India to Create a Unified Cyber Security Task Force

Data is the new oil, and technology is the new weapon. India is going digital at a fast pace post-pandemic. The question is, are we ready to rebuff the cyber threats that a digital India brings? What role will a Unified Cyber Security Task Force play in writing India’s success story against cyber attacks?

Cyber Security Task Force is the need of the hour

From virtual workplaces, online payment systems, and digital marketplaces; India will witness the biggest wave of digitalization in this decade. The Covid-19 pandemic has catalyzed the transformation by fastening the adoption of digital services in every nook and corner of the country. But there is a dark side to the ongoing wave of digitalization. Cyber attacks and cyber threats recorded a manifold increase during the past few years. But, the cyber security industry in India has not grown at a similar pace as cybercriminals and their tactics. The situation is worsening and therefore Indian Government plans to constitute a Unified Cyber Security Force in 2022. The question is, “Why does India Need a Unified Cyber Security Task Force?”

Also Read: “How Indian MSMEs will drive India’s Export Growth in 2022?”

Why does India Need a Unified Cyber Security Task Force?

Due to the ever-increasing risk of cyber warfare and frequent cyber attacks, it becomes important for India to have a unified cybersecurity force to lead the cyber security industry in India. Here are a few data points showing recent cyber attacks statistics:

• According to a report on Global Cybersecurity Outlook 2022 by World Economic Forum, every organization faced an average of 270 cyber attacks last year. India spends around INR 1.25 lakh crore every year due to cyber attacks.
• Government data reveals that India recorded 1.16 million cyber attacks in 2020. The numbers show a gigantic threefold increase from 2019 data and 20 fold from 2016. Some private reports suggest that the actual cyber attack instances were even more.
• Frequent malware and ransomware have been injected either into Indian citizens’ devices or the country’s systems. Wannacry, Petya, and Pegasus are examples of such Trojans.
• We also saw blocking of MasterCard by RBI for not complying with the direction of storage of Payment system data.

How can a Unified Cyber Security Task Force strengthen the Cyber Security Industry of India?

The establishment of a Unified Cyber Task Force is a welcome move that will enable robust Indian Cyber security solutions. Here are a few ways the cyber security task force is expected to revolutionize India’s preparedness against various types of cybercrimes in India.

1. The Unified Cyber Security Task Force will take intelligence inputs from cyberspace watch dogs as well as international agencies. 
2. The body will also have a sub-task force to concentrate solely on cyber security in the telecom industry. The body will develop telecom-specific security solutions for call forging, caller ID spoofing, etc. Call forging still remains one of the biggest cyber threats in India and is used for caller ID spoofing. Apart from forging, cybercriminals manipulate other SIP trunks to display caller IDs. The task force is expected to work to prevent and prepare against such attacks executed through voice over internet (VoP) protocol.
3. The cyber security task force will provide a comprehensive yet exhaustive review of presently fragmented cyberspace. It will also enable information sharing and supplementing software supply channels.

Also Read: Fashinza identifies Ludhiana as a key sourcing hub; prepares to partner with 100+ leading suppliers from the region

India’s Initiatives for cyber security so far

India has a National Technical Research organization (NRTO) to provide technical intelligence for internal and external cyber security. Besides, a robust Computer Emergency Response Team (CERT-in) works under the Ministry of Electronics as a nodal agency that analyzes vulnerability to cyberattacks and suggests solutions proactively. The Ministry of Electronics and Information Technology in collaboration with the Data Security Council of India is working to set up a National Centre of Excellence. The establishment of such a facility is crucial for fostering R&D and innovation in cyberspace. Also, the Home Affairs Ministry has put into action the “Cyber-Crime Prevention against Women & Children” scheme to prevent cyber crimes against children and women. The scheme aims to spread awareness on types of cybercrime in India and how to deal with them.

In addition, the Ministry of Defense is in the process of setting up a Defense Cyber Agency and a Cyber Emergency Response Team. The two bodies will work in sync to reduce cyber attacks in all three defense services. 

The Missing Pieces in India’s Cyber Security Puzzle

At present, India ranks 23rd on the UN Global Cybersecurity Index (GCI). The ranking is quite better than other Asian nations but there is room for more improvement. India plans to rank under the top 10 in upcoming years. But the present situation tells a different story.

As India suffers from sophisticated cyber attacks negatively impacting the public and private sector, our preparedness and resilience framework is not in line. The cyber threats have been impacting critical installment systems of utmost national interest along with common citizens. Such instances are essentially warning signals indicating weakness of Indian cyber security solutions and inadequate infrastructure. An all inclusive approach including every stakeholder from the Government to cyber security startups to citizens and organizations is the key to ensure safe digitization.

On the International front, the national security should go hand in hand with cyber security. The cyber attacks have destabilized countries in the past, especially in war-torn nations. India holds a strategic but risky position in geopolitics along with major issues with some neighboring nations. The possibility of misusing cyber attacks to threaten national cyber security of India to access critical information cannot be denied.

Also Read: “The road to entrepreneurship is paved with skill development”

As India focuses on Smart India and Digital India Mission, digitization will bring along cybercriminals working as eager beavers to hack into systems. Therefore, besides bringing in advancement, equal focus should be on the role of the cyber security industry in India. 

1. The National Cyber Security Policy of 2013 is outdated. The global and domestic cyberspace scenario has changed a lot since 2013. First and foremost, India needs an updated Cyber Security Policy to act as a guiding light for further initiatives.
2. A National Cyber Security Strategy is under formulation process. The strategy should be inclusive of all stakeholders from the public and private sectors.
3. Policies and schemes remain mere words without effective implementation on the ground level. India severely lacks on the cyber security infrastructure front including research departments, skilled professionals, clusters, training institutes, etc. Therefore, a major focus should be upon providing the essential infrastructure to make India a cyber security giant.
4. India needs more precautions to establish a robust cyber posture for national defense arms. Cyber audits and frequent checks can be a great head start in this direction.
5. The cyber security sector suffers from a lack of funds and investments. This in turn impacts the prospects of the industry’s upheaval. Apart from public funds, the industry can also attract foreign investments directly as well as portfolio investments. Motivating more angel investors to invest their trust and money in such startups will provide a boost to cyber security startups.

Effective Initiatives Including Key Stakeholders

While the setup of a unified cybersecurity task force is a step in the right direction, we need proactive steps at the micro level as well. Problem-based awareness training can eliminate such attacks to a large extent. For example, virtual workplaces should provide employee awareness training. As most cybercriminals use emails as bait, the company’s employee base is the primary target. Companies can provide security awareness training and use security attack simulators for strengthening the cyber security posture of industries. Moreover, with frequent audits, penetration testing, and vulnerability assessments; it is possible to detect the weak points and fix them timely. Last but not the least; the citizens should be made aware of the basics of cyber security such as phishing, call forging, malicious files, and viruses. The cyber security in the telecom industry is also a crucial domain that should be taken care of.

The relevance of cybersecurity was evident in the development of the Co-Win platform for mass vaccination. To harness the potential of cyberspace for India’s growth; an open, safe, and freely accessible cyberspace is imperative. The country is still in the earlier stage of its cyber security journey and needs to build effective cyber capabilities. We have a long road ahead to strengthen national cyber security of India and fend off cyberattacks simultaneously.

By,

Prasad P. Patkar