The Emerging $5 Trillion Economy to Receive a Cybersecurity Policy Upgrade in 2020
The National Security Council Secretariat sought suggestions and comments to form the National Cyber Security Strategy 2020 (NCSS 2020) until December 31, 2019. The council solicited comments under three broad cybersecurity pillars:
- Securing the national cyberspace
- Strengthening the people, processes, structures, and capabilities
- Synergizing resources with collaboration and cooperation
The Digital India mission and rising cybersecurity concerns in the country have escalated the value of the cybersecurity market in India. The cybersecurity market currently stands at $4.5 billion and is expected to reach $35 billion by 2030.
India faced a wide variety of cyberattacks in 2019. Out of those, a majority were instances of Trojan attacks, followed by standalone worms and infectors.
Trojans are software pieces that appear legitimate. Users are tricked into executing these programs on their systems. After a Trojan is activated, it can plant a number of attacks on the host device ranging from irritating the user with pop-up windows to deleting files, stealing data, and more.
On the contrary, standalone worms replicate and create functional copies of themselves. Then, these programs can cause annoying effects or damage data or cause DDoS (Distributed Denial of Service) attacks.
In one major incident, on October 20, authorities at the National Power Corporation of India (NPCI) confirmed that India’s biggest nuclear power station in Kudankulam had fallen victim to a cyberattack by a North Korean hacker group.
The malware Dtrack had leveraged security loopholes in the network, reflecting that a multi-layered defense system was a necessity in critical infrastructures to shield them from the newest risk attempts.
This and the similar attack on the Indian Space Research Organization are believed to be phishing attempts on employees. While none of these attempts resulted in a massive impact on India and its critical infrastructure, the possibility was a sounding alarm for the country officials to shape international discussions on cyberspace and security.
Aligning Policies to Meet Tech Modernization
Given the borderless nature of cyber events, there is a need for large-scale cooperation to ensure systems are secure and robust. India’s National Cyber Security Policy (2013) did not factor this into account.
However, the upcoming National Cybersecurity Policy (2020-2025) presents an opportunity for the country to align its domestic cybersecurity policy with its global aspirations. The cyberspace has low barriers to entry and any attacks within the virtual space can reflect in the physical world as real risks to property and resources.
Right from hampering the working of critical infrastructures, such attacks can influence democratic processes through misinformation.
According to a National Cyber Security Coordinator, 5G is about to change the entire scope and feasibility of cybersecurity in India. There are now newer aspects to ensuring cyber resilience that didn’t exist before, such as IoT and ransomware.
Since all Fourth Industrial Revolution technologies including 5G and IoT rely heavily on data being available all the time through the cloud, it will get harder to secure data while offering a polished user experience. According to the Global Risks Report 2020 by the World Economic Forum, IoT increases the potential cyber-attack surface with 21billion IoT devices already existing.
Attacks on IoT devices increased by over 300 percent in 2019, and we don’t foresee that trend slowing down. Bringing everything into account, Indian policymakers will be focusing on bringing out regulations that support tech advancements while keeping cybersecurity risks in check.
The call for comments took into account the effect of modern technologies such as cloud computing and AI on how cybersecurity can be ensured. It also raised issues of including law enforcement in cyberspace, data protection and privacy, access regulations for data stored beyond boundaries, misuse of social media platforms, international cooperation on cybercrime and cyber terrorism, and so on.
Cybersec experts and members of the advisory board under PMO say that the strategy will not be restricted to computer science and information security, but will also extend to securing critical infrastructure from banking to aviation, and strategy projects such as nuclear power plants and space programs.
The Effect of Cybersecurity on Becoming a $5 Trillion Economy
The present government in India visualizes the country soon becoming a $5 trillion economy. Releasing a major update to the cybersecurity policy in January 2020 will enable the government’s vision and prove effective in securing the nation’s digital assets.
Experts in the subject suggest that considering the size and scale of India, the country will need to allocate a budget of Rs 25,000 crore to make cybersecurity provisions strong.
In order to achieve this aim of becoming more cyber secure, India will have to ask for increased coordination between ministries overseeing cybersecurity, critical infrastructure protection, and partnerships in the public and private domains.
Watch this space for a special roundup of the cybersecurity policy as it gets unveiled.