For the first time since the advent of dedicated computer networks in the Indian government, the National Security Council Secretariat (NSCS) has come up with a comprehensive cyber security policy for upgrading the security of systems and preventing them from being hacked, attacked with malware, or intruded upon by hostile entities.
The policy will designate and authorise agencies to firewall the Indian system against intrusions, certified for security level for link-ups, with the capability of launching counter-attacks. The NSCS is all set to take the first three-pronged Indian cyber security plan to the Cabinet Committee on Security (CCS) for approval.
The overall cyber plan has been worked out by Lt Gen (Retd) Prakash Menon, military advisor, NSCS, under the guidance of national security advisor (NSA) Shiv Shankar Menon.
Headed by a national cyber security coordinator, who reports to the NSA, the plan has three components that demarcate task and authority. The existing Indian Computer Emergency Response Team (CERT-IN) will be tasked to handle the commercial aspects of cyber security, including 24x7 proactive responses to hackers, cyber-attacks, intrusions and restoration of affected systems.
The second aspect of the cyber plan is the creation of a technical-professional body that certifies the security of a network to ensure the overall health of government systems. While NSCS is advocating that initially the certification of networks could be done by private agencies, the long term plan is to create a technical body of professionals, all under 40, who will form the backbone of Indian cyber security.
The third aspect of the plan is cyber defence of critical infrastructure networks that are vulnerable to hostile foreign governments or proxy entities.