Comments
The Make in India initiative has identified 25 core sectors as part of its effort to give a special thrust. While cyber security isn’t one of the sectors, it is embedded in three of the 25 sectors — defence manufacturing, electronic systems, and IT & BPM.
Much has happened in these areas in the two years since Make in India was launched, but not much by way of boosting the cyber security ecosystem. This is clearly an area of priority, according to the Prime Minister himself, and a business opportunity given the challenges.
In the backdrop of successful IT-BPM services, India has grown over the past two decades and now exports to the tune of $108 billion out of its output of $143 billion. The focus on IT enabled inclusive growth fostered by initiatives such as Digital India and Skill India, cyber security initiatives that include capacity building, should have been more pronounced.
But it has not happened. Despite a national cyber security policy (NCSP) announced in 2013 that purported to list almost every aspect of performance under 14 parameters, somewhere the delivery seems to be off-track. A serious relook is needed at the overall ecosystem of cyber security in the country.
The challenges posed by the emerging nature of the threats, the ease with which cyber attacks are being launched from foreign soils on strategic targets and a glamorous internet governance model are overshadowing priorities for a robust cyber security regime.
Not enoughThe first call is to understand where we realistically stand vis-a-vis cyber security, and in many cases national security. We have an inadequately staffed and funded structure at the national level; the national cyber security coordinator is dealing with turf wars between ministries and agencies, trying to overcome the problem of poor budgets for cyber security.
The CERT IN, the warning and response organisation, functions with almost no budget for the current nature of threats and responses. Security services for loosely defined critical infrastructure almost doesn’t exist beyond the usual anti-virus mindset and intrusion detection systems.
Every entity is content with the foreign supplied network systems and patches. Nowhere have we moved to ensure that chip designing and building for our military and civil needs, as well as the billions of routers that we use for our sensitive networks, become integral to the Make in India campaign.
Hence, despite defence manufacturing, electronic systems, and IT & BPM being a part of the Make in India campaign, we haven’t made much headway in tactical communications and electronic warfare. Nothing has really moved on the ground with respect to chip, router and radio manufacturing in India, due to delays and lack of R&D.
Power it upA nation that should have naturally become the cyber-security-related hardware leader based on our embedded software strengths today is being guided by fly-by-night experts and vested interests. We are becoming backbenchers in global internet governance dialogues, peddling multistakeholderism instead of going by the Prime Minister’s exhortations to lead from the front with our inherent strengths in technical capacity building and defining policies. So while the ministry concerned is immersed in internet governance policies, industry body NASSCOM is well past its 12 week period announced in May 2015 to “identify the key priorities and build detailed plan” for cyber security. While awareness and concerns have built up and seminars and conferences have increased, the budgets and building blocks are not in sight to deal with threats from state and non state actors in both espionage and actual hacking missions.
A real look at the institutional competencies has to be undertaken sooner than later. Cyber warfare is just not decades or years away, it is something that is on everyone’s radar and our perennial adversaries have no ethical qualms left to not attack our critical infrastructures at the first opportunity.
It won’t be surprising to see two of our destabilising neighbours coordinating to take on our networks.
Future courseIt is crucial to focus on potential avenues that bolster our cyber security ecosystem, encompassing hardware, software, system integration and most importantly people who collectively devise and generate a delivering mechanism.
It is essential to move away from the pitch of internet governance and privacy buffs who relegate cyber security to a past time approach.
The might and reach of e-commerce and social media is all very well but cyber security remains a paramount concern. Issues of technical infrastructures have their own priority and unless they are focused and built with the right indigenous dose, many vested interests will benefit.
There is no time to reinvent the wheel. But the scope to shape cyber security partnerships and manufacturing under Make in India is tremendous. It is possible under credentials that Indian companies have built to absorb technology.
Let the remaining term of this government see such an inclusive ecosystem being built up so that we are better equipped to meet security challenges. The NCSP needs to take a clear, bold look to be more relevant, and implementable on a time bound manner.
The writer is a cyber security and defence consultant
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.