Gone are the days when cyber security was considered a poor cousin of IT. It has gained a strategic national importance today. The fact that India’s Prime Minister Narendra Modi spoke about it in his Independence Day speech is a testimony to that. In his statement, PM Modi said that the country would soon introduce a new Cyber Security Policy.
Indeed, it’s been seven long years when the first Cyber Security policy was brought into effect in 2013. The cyber security and IT security landscapes have phenomenally changed in these past years. In the last few years, India has made rapid strides in the digital technologies, and as such, cyber security has become an essential part of national security.
From a technology perspective, internet of things (IoT) and artificial intelligence (AI) are on the verge of seeing a burst in adoption in the coming years. Once 5G spectrum auctions happen and the services get rolled out, there is bound to be a flooding of IoT and AI applications.
Strategic shift from MeitY to NSC
Notably, National Cyber Security Strategy 2020 was being prepared by a task force set up under the aegis of the National Security Council (NSC) Secretariat. NSC is a high-powered government agency that was first brought into existence during the tenure of late Atal Behari Vajpayee, and has evolved significantly in its role under the leadership of PM Modi. Ajit Doval is currently the National Security Advisor.
On the other hand, the National Cyber Security Policy of 2013 was prepared by the Department of Electronics and Information Technology (DeitY), Ministry of Communication and Information Technology (MeitY).
The shift from MeitY to NSC has clearly been prompted in the wake of a steep rise in state-sponsored cross-border cyber attacks from India’s adversaries. Concerns have been raised regarding the growing potential of attacks on government agencies as well as business establishments. A recent attack on e-mail servers of National Highways Authority of India (NHAI) is a case in point.
National security linkages
With Lt. General Rajesh Pant taking over as the Cyber Security Chief in 2019 from Dr. Gulshan Rai, the role of NSC in steering cybersecurity frameworks became all the more pronounced. While Dr. Rai had transitioned from DeitY, Lt. Col. Pant is a veteran specializing in defense IT and telecom matters.
In future, Better World expects the new Cyber Security Policy to define a framework where enterprise information security goals could have deeper linkages with the overarching theme of national security.
This could drive some fundamental shifts in the enterprise infosec landscape and also require CIOs and CISOs to have some working understanding of cyber laws, which are expected to undergo some modifications to align with the new Cyber Security Policy.
For example, it would be important for CISOs to better comprehend the policy constructs. This way, they could meaningfully provision that information security policies at their respective organizations have well-defined linkages with the broader national security frameworks.
The opportunity for CISOs to broaden their horizons and up the value chain could be around soon. Keep watching!