India Insights with Suparna Goswami

Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management

A Single Agency for Cybersecurity: Will It Work?

Sizing Up Plans to Revamp How India Battles Against Cyberthreats
A Single Agency for Cybersecurity: Will It Work?

India may soon have a single authority or agency responsible for the entire spectrum of cyber defensive operations.

See Also: Forrester Report |The Total Economic Impact™ Of Palo Alto Networks Prisma Cloud

The Hindustan Times quotes a government source who says the government plans to rearrange and reorganize more than 60 agencies engaged in protecting India's cyber infrastructure.

This is a good step that was long overdue. But the real test lies in actual implementation of the plan.

The government of India has a history of coming out with the best of plans, but then not carrying them out. Unifying the cybersecurity efforts of more than 60 agencies, each with their own controls and reporting systems, will be no easy task.

Dr. Rajesh Pant, national cybersecurity coordinator, recently told ISMG that one of his priorities would be to increase coordination among various cybersecurity agencies. "I find there are multiple agencies which are working in silos. I am trying to coordinate that," he said.

Creating a single cybersecurity defense center is a good idea because it would improve the nation's ability to deal with cyberthreats and enhance national security. To ensure success, however, the appointment of officials responsible for cybersecurity must be free from political influence. Emphasis must be given to transparency, performance metrics and accountability.

The Current Situation

Clearly, India has a lot of work to do when it comes to cybersecurity.

For example, IssueMakersLab, a group of South Korean cybersecurity experts, claimed that its research showed North Korean hackers were behind a cyberattack on India's Kundankulam nuclear power plant.

Despite the seriousness of the attack, no government official contacted Issue Maker Lab to discuss its findings, according to a report in the Asia Times.

Perhaps if India had only one central cybersecurity authority with clear responsibility, it would immediately respond to reports of foreign threats.

Consider this: India now has cybersecurity agencies under the central government as well as state governments. The Ministry of Electronics and Information Technology, the Ministry of Home Affairs, the Ministry of Defense, the National Security Council Secretariat, the National Technical Research Organization and many others have their own cyber units. Also working on cybersecurity are CERT-In and NCIIPC, the National Critical Information Infrastructure Protection Center.

The Ministry of Home Affairs recently established CyCord, a platform for government departments focused on hacking and online investigations. And other players include the National Cybercrime Threat Analytics Unit and National Cybercrime Forensic Laboratory.

Pant is advocating a new approach: creating a single agency with accountability for action on cybersecurity. And that's a good move.

Success of the New Agency

We have to wait and see how the roles and responsibilities of a new agency are defined - and how the roles of all these other organizations might change.

Those heading the new agency must commit to transparency. Over the years, every time a question has been raised on safety of government infrastructure, we have been offered the same statement: "We are safe and secure." Government officials rarely offer a performance report.

Here's hoping that 2020 opens the door to true cybersecurity progress in India.



About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.