technology, digital transformation and the creation of smart cities, as well as land, sea and air transport infrastructure, watertight regulations around cybersecurity are a must to ensure sustainable progress.
- Joint command and control center: Govt. India needs to look at a joint command and control center with key ministries and organizations like CERT-In, Home Office, NCRB, NATGRID, MeitY, Treasury Department, etc. to investigate cyber threats and their response in an integrated way. The involvement of the private sector can be crucial in order to provide state-of-the-art technology solutions and trained staff.
- National Mission Mode Project to Fight Cybercrime: A Mission Mode Project can be introduced to equip each state and UT to address cybercrime related challenges in their state / UT. This would also enable the use and operation of the latest technologies and solutions for tracking, monitoring, predicting and investigating cybercrime cases. The role of the private sector in providing the latest tools, technology and best practices is paramount.
- Large-scale training of police personnel: Although the Indian government has introduced the CyTrain portal as a MOOC platform for training and capacity building of law enforcement personnel, only 600 certificates have so far been issued through the portal. This needs to be driven forward and a comprehensive training and capacity building program introduced, which in turn enables police forces to gain access to and understanding of the latest tools and technologies and to speed up investigations.
- Build a pool of cybersecurity professionals: The government needs to use the private sector to help build a pool of trained cybersecurity professionals. This can be done by partnering with the private sector to set up a Shared Services Center of Excellence (SS CEO) to train cybersecurity professionals to create a more resilient digital nation. Additionally, the government may consider introducing specialized training and certification programs, as well as introducing undergraduate or graduate degrees in cybersecurity.
- Rapid introduction of CERT-Fin: The Indian government has proposed to set up CERT-Fin similar to CERT-In to ensure protection in the financial sector. The idea was first discussed in 2017 and now needs to be accelerated to ensure safer financial transactions.
By Devroop Dhar, Co-Founder & MD, Primus Partners
source https://collegeeducationnewsllc.com/digital-india-needs-robust-cybersecurity-practices/
No comments:
Post a Comment