Computer Emergency Response Team (CERT) plays a crucial role in ensuring cyber security of the field to which it relates. CERT can play the role of first responder as well as fighting against the present and potential cyber threats associated with the current cyber event. In the Indian context, we have a Computer Emergency Response Team (CERT) India (CERT-In) that is protecting Indian cyberspace. However, it ha snot become fully effective due to limited expertise and responsibilities. At the same time, CERT-In is also not supported by sector specific CERTs so the entire burden is upon CERT-In to bear. Perry4Law Organisation (P4LO)
and its Centre of Excellence for Cyber Security Research And Development in India (CECSRDI)
have been suggesting
that India must have sector specific CERTs to effectively manage cyber security of various sectors. We have been advocating that a robust cyber crisis management plan of India
is need of the hour. We have also suggested that crisis management plan of India for cyber attacks and cyber terrorism
The problem with Indian cyber security initiatives is that we do not have a robust and resilient cyber security infrastructure in India
even in 2017. We do not have dedicated cyber security laws in India
and even mandatory cyber breach disclosure norms
are missing. That means companies, individuals and organisations have little incentive to use robust cyber security infrastructures.
While intelligence agencies of foreign countries like Central Intelligence Agency (CIA) of US have been warning
about potential cyber threats since 1968. And in India we are still not able to formulate a robust techno legal cyber security policy
. Even the very own National Critical Information Infrastructure Protection Centre of India
needs urgent rejuvenation. Further, we have been hearing about establishment of National Cyber Security Coordination Centre of India
since decades. Even the promised Tri Service Cyber Command for Armed Forces of India
is nowhere in picture. Even the banks
and financial markets
are not cyber security and we are going to face more problems in near future due to push for digital payments
So the decision of Indian government to establish a separate response team
for tackling of cyber attacks on the financial sector is a good one and Perry4Law Organisation (P4LO) and CECSRDI welcome this step. This announcement was made by Union Finance Minister Arun Jaitley during the presentation of the Union Budget for 2017.
Computer Emergency Response System with an integrated approach of linking the regulators like SEBI and Reserve Bank of India (RBI) would boost the confidence and support digitisation at an accelerated pace. This could also open up opportunities for fin tech companies which are active in the technology space in the financial sector. RBI has also started the process of establishing a separate IT subsidiary
that would take care of cyber security issues of banks in India.
Let us hope that this initiative would be implemented very soon and it would help in strengthening of financial sector of India.