"To create adequate infrastructure and generate trust and confidence in our IT system, there is a dire need to update the cybersecurity policy". Discuss in the light of various changes being demanded in Cyber Security Policy,2013 in recent times.

November 4, 2022 February 21, 2024

Digital India and Make in India are two major campaigns being promoted by the NDA government to transform the society. Success or failure of these depends on government’s capabilities to secure the cyber networks in the country.
India’s infrastructure is vulnerable to four types of digital intrusions: espionage, cybercrime, attacks and warfare. To tackle such threats, the government unveiled its first National Cyber Security Policy in 2013. But even since its inception, the country has witnessed several sophisticated cyber attacks ranging from Wanna Cry ransomware attack to hack of Zomato Media Pvt. Ltd, a food technology based start-up. This necessitates a revised and updated cyber security policy for the country.
Changes being demanded in the Cyber Security Policy, 2013
The cyber security policy, 2013 focuses more on outlining broad principles on how to prevent cyber attacks but lacks clear institutional framework to address the challenges. The following changes have been demanded in the policy:

  • The National Cyber Security Policy, 2013 involves several stakeholders like Ministry of Electronics & Information Technology, National Critical Infrastructure Information Protection Center, Ministry of Home Affairs, and the National Cyber Coordination Centre. Multiple stakeholders create confusion in the mind of people regarding whom to approach during cases of cyber attacks or threats. This necessitates the cyber policy to be updated with concrete institutional arrangement to respond effectively.
  • The National Cyber Policy, 2013 broadly outlines a vision for creating a workforce of 5 lakh skilled professionals by 2018. However, so far the number for such skilled personnel has reached nearly 50,000 thereby creating huge gap. To counter this, demands have been raised for an updated policy with specific guidelines for the training and recruitment of cyber specialists in a time-bound manner.
  • The 2013 policy envisages for effective public and private partnership for securing safe cyberspace. But no concrete actions have been taken in this regard so far. To fill up such lacunae, there is demand for upgradation of old or framing of new cyber security policy. 

Topics: 

« »

Leave a Reply