India Opens Cyber Coordination CentreExperts Say Engagement Model Essential to Handle Threats
The Indian government has set up a National Cyber Coordination Centre to handle cyber-threats and national security issues in co-ordination with the country's intelligence agencies.
The Prime Minister's office confirms that the finance ministry has allocated US$130 million toward the project.
Security experts express relief at the news, while questioning if NCCC will effectively engage public and private bodies, intelligence agencies and the industry in driving strategic cybersecurity initiatives.
"NCCC can be an umbrella organisation coordinating between all law enforcement agencies and defence groups in beefing up national security," says Mumbai-based Prashant Mali, advocate and president of Cyber Law consulting. "Given the government has now appointed Dr. Gulshan Rai at the helm of cybersecurity at the PMO, the industry can hope for effective strategies to be rolled out."
When Will NCCC Open?
According to information shared with the media by the sources at the prime minister's office, the NCCC will commence operations immediately.
The project has been pending since 2013, sources say, awaiting governmental approvals such as clearance from the finance ministry and a final nod from the Cabinet Committee for Economic Affairs.
However, NCCC, which had received an in-principle approval from the committee of security in May last year, could not take off for reasons unknown.
The source believes the government has realized the need for such a cybersecurity centre, given the increasing online fraud and cyber-attacks challenging national security.
"The government's cybersecurity arm, the Indian Computer Emergency Response Team (CERT-In) , will be the main agency for establishing and running the functions of NCCC," the source says. It will be supervised by the PMO's office under the leadership of Dr. Gulshan Rai."
The centre will screen online threats and coordinate with intelligence agencies to handle national security issues. NCCC will take responsibility of scrutinizing any malicious information that may flow into the networks with the help of service providers.
NCCC will be involved in compiling data and its analysis and make it actionable in real-time by sharing it with various intelligence agencies and law enforcement groups. The centre is expected to coordinate between intelligence agencies, specifically during network intrusions and cyber-attacks. Its mandate may also include cyber-intelligence sharing.
According to the source, as per the structure, the recently formed five-member cybercrime panel including academics and the government will look after the centre's functioning and track online terror activities.
While the government's initiative has gone down well with industry practitioners, most agree it is a wait and watch situation.
Observes Mali, "I hope NCCC will have new initiatives rolled out to handle cyber-threats and become the voice of the industry."
Hyderabad-based Col. M V Ganapathy, former senior official at the PMO, says, "I would expect NCCC to ensure real-time assessment and sharing of cybersecurity threat-related issues and generate actionable reports/alerts for proactive action by the concerned law enforcement agencies."
However, what is not clear is if NCCC will still be under the control of National Information Board, as was proposed earlier. Questions are being raised on the level of information-sharing by the centre with public and private bodies.
Ganapathy believes the objective of setting up NCCC must be justified in terms of co-ordination and information sharing about cyber-attacks with stakeholders.
"India doesn't have an institutionalised and a formalised set-up for sharing cybersecurity issues on a regular basis, like the MAC (Multi Agency Centre, revamped in 2009, post 26/11 Mumbai attacks, under Information and Broadcasting ministry) which is the nodal agency for sharing intelligence related to terrorism, national security, etc," he says.
He says CERT-In is more of a response agency to firefight cybersecurity breaches at the national level. The National Security Council Secretariat established to handle national security is more calibrated toward providing inputs for framing of national policies and to the National security Advisor. All other intelligence organisations' roles are more about gathering intelligence.
"Therefore, huge gap in information sharing exists in the present security environment which prevents timely and effective counter measures for dealing with critical cybersecurity issues," he says.
The Way Forward
Security leaders informally list out an agenda for NCCC to help address the criticality of threats and be a proactive agency.
They believe that NCCC must mold itself into a more transparent and info-sharing agency. It must assess likely threats before attacks are committed, and ensure the responsible law-enforcing agency takes proactive measures to prevent their occurrence.
Ganapathy recommends initiatives that NCCC must consider:
- Formulation of cyber policy initiatives;
- Synergizing the coordination of cybersecurity threats;
- Ensure real-time flow of information related to cybersecurity threats across all intelligence and private agencies;
- Ensure greater involvement of the private sector in formulating cybersecurity policies, especially related to e-commerce, banking, national critical infrastructure protection;
- Act as a facilitator for real-time assessment of cybersecurity threats in India;
- Address concerns related to citizen privacy issues without compromising on national security;
- Formulate techno/legal framework for cyber policy issues.
Experts also suggest that the centre work on three levels of cybersecurity planning: an immediate two-year plan; a mid-term plan for three to five years and a long-term plan between five-20 years in strategizing India's national security plan, based on a SWOT analysis.
"The centre must seriously address the acute shortage of InfoSec skills, while having a long-term cybersecurity capacity building plan," Mali says.