India may soon have a single authority or agency responsible for the entire spectrum of defensive cyber operations in the country, a senior official in a security agency said on condition of anonymity.
The move comes even as India faces renewed threat of cyber attacks and cyber terrorism . For instance, the breach in a part of a network of India’s largest civil nuclear facility, the Kudankulam Nuclear Power Plant (KNPP) in Tamil Nadu, in September. The attack did not compromise critical systems, but gained access to the plant’s administrative network.
According to the official cited in the first instance, the government’s plan is to rearrange and reorganize over a dozen agencies engaged in the protecting India’s cyber infrastructure.
Currently, these agencies have their individual control and reporting systems. The idea is to restructure these to ensure better coordination and functioning, the official added.
The Ministry of Electronics and Information Technology, the Ministry of Home Affairs, the Ministry of Defence, the National Security Council Secretariat (NSC), and the National Technical Research Organization (NTRO), and several other departments and agencies have their own cyber units that look at various aspect of cybersecurity.
Then there are specialised units including the Computer Emergency Response Team, India (CERT.IN), National Critical Information Infrastructure, and the National Cyber Coordinator Centre.
More are being added by the day. For instance, MHA recently launched CyCord (Cyber Cooperation Centre) under the Intelligence Bureau (IB). CyCord is a platform of several agencies and government departments. It plays a defensive role in the cyber world, and focused on hacking and online investigations . The ministry already had the National Cybercrime Threat Analytics Unit (TAU), the Platform for Joint Cybercrime Investigation Team, the National Cybercrime Forensic Laboratory and the Cybercrime Ecosystem Management Unit.
National Cyber Security Coordinator, Lieutenant General Rajesh Panth has now been given the job of working out a structure that brings together the capabilities of all these units and agencies. “The primary task of the National Cyber Security Policy 2020 will be to bring in cohesion,” the official cited in the first instance said. He added that “there have been several rounds of discussions at the National Security Council Secretariat (NSCS) on the issue and a broad framework has already been worked out.”
The last National Cyber Security Policy was released in 2013. The new policy – National Cyber Security Policy 2020 – will emphasize cybersecurity awareness and hygiene. It is likely to suggest a cybersecurity course for schools and colleges curriculum.
The reorganisation will need the assent of the Union Cabinet before being implemented.
“The reorganization must also deal with the fact that the Information Technology Act is under the Ministry of Electronics and Information Technology (MEITY). In the current parliamentary system, the ministry responsible for implementing the law generally gets to regulate and execute it,” a second senior official associated with Indian cyber security efforts said, asking not to be identified.
“We are studying models across the world before we arrive at a structure,” a third senior official directly involved in the process of coming up with the plan said on condition of anonymity.
“Globally, the trend is to have overarching agencies for better and command and control. It is time we also have a similar structure. India’s capabilities in the cyber world have expanded and there are a large number of agencies, but sharing real-time information is always not enough. Cyber defence capabilities is a critical strategic requirement. I think this a very positive move,” said Aruna Sudarajan, a former telecom secretary.
Across the world, the command control of defence cyber operations has been put under a well defined single command and control. For instance, the Government Communications Headquarters (GCHQ) of the United Kingdom is responsible for all things related to protecting cyberinfrastructure. Similarly, the Cyber Security Agency of Singapore reports to the Prime Minister and is responsible for the complete spectrum of defensive cyber operations. The National Security Agency of the US has the complete command and control.