Draft Cybersecurity Strategy

According to the central government, the National Security Council Secretariat (NSCS) has formulated a draft National Cyber Security Strategy, which holistically looks at addressing the issue of security of national cyberspace.

About the ‘National Security Council Secretariat’ –

• Background —
  • The National Security Council (NSC) of India is an executive government agency established in 1998 and tasked with advising the Prime Minister’s Office on matters of national security and strategic interest.
  • The NSC is the apex body of the 3-tiered structure of the national security management system in India.
  • The 3-tiers are the Strategic Policy Group, the National Security Advisory Board and a secretariat from the Joint Intelligence Committee (JIC).
• About National Security Council Secretariat (NSCS) —
  • NSCS is the apex agency looking into the political, economic, energy and strategic security concerns of India.
  • National Cyber Security Coordinator (NCSC) works under NSCS and coordinates with different agencies at the national level for cyber security matters.

About the ‘Draft Cybersecurity Strategy’ –

• Risk-based approach — To be adopted by the private sector, the government, academia and civil society in assessing and responding to cyber-related threats or issues.
• Multi-stakeholder approach — To enhance the effectiveness of all key stakeholders in improving the cybersecurity posture by recognising the various roles and responsibilities of different stakeholders.
• External Cooperation — The strategy will also promote bilateral, regional and international cooperation, recognising the borderless nature of cyberspace.
• Respect for the rule of law and human rights — To promote, protect fundamental human rights and freedoms of citizens.
• Capacity development — To address fast changing cybersecurity issues and developments.
• Socio-economic development — To ensure cyberspace is fully leveraged by broader socio-economic development, facilitate sustainable socio-economic development across the entire nation.
• Addressing Cybercrime — To promote and facilitate both individual and collective action in tackling cybercrime.

What are the other measures taken by government?

• • The Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers and networks.
    • CERT-In is a functional organisation to secure Indian cyberspace.
    • It monitors Indian cyberspace and coordinates alerts and warning of imminent attacks and detection of malicious attacks.
  • CERT-In operates the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) to detect malicious programmes, to provide cyber security tips and best practices for citizens and organisations.
  • CERT-In and the Reserve Bank of India jointly carry out a cyber security awareness campaign on ‘Beware and be aware of financial frauds’ through the Digital India Platform.
  • The Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs (MHA), has been designated as the nodal point in the fight against cybercrime.
  • The MHA has issued National Information Security Policy and Guidelines to the Central Ministries as well as State governments and UTs with the aim of preventing information security breaches and cyber intrusions.
  • Pursuant to the UN resolution, an ad-hoc committee to elaborate a ‘Comprehensive International Convention on Countering the Use of ICTs for Criminal Purposes’ was established.
    • As a member of the committee, India has proposed criminalisation of cyber terrorism under the said Convention.