The Indian government’s proposed cybersecurity laws will seek to prevent corporations from concealing security and data breaches, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar said at the launch of IBM’s security command centre in Bengaluru, Economic Times reported.
“You will soon hear in the next few days new regulations going out there that puts the onus on organisations to report cybersecurity crimes and not just push it under the carpet, because it is important that at any given point the government and its agencies have absolute clarity and clear situational awareness of the threat matrix that is around and is active in the cyberspace in India,” he was quoted as saying by ET.
Chandrasekhar revealed that nearly 100 million-odd cyber incidents have been reported by CERT-In (Computer Emergency Response Team) so far. India is reportedly the second-most attacked country as far as cybercrime is concerned, he added.
Chandrasekhar’s comments might be an indication that the government is likely to announce India’s National Cybersecurity Policy. It will be a significant step in addressing the menace of growing cyber incidents as India does not have a comprehensive cybersecurity law presently.
2021 on track to be the biggest year for cybersecurity incidents
A cybersecurity law might go a long way in helping establish standard operating procedures in case of cybersecurity incidents that have been on the rise since 2020. The pandemic forced widespread adoption of technology as people remained locked in their homes, but it also attracted criminals looking to dupe unsuspecting users.
A total of 12,13,784 cybersecurity incidents were reported to CERT-In up till October this year, Chandrasekhar had revealed in response to Rajya Sabha MP Shreyams Kumar’s question during the winter session of the Parliament last year.
What is CERT-In? The Indian Computer Emergency Response Team is responsible for tracking and monitoring cybersecurity incidents in India.
The data on cybersecurity incidents for 2021 without the last two months is still higher than the total number of cases—11,58,208—in 2020. Government organisations were the target in 32,736 incidents up till October 2021, whereas the figure stood at 54,314 last year. The Ministry of Electronics and Information Technology (MeitY) did not reveal whether India’s critical infrastructure was targetted in these incidents.
The figures revealed by CERT-In is a good indicator of the overall cybersecurity situation of the country, and as it stands, the situation looks grim with 2021 on track to be the biggest year in terms of cybersecurity incidents reported in India. It is high time that the government wastes no time in coming out with laws to deal with this growing malaise.
Will India’s pending cybersecurity policy see the light of day?
The government was supposed to launch the policy in 2020 but the pandemic threw a spanner in the works. The Ministry of Defence then informed the lower house of the Parliament in August 2021 that the government was in the final stages of approving the National Cyber Security Strategy that has been in the pipeline since 2019.
The new policy will cover several aspects of cyberspace including:
- Governance and data as a national resource
- Building indigenous capabilities
- Cyber audit
- Decentralisation of cybersecurity responsibilities
- Cyber insurance
- Internet of Things
Currently, India adheres to the National Cyber Security Policy 2013 but the policy is considered to be outdated given the pace of change that has taken place in cyberspace over the last decade.
IBM’s Security Command Centre
The IBM Security Command Centre will be set up in Bengaluru, India to help companies improve cybersecurity response, training, and preparedness. The centre is the first IBM Security Command Centre in the Asia-Pacific region; it has two such centres in the US and Europe serving 11,000 customers, according to a blog post by the company.
“It is a fully immersive, interactive, and experiential learning facility that will enable team training and exercises of cyberattack responses. The centre comes with simulations and experiences to help organisations build a more effective cyber incident response. It gives your team an opportunity to learn, practice and defend against cyberattacks in a safe and controlled environment,” the company said in a statement.
IBM India Managing Director Sandip Patel said that Asia has become the most targeted region for cyber attacks and it is the first time the Asia Pacific has featured at the top of the list, PTI reported.
“India, Australia and Japan emerged as most attacked geographies with ransomware as the dominant attack in India. We have a responsibility to respond and act now,” Patel was quoted as saying.
The company did not disclose the size of its investment in the facility which includes a Security Operation Centre (SOC) that will provide security response services to organisations. IBM’s global SOC network spans nine locations, including in Atlanta (United States), Australia, Costa Rica, Japan, Poland, and Saudi Arabia, ET said in its report.
- A closer look at Biden’s cybersecurity policies since becoming US President in 2021
- More cybersecurity incidents reported till October this year than whole of 2020: MeitY reveals in Rajya Sabha
- What India should do to improve cybersecurity in Healthcare — Ambassador Latha Reddy, Co-Chair of the Global Commission on the Stability of Cyberspace – #NAMA
- 2021 is going to be the year of ransomware: National Cybersecurity Coordinator Lt Gen (Dr) Rajesh Pant – #NAMA
- 416 crores allocated this year to strengthen nation’s cybersecurity, here are some measures taken so far: IT Ministry
Have something to add? Post your comment and gift someone a MediaNama subscription.