Key stakeholders representing legal, cybersecurity, information security, law enforcement joined the International Conference on Cyber Law, Cyber Crime & Cybersecurity (ICCC) 2015 in New Delhi on November 19, organized by Cyberlaws.Net and Pavan Duggal Associates and noted that cyber criminals are a step ahead of all law-enforcing agencies and leveraging the Internet for every kind of attack, making India vulnerable.
The recent Paris attacks stand testimony to the fact that the world is waking up to physical attacks engineered by terrorists and their cascading effect on cyber-attacks as well.
Pavan Duggal, attorney, Supreme Court, and president of Cyberlaws.Net, clearly states, "The transition from physical terrorism to cyber terrorism is quite visible given that attack groups are clearly targeting the nation state and waging a cyber war against India, too."
The change this year's conference brings is deliberations regarding cybersecurity and strategies to combat attacks by evolving jurisprudence regarding cybercrime and security.
"When we initiated the conference last year, cybersecurity was an important aspect of the discussion; no framework or governing process was discussed," Duggal says. "However, this year, we witness more bilateral co-operation treaties being signed between various countries on discovering methods to combat serious cyber threats - an indication that everyone must comply with minimum standards of behaviour."
All this is very well, but the question is: Are there common denominators that can strike a balance evolving a legal framework and security governance that can help thwart these crimes?
Most Intriguing Challenge
Exclusive and parallel sessions centred the discussion on identifying cybersecurity challenges and securing cyber laws as a future step to tackle threats. Justice T S Thakur, Chief Justice of India (CJI) designate, on the sidelines of the conference, said criminals are a step ahead.
There is not an iota of doubt about requiring exclusive strategies to combat cyber terrorism, says Thakur, as cybercrime has emerged as a great challenge for law enforcement agencie,s and there is a need to put up a "united fight" against the global scourge of terrorism - hence, he sought formulation of laws to deal with it.
Indrajeet Banerjee, director, UNESCO, has not much to do with cybersecurity, but nevertheless is right in saying, "The UN has not been created to take you to Heaven, but prevent you from going to hell,' given the complex cybersecurity issues such as radicalisation of youth in misusing the Internet.
UNESCO's philosophy aligns with the current need to bring about peace, security and solidarity -the corner stone of sustainability.
Vint Cerf, Father of the Internet, calls upon individuals including legal and security practitioners to include three aspects of safety, privacy and security into their vocabulary, and urges the industry to be expansive and consider these aspects from a business standpoint.
But the most pertinent question remains: Are we flexible enough to bring about the required changes in our system and law and compliance methods or even speak about privacy? Our privacy bill, which is scheduled to be discussed and passed in the parliament, is still subjudice without any direction from the government.
India's cybersecurity co-ordinator, Dr. Gulshan Rai, expresses concern about lack of expertise in the country over aligning cybersecurity and cyberlaws with ICT development, as every sector in the future will be impacted by the growth in ICT and the way it is secured.
It is hoped that the 109 speakers invited to share their views and offer recommendations will eventually see their efforts result in creating certain standards.
The common thread that ties the sessions together is to treat cybersecurity and cybercrime as the nation's critical component that needs to be supported by every strata of legal, security, Intelligence, the government and defence.
The conference saw participation from a wide spectrum of groups, including bureaucrats from various departments and those with some association with cybersecurity, the police wing, advisors to police and law enforcement groups, forensics, legal practitioners, practitioners from defence services, cyber security practitioners, law students and more.
While the organizers from Cyberlaw Consulting put in good efforts to mobilize experts and others who made their presence felt in the limited time given, the impact of the discussions can be felt over time as the recommendations are rolled out. The fact is that one needs to observe how effective and practical the recommendations coming from this conference are - which has a bearing on the country and its security; only time can tell.
Cybercrime and cyber security challenges are explicit; awareness among experts about the urgency to address these is high. But the steps to implement and generate solutions necessary to tackle this as a holistic approach are missing.
It will be critical to see if such conferences bring about the desired results and game plan to address the issues raised.
In my opinion, the conference set the stage to create the awareness necessary among the groups about the gravity of the situation and why cybersecurity, cybercrime and cyberlaw need to be dealt with as a common platform to maintain the solidarity of the nation. The effectiveness can only be observed when stakeholders along with the decisionmakers at the government level will tighten their belts to consistently drive the message home, and track the progress of evolution of the framework and how it gets percolated down to every sphere of life.
ICCC is scheduled to have its third conference in November 2016, and expects to see the progress made in evolving a cybersecurity structure and bringing in the jurisprudence necessary.