The National Cyber Security Policy, 2013

The National Cyber Security Policy, 2013:

The National Cyber Security Policy was established in 2013, with the purpose of monitoring, safeguarding, and strengthening defenses against cyberattacks. The goal of this policy is to guarantee safe and reliable cyberspace for individuals, organizations, and the government. This Policy aims to protect the information infrastructure in cyberspace, reduce vulnerabilities, develop capabilities to prevent and respond to cyber threats, and minimize damage from cyber incidents through a combination of institutional structures,  processes, technology, and cooperation....

Need for the National Cyber Security Policy:

India lacked a cybersecurity policy before 2013. It was felt to be necessary amid the 2013 NSA surveillance scandal. People are empowered by information, thus it’s important to distinguish between information that can move freely between systems and that needs to be secured. These could include private information, banking and financial information, and security information that, if it falls into the wrong hands, could endanger the safety of the nation. Therefore, the government must be able to foster public confidence in the Information and Communications Technology (ICT) systems that oversee financial transactions if it is to digitalize the economy and encourage more digital transactions. In order to cope with the issue of cyber security at all levels, the National Cyber Security Policy document presents a path for developing a framework for a thorough, collaborative, and collective response. The policy acknowledges the necessity of adopting objectives and strategies at both the national and international levels....

The Mission of the National Cyber Security Policy, 2013:

To prevent cyber threats and reduce vulnerabilities...

The Objective of the National Cyber Security Policy, 2013:

Encourage organized IT systems in all the sectors of the economy for a more secure cyber ecosystem. Also, strengthen more administrative framework for secured cyberspace.  To create cyber policies in compliance with the global security standard. Best international standard to be followed for infrastructure technology, people, and process. To enhance and develop indigenous cyber security technology, by operating a 24X7 National Critical Information Infrastructure Protection Centre (NCIIPC) and making it mandatory security practices related to the design, acquisition, development, use, and operation of information resources.  Build manpower of 500,000 cyber security skilled professionals in the next 5 years of time.  Provide Fiscal benefits to businesses that embrace standard security practices and processes. Ensure appropriate legislative intervention during the prevention, investigation, and Prosecution of cybercrime. Designate a National nodal agency with clearly defined roles and responsibilities for coordination of matters related to Cyber Security in the country.   All Private and public organizations must hire Chief Information Security Officer in their IT department. These organizations must develop information security policies based on their business requirement. Assure that the IT infrastructure is built in conformity assessment and certification of compliance to cyber security best practices, standards, and guidelines like ISO 27001 ISMS ISO 27001 ISMS certification, IS system audits, Penetration testing/ Vulnerability assessment, application security testing, and web security testing.  National Level Computer Emergency Response Team (CERT-In) to operate as Nodal agency for Cyber security emergency response and Crisis Management. It will function as an umbrella company of sectoral CERT. To collaborate on Research & Development projects with industry and those who develop technologies and solution-oriented research. Maintain bi-lateral and multi-lateral relationships with other countries’ cyber security teams. Strengthen National and Global corporations amongst security agencies, CERTs Defence agencies and forces, Law enforcement agencies, and the Judicial system....

Cause of Concern of the National Cyber Security Policy, 2013:

Many more challenges are rising every day with the rise in dependability on cyberspace....

Conclusion:

It is extremely important to build a robust information structure to preserve the integrity, confidentiality, and availability of information in cyberspace. However, many times India has become the victim of cyberattacks. Since then, there have been consistent efforts to build strong and durable cyberspace. The National Security Council (NSC), National Security Advisor (NSA), plays a key role in shaping India’s cyber policy ecosystem. Although another National cyber security policy was formulated in 2020, however, the rapidly increasing digitalization requires an extensive resilient Cyber security infrastructure....