The government is embarking on a three-pronged initiative to fill a critical gap in the country’s information security infrastructure
The government is embarking on a three-pronged initiative of setting up a National Cyber Coordination Centre (NCCC), strengthening its email system and establishing a botnet clearing center. These measures will not only fill a critical gap in the country’s information security infrastructure but will also provide a thrust to the already burgeoning e-commerce sector.
The National Cyber Coordination Centre would be India’s e-surveillance and cyber security agency. It would not only screen communication metadata but will also co-ordinate the intelligence gathering activities of other agencies. Some of the gears of NCCC will include cyber crime investigation training, cyber crime prevention strategy, and review of outdated laws. This new body will fall under the National Information Board (NIB), which is the country’s top cyber security policy-making wing. National Security Advisor, Ajit Kumar Doval, is also the head of NIB.
There have been voices from certain quarters against NCCC on the grounds that it could infringe on people’s privacy since the country lacked concrete privacy laws. However, experts think otherwise.
According to information security experts, establishing the National Cyber Coordination Centre (NCCC) is a necessary and important step. There are independent agencies specializing in different areas of cyber security. However, there has to be an apex agency that coordinates the work of all the other bodies. NCCC’s role will be that of an apex agency. It will help in presenting a coordinated response to attacks, information sharing and emergencies.
India has different agencies focusing on specific information security areas. For instance, CERT-In provides emergency response inputs, NTRO (National Technical Research Organisation) is a technical intelligence agency under the National Security Adviser, and NCIIPC (National Critical Information Infrastructure Protection Centre) facilitates safe, secure and resilient information infrastructure for critical sectors of the nation. In the absence of a central coordinating agency, they are working in silos.
Felix Mohan, former CISO, Bharti Airtel feels the botnet clearing center is another great proposal, which will tackle the menace of botnets right at the gateway level.
“As compared o the global average of 60-70 percent, in India 80 percent of the computers are botnet ridden. The government gets a lot of information on the IPs of C&C (command and control) servers of botnets. By collaborating with telcos and ISP, these can be blocked right at the gateway. It will go a long way in helping the corporates struggling to fight against bots,” says Mohan.
With 90 percent of the attacks happening on people and not on technology, the government’s aim to strengthen its email makes sense. Social engineering, through email attachments, is the major vector of phishing attacks. This move is aimed to curb such attacks.
Vishal Salvi, former CISO, HDFC Bank, believes these steps by the government will bring about fundamental changes in the information security landscape in the country.
“Such steps are the need of the hour. They will help in further boosting the online business growth story in the country. While cyber security is an ongoing journey, we should celebrate the fact that such projects are being taken up.”
The total budget for the three initiatives is Rs.1000 crore and the department of electronics and information technology is expected to soon approach the Cabinet for its approval.
Add new comment