India has been pushing for delivery of public services through e-governance for long. However, India failed to consider the cyber security aspects of e-governance and this is a dangerous situation. When everything is connected to the Internet or cyberspace, the risks of cyber attacks are very real and significant. Now India has once again adopted an ambitious technology driven project named Digital India.
Even Digital India has been heading towards rough waters due to lack of clear policies and implementation plan. Besides civil liberties protection in cyberspace, Indian Government must also keep in mind the cyber security aspects of Digital India project. As on date India is a sitting duck in cyberspace and civil liberties protection fields.
The Centre of Excellence for Cyber Security Research and Development in India (CECSRDI) has provided the cyber security trends and developments in India in 2013 (PDF), 2014 and 2015. These trends have proved that India has failed on the front of developing offensive and defensive cyber security capabilities. At CECSRDI we believe that cyber security challenges in India would increase many folds in the near future and India must be prepared to deal with the same effectively and efficiently.
The cyber security challenges before the Narendra Modi Government are both complicated and voluminous in nature. Unlike other readymade and almost completed projects and schemes that the Congress Government has left for the BJP Government, the cyber security related issues were not properly dealt with by the Congress Government. Even the National Cyber Security Policy of India 2013, as formulated by Congress Government, is grossly defective and useless. BJP Government has the challenge of managing the cyber security related issues on its own and from the very beginning.
In a significant move, the Prime Minister’s Office (PMO) has appointed Gulshan Rai as the first Chief Information Security Officer (CISO) of India. We at Perry4Law Organisation (P4LO) and CECSRDI welcome this pro active move of PMO and Indian Government. This would go a long way in ensuring critical infrastructure protection in India (PDF). We also strongly recommend that a revised Cyber Security Policy of India 2015 must be drafted by Modi Government that must address cyber security issues in a more comprehensive and holistic manner.
This CISO position would operate directly under the PMO and this is a good move. We believe that issues of cyber security and national security must be managed at the highest levels and nothing is better than the present PMO. Gulshan Rai has been heading the computer emergency response team (CERT-IN) at the department of electronics and information technology (DeitY) and he has done a wonderful job at CERT-IN. Appointing him as the CISO is a good move of Modi Government as he is already well aware of the cyber threats landscape in India. He would now take charge as special secretary for cyber security.
Rai has been working since 1998 in the area of evolving legal framework to address issues arising out of cyberspace. He is also expected to head the national cyber coordination centre (NCCC) that the Government is also setting up with a budget of Rs 1,000 crore. Since Rai’s expertise and services would be required as a CISO, DeitY has already posted a vacancy for the post of director general for CERT-IN.
We wish all the best to Indian Government and Dr. Gulshan Rai for this challenging job.