Saturday, June 4, 2011

Is India Serious About Cyber Security?

Cyber security is an international issue but its dealings are still mostly national in nature. Recently the second worldwide cyber security summit was organised at London. It emerged from the summit that there are little chances of having an international cyber security treaty.

Naturally, countries are working in the direction of protecting their own turfs rather than protecting the cyberspace at large. For instance, Scotland Yard has established a cyber flying squad to fight cyber crimes. Australia has planned a cyber defence strategy to combat cyber crimes. India and US have signed a cyber security agreement. ICANN and INTERPOL have decided to ensure Internet security. The list is endless but all these initiatives have missed a crucial point.

These are “Piecemeal Efforts” and without “International Harmonisation” Cyber Crimes and Cyber Security Attacks cannot be effectively tackled, opines Praveen Dalal, managing partner of Perry4Law and CEO of Indian Human Rights Protection Centre for Cyberspace.

International Organisations must be more proactive towards fighting Cyber Crimes at International level. Time has come to abandon the “Bilateral Agreements” approach and adopt Multilateral and International Harmonisation approach, suggests Dalal.

At the national level, we are not at all good at cyber security in India. We have no cyber security strategy of India. Further, we have neither the cyber warfare policy of India nor critical ICT infrastructure protection policy of India. The worst aspect is that we have no legal framework for cyber security in India. Even the cyber law of India is redundant and impotent and it deserves to be repealed.

Our banks and financial institutions are not safe from cyber attacks. Even though a RBI working group on information security has provided guidelines to ensure cyber security due diligence by banks of India no banks has implemented these cyber security guidelines so far.

India has adopted a casual approach towards cyber security and the same need to be changed as soon as possible.