India’s cyber security: India needs defensive cyber capabilities
In the last few years, cyber security has attained growing importance in all debates on national security. Cyber capabilities are now considered an essential element of national power. The onset of the Covid-19 pandemic and the consequent rise in the number of people working from home digitally has resulted in the exponential rise in cyber attacks and criminal activities in cyberspace. In the coming years, the importance of cyberspace is set to rise even further and hence, issues of internet governance, fixing accountability, setting of norms and building a broad framework to ensure safe and secure cyberspace is necessary.
In this context, two latest developments warrant our attention: the International Institute of Strategic Studies (IISS), an influential London-based think-tank, published a report ‘Cyber Capabilities and National Power’ which assessed the cyber capabilities of 15 states including India. Unrelated to the launch of the report but linked with the theme of it, India’s Foreign Secretary (FS) Harsh Vardhan Shringla delivered an important address on Cyber Security in the United Nations Security Council (UNSC). The article considers these two developments together as the FS’s speech provides an outline of India’s approach to cyber security whereas IISS report assesses India’s cyber capabilities.
FS’s speech noted that ‘our overarching objective is to harness cyberspace for the growth and empowerment of people, not just of our own country, but for all humanity.’ India is committed to ‘open, secure, free, accessible and stable cyberspace environment’ and would like cyberspace to be a key driver for ‘innovation, economic growth, sustainable development.’ As per the IISS report, in terms of cyber capabilities, India is in the third-tier countries along with Indonesia, Iran, Japan, Malaysia, North Korea and Vietnam. These countries are at a ‘much earlier stages in their cyber journeys, each having strengths or potential strengths in some of the categories in the methodology but significant weaknesses in others. ’ The report concluded that India’s cyber capabilities have been focused on Pakistan and need to be bolstered to deal with the evolving threats, especially from China. In this context, the growing role of private sector and diplomatic collaborations with partners like the United States and Britain would certainly help.
Based on these two developments, we can discern three broad trends: first, India is actively thinking about the issue of cyber security and is advocating a multi-stakeholder approach as opposed China which favour state control. Second, cyber security is relevant not only for securing India’s digital infrastructure but also for the larger transformation of India as could be seen in the development of the CoWin platform for vaccination. And finally, India has been taking steps, such as creating agencies, developing doctrines and pursuing diplomatic collaborations with like-minded strategic partners, to ensure that deficiencies in the cyber security domain could be addressed. However, much more needs to be done as national security will hinge increasingly on cyber security. India needs to build defensive and more importantly, offensive cyber capabilities while pushing for the creation of governing norms and frameworks for the use of cyberspace.
(The study has been authored by Sankalp Gurjar)