India remains one of the soft spots for cyber attacks, becoming the top three countries having most victims in 2012-2013 phishing attacks according to security firm Kaspersky. Every year around 3.7 million people in India are victims to some sort of phishing attack causing lose in personal and financial information’s. Indian government with an aim to protect its citizens privacy, corporate data and sovereign virtual assets including telecommunications systems, nuclear plant and military assets from cyber attacks today released its first National Cyber Security Policy 2013.
National Cyber Security Policy 2013 serves as an umbrella framework for defining and guiding the actions related to security of cyberspace. The policy provides an overview to protect information and information infrastructure in cyberspace build capabilities to prevent and respond to cyber threats, reduce vulnerabilities structures, people, processes, technology and cooperation.
Some of the key objectives from National Cyber Security Policy 2013 –
- Creating a secure cyber ecosystem in the country with a nodal agency designated to coordinate all matters related to cyber security in the country.
- Mechanism for sharing information in identifying and responding to cyber security incidents and for cooperation in restoration efforts.
- Creating an assurance framework with compliance to global security standards.
- Strengthen the regulatory framework for ensuring a Secure Cyberspace ecosystem.
- Operate a 24×7 National Level Computer Emergency Response Team (CERT-In) to function as a Nodal Agency for coordination of all efforts for cyber security emergency responses and crisis management.
- Enhance the protection of Nation’s critical information infrastructure by operating a 24×7 National Critical Information Infrastructure Protection Center (NCIIPC)
- Develop suitable indigenous security technologies.
- Create a workforce of 500,000 professionals skilled in cyber security in the next five years through capacity building, skill development and training.
- Enable protection of information while in process, handling, storage and transit so as to safeguard privacy of citizen’s data and for reducing economic losses due to cyber crime or data theft.
- Effective prevention, investigation and prosecution of cyber crime and enhancement of law enforcement capabilities through appropriate legislative intervention.
- Create a culture of cyber security and privacy enabling responsible user behavior and actions through effective communication and promotion strategy.
For more information read the full document published by Department of Electronics and Information Technology (pdf below) –
Image credit – Milind Deora (Twitter status)