India to Get a New Cybersecurity Policy Soon

by | Apr 11, 2020

Indian Technology Sector, India's Digital Economy, game-changers, NASSCOM, India, Indian IT

Indian telecom service providers offer the lowest data rates in the world. India is also the most populous country, with 1.3 billion people. More than half its population comprise youth below the age of 25 years. And smartphones are the primary source of Internet access for most Indians. With the availability of affordable data packs and falling smartphone prices, Indians are consuming more services (and data) on the Internet, through mobile apps, and of course, by watching a lot of videos! Digital payments and mobile wallets took off after the Government of India announced demonetization in 2016. All this makes Indian consumers prime targets for hackers who are out to steal user credentials (like credit card numbers and authentication details) and money from mobile wallets.

A report from Symantec Corp. (now part of Broadcom) last year revealed that India is the second most cyberattacked country in the world, after the U.S. and China. This was widely reported in the media. Indian law, notably the Indian IT Act 2000, does not fully protect its citizens from new threat vectors like phishing, SIM jacking, ransomware, mobile payments fraud, bank fraud, malware attacks, social engineering, and DDoS attacks—all increasingly common these days. But the Indian government is expected to release a new cybersecurity policy this year. India’s Personal Data Protection Bill is also under review and is expected to be passed this year.

Speaking at the Cybersecurity India Summit 2020 in New Delhi last month, Lt. Gen. (Dr) Rajesh Pant, National Cyber Security Coordinator, Prime Minister’s Office, Government of India, said the new policy would be introduced in two to three months, that would make it May or June 2020. Pant said the new cybersecurity policy would address all the issues related to Cyber ecosystem like standardization, testing, auditing and capacity building. This was reported by The Economic Times.

In a presentation made previously, Dr. VK Saraswat, Member, NITI Aayog, said cybersecurity is crucial to all industries in India today–to protect critical infrastructure from attacks, damage, misuse, and economic espionage. He said the top five causes of “cyber disruptions” are phishing and social engineering, malware, spear phishing, denial of service, ransomware, and out of date software.

Most Indian organizations have already been attacked by hackers, though only few incidents are reported in the media. CERT-In (the Indian Chapter of the global Computer Emergency Response Team), has the authority to penalize Indian organizations that do not report breaches.

While corporate India and Indian citizens keenly await the new cybersecurity policy, we can only hope that it will provide robust protection for businesses and consumers—and give them legal teeth to fight attackers.

RELATED INDIA STORY

How the IT Industry in India Has Kept up and Evolved with Business Demands

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 29 years of journalism experience (since 1994). Brian is the former Editor of CHIP India, InformationWeek India and CISO Mag. He has served India's leading newspaper groups: The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Director, Editorial. You'll find his most current work on CIO Inc. During his career he wrote (and continues to write) 5000+ technology articles. He conducted more than 450 industry interviews. Brian writes on aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He achieved certifications from the EC-Council (Certified Secure Computer User) and from IBM (Basics of Cloud Computing). Apart from those, he has successfully completed many courses on Content Marketing and Business Writing. He recently achieved a Certificate in Cybersecurity (CC) from the international certification body ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The First 90 Days Are Crucial for the CISO and CIO

This book arms you with insights into crafting a robust 90-day plan, and you’ll be well-equipped to catapult into CIO or CISO roles successfully. Beyond technical proficiency, the book instills survival skills, ensuring longevity and helping you prevent burnout in these pivotal positions.

Similar Articles