G20 AND CYBER SECURITY - SECURITY

G20 AND CYBER SECURITY - SECURITY

News: Cyber security is global problem, declares G20 Digital Economy Ministers' meet

What's in the news?

●       Union Minister Ashwini Vaishnav said there was absolute consensus in the G20 meeting on the concept and application of Digital Public Infrastructure (DPI), cyber security and skilling in handling digital technology.

Delhi Declaration and Cyber Security:

●       The Delhi Declaration is a draft proposal for G20 countries to commit to responsible state behaviour in cyberspace based on existing non-binding norms that they have already agreed to under the United Nations.

●       At its special meeting in India in 2022, the United Nations Security Council Counter-Terrorism Committee unanimously adopted it.

Initiatives are being taken by the government to enhance cyber-security in India:

1. Information Act, 2000:

●       The Information Act, 2000 (amended in 2008) is the primary law for dealing with cybercrime and digital commerce in India.

2. National Cyber Security Policy, 2013:

●       The policy provides the vision and strategic direction to protect the national cyberspace.

3. The CERT-In (Cyber Emergency Response Team – India):

●       CERT-In has been operational since 2004. It is the national nodal agency for responding to computer security incidents as and when they occur.

4. Indian Cyber Crime Coordination Centre (I4C):

●       The Union Government has decided to set up 14C. It will be an apex coordination centre to deal with cybercrimes.

5. Cyber Swachhta Kendra:

●       Launched in early 2017, the Cyber Swachhta Kendra provides a platform for users to analyse and clean their systems of various viruses, bots/ malware, Trojans, etc.

6. Cyber Surakshit Bharat:

●       The Ministry of Electronics and Information Technology, launched the Cyber Surakshit Bharat initiative to spread awareness about cybercrime and build capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

7. The Cyber Warrior Police Force:

●       In 2018, the government announced its plans to introduce CWPF.

●       It is proposed to be raised on lines of the Central Armed Police Force (CAPF).

8. Cyber-Crime Prevention against Women & Children’ Scheme:

●       Implemented by the Ministry of Home Affairs, the scheme aims to prevent and reduce cybercrimes against women and children.

Challenges in India's Cyber Security Approach:

1. Lack of Cybersecurity Work Force:

●       The Indian military, central police organizations, law enforcement agencies and others are deficient in manpower, for software and hardware aspects integral to this field.

●       Moreover, there is a growing demand for professionals in Artificial Intelligence (AI), Block Chain Technology (BCT), Internet of Things (IoT) and Machine Learning (ML). According to several estimates there is a need for at least three million cybersecurity professionals today.

2. Lack of Active Cyber Defence:

●       India doesn’t have the ‘active cyber defence’ like the EU's General Data Protection Regulation (GDPR) or US’ Clarifying Lawful Overseas Use of Data (CLOUD) Act.

3. Overlapping Regulatory Bodies:

●       Unlike the US, Singapore, and the UK where there is a single umbrella organisation dealing in cybersecurity, India has several central bodies that deal with cyber issues, and each has a different reporting structure.

●       Further, each state government has its own Cyber emergency Response Team (CERT).

4. Dependency on Foreign Players for Cyber Security Tools:

●       India lacks indigenisation in hardware as well as software cybersecurity tools.

●       This makes India’s cyberspace vulnerable to cyberattacks motivated by state and non-state actors.

5. External Challenges:

●       Challenges such as growing Chinese influence in the Indian telecom space, social media are becoming a powerful tool for dissemination of “information” making it difficult to differentiate fact from fake news.

WAY FORWARD:

1. Building capabilities:

●       There is an urgent need to build capabilities and capacity for application, equipment and infrastructure testing.

2. Human resource:

●       Immediate attention has to be given to human resource development which would increase the number of experts who can effectively manage the cyber security of the country.

3. R&D:

●       Investments should be made on R&D to develop more innovative technologies to address increasing cyber security threats.

4. Policy and Governance:

●       It is important to bring a robust policy and effectively implement the same.

●       Further, duties and responsibilities should be defined clearly for smooth functioning and better coordination among departments and stakeholders.

5. Awareness:

●       A periodic awareness campaign by the government and big private organizations should be conducted to inform people about cyber security threats.

6. Strengthening Private Partnership:

●       It is important to strengthen the public-private partnership on cyber security.

●       Cyber-security is needed in the present era of increasing connectivity.

●       Although the government has taken many proactive steps, much needs to be done to enhance the country’s cyber-security.

●       It is important to bring a robust policy and effectively implement the same.