Cyber crimes and cyber attacks are discovered day after day in India. There are some incidences that are not at all discovered and they remain so till someone lifts the lid. As the intensity and sophistication of these cyber attacks is increasing day by day, they are becoming more and more invisible and untraceable in nature.
Similarly observations were provided by the Cyber Law Trends and Developments of India 2013 (PDF), Cyber Security Trends and Developments in India 2013 (PDF) and Cyber Forensics Trends and Developments in India 2013 (PDF) provided by Perry4Law and Perry4Law’s Techno Legal Base (PTLB).
So bad is the situation that the national security of India is at risk unless we are naïve enough to consider cyber security as a non essential component of the national security policy of India. Recently Huawei was accused of breaching national security of India by hacking base station controller in Andhra Pradesh.
The problem with Indian cyber security initiatives is that India is very good at contemplating concepts but equally bad at implementing the same. The latest to add to this trend is the decision to constitute a cyber command for armed forces of India. India has also in the past released the cyber security policy but experts doubt about its effectiveness as it failed on many counts including privacy protection. This is so because India needs a techno legal cyber security framework that is presently missing. Meanwhile, sophisticated cyber attacks against India are rising.
India has never been serious about cyber law and cyber security. The essential techno legal capacity to ensure effective cyber security in India is missing till now. Even the common sense approach towards cyber security has been ignored by Indian for long. A situation has arrived where cyber security of India cannot be ignored any more and cyber security of India must be strengthened immediately. Inadequate cyber security in India has become a national security hazard.
The proposal to establish a cyber command for armed forces is a good step in the right direction as Indian cyber security is lagging far behind as compared to other countries. India is still struggling to deal with issues like cyber warfare, cyber espionage and cyber terrorism, etc. The critical infrastructure protection in India and its problems, challenges and solutions (Pdf) are still to be managed by Indian government. In a good step in this direction, the NTRO would protect the Critical ICT Infrastructures of India.
According to techno legal cyber security experts like Praveen Dalal, a dedicated cyber Warfare Policy of India (Pdf) must be formulated as soon as possible. The present effort of Indian Government seems to be a step towards that objective, opines Dalal.
However, the main thing is the “Implementation” of various Policies formulated from time to time. Till now Indian Government has not been able to implement the objectives of the National Cyber Security Policy of India 2013 (NCSP 2013). Further, India Government has also failed to integrate the NCSP 2013 with the National Security Policy of India, informs Dalal.
Another major failure of Indian government in this regard is the failure to enact a legislation mandating strict cyber security disclosure norms in India. Although proposed almost a year ago, the disclosure norms for cyber security breaches in India are still not implemented. This would prevent actual and effective implementation of cyber security norms in India. This would also affect the cyber security legal practice in India.
It is high time for Indian government to move beyond simple policies formulations to their actual implementation. Without implementation everything is just a dream.