National Security Advisor: Urgent need to address risks from cyberspace
India’s National Security Advisor Shivshankar Menon released a report on the “Recommendations of Joint Working Group on Engagement with Private Sector on Cyber Security”, in New Delhi on October 15, 2012. Making public the report, Menon said facing the challenges from cyberspace requires both the government and industry to work together; the government cannot do this alone nor can the private sector do it on its own. He said it is a delicate act, how to balance social media responsibility with democratic freedom.
The Joint Working Group ( JWG) was set up under the chairpersonship of Latha Reddy, Deputy National Security Advisor to work out the roadmap for engaging the private sector in a public-private partnership (PPP) for strengthening the cyber security architecture in the country. It included representatives of both government and private sector. Reddy said, the recommendations are the outcome of extensive and in-depth discussions with the industry. She hoped that India could emerge as a global hub for developing cyber security products.
India’s current economic, social and infrastructure develop- ment process is making greater use of ICT for bringing transformation. However, this dependence on ICT makes the country vulnerable to cyber attacks that can have serious implications for both, the nation and economy. Given that the private sector leads the development and adoption of ICT, a need was felt that the government and private sector collaborate and work together to overcome the challenges of cyber security.
The JWG has identified the principles and objectives that would underpin the overall framework and roadmap for PPP on cyber security. It has recommended a “roadmap” for PPP on cyber security which includes setting up of an institutional framework, capacity-building in the area of cyber security, development of cyber security standards and assurance mechanisms, augmentation of testing and certification facilities for IT products.
Institutional framework would include setting of a permanent JWG, with representatives of government and private sector, to coordinate and oversee the implementation of PPP on cyber security. A Joint Committee on International Cooperation and Advocacy ( JCICA) will advise JWG in promoting India’s national interests at various international fora on cyber security issues.
To take the collaboration efforts ahead, the report identifies four pilot projects—setting up of a pilot testing lab, conducting a test audit, study of a sample critical information infrastructure and establishment of a multi-disciplinary Centre of Excellence (COE). The newly constituted JWG would work out the action-plan for implementation of the recommendations. Some of the other key recommendations of the JWG include: • Creation of Information Sharing & Analysis Centres (ISACs) in various industry verticals by the private sector which should coordinate with sectoral CERTs and CERT-In. • Provide training to law enforcement agencies (LEAs) in cyber crime investigation and cyber forensics by establishing training facilities and developing training materials & investigation manuals. • Promotion and dissemination of cyber security awareness
among general public through mutual collaboration. • Establishment of an ‘Institute of Cyber Security Professionals of
India’ for capacity building in security testing and auditing.