Cybersecurity Challenges in India
By Aditi Bhat
With India carving a niche for itself in the IT sector, dependence on technology is also increasing. However, there are two things that set India aside from the players in the big leagues, like the United States and China, and that is design and density. With Indians using the internet for all their needs, ranging from shopping to banking, studying to storing data, cyber crimes have also increased in proportion to usage.
Some of the Cybersecurity challenges in India are as follows:
1. Lack of uniformity in devices used for internet access – With varying income groups in India, not everyone can afford expensive phones. In the US, Apple has over 44% market share. However, in India the iPhones with their higher security norms are used by less than 1% of mobile users. The widening gap between the security offered by the high-end iPhone and lower cost mobiles make it almost impossible for legal and technical standards to be set for data protection by the regulators.
2. Lack of national level architecture for Cybersecurity - Critical infrastructure is owned by private sector, and the armed forces have their own firefighting agencies. However there is no national security architecture that unifies the efforts of all these agencies to be able to assess the nature of any threat and tackle them effectively. The Prime Minister’s Office has created a position towards this cause but there is a long way to go before India has the necessary structure in place.
3. Lack of separation – Unlike countries or states, in cyberspace there are no boundaries, thus making the armed forces, digital assets of ONGC, banking functions, etc. vulnerable to cyber attacks from anywhere. This could result in security breaches at a national level, causing loss of money, property or lives. To respond to possible threats on the country’s most precious resources, there is a need for a technically equipped multi-agency organization that can base its decisions on policy inputs and a sound strategy.
4. Lack of awareness - As there is no National regulatory policy in place for cybersecurity there is a lack of awareness at both company level as well as individual level. Domestic netizens can protect and be protected from the cyber attacks only if there is a guided and supervised legal framework.
With India’s highly skilled IT workforce, efforts must be harnessed and redirected towards strategic use by the government. Incentives provided by the government to the industry would encourage investment from the private sector towards an agency focused on national cybersecurity. With strengthened cybersecurity defences in India’s future, Indian businesses will become more competitive on a global level and create a safer digital India.