Budget and Cybersecurity, a missed opportunity
The oft-reported instances of cyber or cyberenabled fraud that one sees practically every day in the newspaper clearly point to a low-level of awareness and cyber-hygiene among citizens. Allocation of additional funds for Meity’s Cyber Swachhta Kendra at
In the lead up to the 2020 Budget, the industry looked forward to two major announcements with respect to cybersecurity. First, the allocation of a specific ‘cybersecurity budget’ to protect the country’s critical infrastructure and support skill development. In 2019, even Rear Admiral Mohit Gupta (head of the Defence Cyber Agency) had called for 10 per cent of the government’s IT spend to be put towards cyber security. Second, a focus on cybersecurity awareness programmes was seen as being critical especially considering the continued push for ‘Digital India’.
On February 1, in a budget speech that lasted over 150 minutes, the finance minister made references to ‘cyber’ only twice. Once in the context of cyberforensics to propose the establishment of a National Police University and a National Forensic Science University.
Second, cybersecurity was cited as a potential frontier that Quantum technology would open up. This was a step-up from the last two budget speeches (July 2019 and February 2019) both of which made no references to the term ‘cyber’ in any form.
In fact, the last time cyber was used in a Budget speech was in February 2018, in the context of cyber-physical weapons. When combined with other recent developments such as National Security Council Secretariat’s (NSCS) call for inputs, a National Cyber Security Strategy (NCSS), the inauguration of a National Cyber Forensics Lab in New Delhi and an acknowledgement by Lt. Gen. Rajesh Pant (National Cyber Security Coordinator) that ‘India is the most attacked in cybersphere’ are signals that the government does indeed consider cybersecurity an important area.
While the proposal to establish a National Forensic Science University is welcome, it will do little to meaningfully address the skill shortage problem. The Cybersecurity Strategy of 2013 had envisioned the creation of five lakh jobs over a five-year period. A report by Xpheno estimated that there are 67,000 open cybersecurity positions in the country.
Globally, Cybersecurity Ventures estimates, there will be 3.5 million unfilled cybersecurity positions by 2021. Two million of these are expected to be in the Asia Pacific region.
It is unfair to expect this gap to be fulfilled by state action alone, yet, the budget represents a missed opportunity to nudge industry and academia to fulfilling this demand at a time when unemployment is major concern. The oft-reported instances of cyber or cyber-enabled fraud that one sees practically every day in the newspaper clearly point to a low-level of awareness and cyberhygiene among citizens.
Allocation of additional funds for Meity’s Cyber Swachhta Kendra at the Union Budget would have sent a strong signal of intent towards addressing the problem.
(The writer is a research analyst at The Takshashila Insitution, an independent centre for research and education in public policy. All views are the author’s own and do not necessarily reflect the newspa