A cyber security specialist deliberates on how India can play a more proactive role in cyber security issues on a global level.
Highlights:
Indian companies and experts are at the forefront of new developments in IT, including artificial intelligence and cyber security.
India currently ranks in the middle when it comes to global statistics on cyber security, leaving much room for improvement.
India has been named as one of the regional leaders crucial to deciding the trajectory for the internet in the Digital Decider report by New America.
Today, India is one of the pillars of the global economy and an influential player in regional and global affairs. Similarly important are India's contributions to information technology as Indian companies and experts are the forefront of new developments in IT, including artificial intelligence and cyber security.
As we attempt to predict the future, it is self-evident that India's economic growth will be increasingly dependent on the Internet. For example, the Economic Times explains that “the digital economy today comprises 14-15 per cent of India's total economy, and is targeted to reach 20 per cent by 2024. India has more than 120 recognised 'data centres' and clouds.” Similarly, the much publicised report “India's Trillion-Dollar Digital Opportunity,” produced by the Ministry of Electronics and Information Technology in partnership with McKinsey, argues how “India's digital transformation has the potential to empower unserved and underserved segments and create $1 trillion of economic value in 2025, sustaining 60-65 million jobs.”
Since the future of India's socio-economic growth is dependent on the Internet, it is not surprising that the country is similarly interested in cyber security to protect said growth. This is an issue that deserves a deeper analysis, as cyber security is an ever-present concern for governments, private companies and individuals alike.
Right now, the Indian government continues its drafting of a National Cyber Security Strategy 2020 (NCSS 2020). The Indian government even created a website, via which users can submit opinions and suggestions about the main objectives of the strategy, which are: Secure (the national cyberspace), Strengthen (structures, people, processes, capabilities), Synergise (resources including cooperation and collaboration). Another current initiative to keep in mind is the Personal Data Protection (PDP) Bill.
Apart from developing an always-necessary strategy, there have been other practical developments. For example, the Indian Computer Emergency Response Team (CERT-In) has helped reduce attacks throughout the country in recent years - it has also created a program called Cyber Swachhta Kendra, which is a cleaning bot used for malware analysis and detecting malicious programs. At the private level, there are plenty of companies, well-established and start-ups, in India to watch out for in the coming years. These include the Bangalore-based cyber security group Secozine, and Wijungle, which develops and markets unified network security gateways.
Given these developments, it is necessary to understand India's place in cyber security affairs when compared to other nations - two reports give us an idea of the situation. According to the 2018 Global Cybersecurity Index, published by the International Telecommunication Union, India ranks number 10 in the Asia-Pacific region (Singapore being number 1) and 47 at the global level. This is a fairly middle-of-the-road location. On the other hand, a study made by Comparitech puts India at number 15 out of 60 countries (1 being the worst, which was Algeria), in terms of cyber security. These are promising statistics, but obviously, there is much more that can be done to improve India's position.
As India seeks to improve its cyber security, it is similarly important to be bold and look outside its borders and figure out how New Delhi can help shape the global discussion on cyber security. Hence, it is worth mentioning the 2018 report published by New America, a think tank based in Washington DC, called “The Digital Deciders.” The report explains that nowadays, there is a “cluster of states [that] we refer to as the Digital Deciders - a group of states undecided or unconcerned about the best trajectory for the internet. If we want to build our version of the internet - one where the internet is free, open, and global and sovereign internets are an anomaly - we will need to do a better job of building our coalition more broadly.” Unsurprisingly, India is one of the countries mentioned as a Digital Decider. The report even states that “our data points to several expected regional leaders as potentially crucial - Brazil, India, Indonesia, Mexico, and Singapore.”
A 7 November commentary for the Lawfare Blog suggests ways via which New Delhi can expand its influence in global IT affairs. The article focuses on three methods, “(a) internet governance forums, (b) cyber norms formulation processes that seek to establish norms to foster responsible behaviour in cyberspace by states and non-state actors in cyberspace, and (c) global debates on trade and cross-border data flows.” To this, we could add cyber security, since “in 2020, there will be a large-scale shift towards AI-powered vulnerability management solutions that can map threats and vulnerabilities across the entire organisational IT stack and present in-depth actionable insights to address the same.”
As 2020 commences, the Indian government should also jump-start its cyber security strategy, both domestically and as a pillar of the country's foreign policy strategy.
Wilder Alejandro Sanchez is an international security analyst who focuses on geopolitics, military and cyber security issues.