INTRODUCTION
With the growth of internet, the dependence on computers has increased exponentially. The challenge is to protect critical information infrastructure, like civil aviation sector, Railways’ passenger reservation system and communication network, port management, companies and organisations in power, oil and natural gas sectors, banking and finance, telecom sector, etc. from cyber attacks. India is ranked fourth among the top 50 countries in terms of the number of cyber crime complaints reported to the Internet Crime Complaint Centre (IC3), preceded only by the US, Canada and the UK based on the 2014 IC3 annual report (The Telegraph, 2015).
Shortage of trained cyber security workforce is of serious concern to India. In comparison to China, US and Russia that have 125000, 91080 and 7300 trained cyber experts respectively; India has merely 556 cyber experts deployed in various government agencies (Joshi, 2013). India is considered an IT superpower that is a major exporter of software and hosts major ITES-based outsourced businesses.
Therefore, IT constitutes a major share of Indian economy. Recently, European Union has picked holes in India’s data security system and suggested that a joint expert group be set up to propose ways on how the country should tighten measures for qualifying as a data secure nation (Sen, 2013). Therefore, India needs look seriously into upgrading its Information Security infrastructure and reframe cyber policies to get data secure status from EU. This is crucial for India to retain high-end outsourced business, which has a potential of increasing from the existing $20 billion to $50 billion.
COUNTER CYBER SECURITY INTIATIVES IN INDIA
To counter cyber security attacks, Government of India have taken some initiatives which are listed below:
- National Counter Terrorism Center(NCTC): After 26/11 attack in 2008, suddenly the Indian government realized the importance of Counter terrorism initiatives and proposed National Counter Terrorism Center(NCTC) to provide intelligence inputs to the decision makers to plan for counter terrorist activities. The NCTC is supposed to coordinate between various State and Central govt. agencies and serve as a single and effective point of control and coordination of all counter terrorism measures. It is modeled on the American NCTC and Britain’s Joint Terrorism Analysis Centre and will derive its powers from the Unlawful Activities Prevention Act, 1967 (Mrunal, 2012).
- National Information Security Assurance Programme (NISAP): To create the awareness among the people in the government and critical sector organization, CERT-In has taken an initiative called National Information Security Assurance Programme (NISAP), to develop and implement information security policy and information security best practices based on ISO/IEC 27001 for protection of their infrastructure. CERT-in has established the facility for Computer Forensics for investigation of cyber crimes and to provide hands on training to the law enforcement agencies and judiciary. This infrastructure is being augmented to include network forensics and mobile forensics investigation facility. CERT-In is cooperating with defence, banks, judiciary and law enforcement agencies in training their officials as well as extending the support in investigation of cyber crimes (Srinath, 2006).