Cybercrime is moving from vulnerable to victorious

There's definitely a trend of cybercrime becoming more sophisticated and impactful. Earlier cybercrime often focused on exploiting basic vulnerabilities in systems. It is need of the hour to build a secure connected future.

Hackers might target easily guessable passwords or use readily available malware. Defenses like firewalls and basic user education were often enough to deter attacks.

Today, Cybercriminals are becoming more skilled and organized. They employ advanced techniques like social engineering, zero-day exploits, and ransomware attacks. These attacks can cripple businesses, steal sensitive data, and cause significant financial losses.

The development of national laws and policies regarding cybersecurity reflects the increasing recognition of the importance of cybersecurity in safeguarding national interests, critical infrastructure, and personal data in the digital age. While China has taken significant strides in this area, with the introduction of laws such as the Cybersecurity Law and regulations on emerging technologies like GenAI, India's approach to cybersecurity governance differs.

India indeed has a National Cyber Security Policy, which was introduced in 2013 to address the country's cybersecurity challenges. However, unlike China's comprehensive Cybersecurity Law, India's policy framework primarily focuses on guidelines and principles rather than specific legal mandates.

The absence of a dedicated cybersecurity law in India has been a subject of debate and concern among cybersecurity experts and policymakers. Advocates argue that enacting a comprehensive cybersecurity law would provide a more robust legal framework for addressing cyber threats, regulating digital activities, and protecting critical infrastructure and data.

The efforts to draft a cybersecurity law in India have been ongoing, with discussions revolving around issues such as data protection, privacy rights, incident reporting requirements, and regulatory oversight. However, the process of formulating and enacting legislation involves various stakeholders and often takes time to address complex legal and technical considerations.

In the meantime, India has taken other measures to strengthen cybersecurity, including the establishment of CERT-In (Indian Computer Emergency Response Team) to coordinate incident response and cybersecurity initiatives, as well as initiatives to promote cybersecurity awareness, capacity building, and international cooperation.

As cybersecurity threats continue to evolve and digital technologies advance, the need for robust legal frameworks and proactive cybersecurity measures remains paramount for countries like India to secure their digital ecosystems and protect the interests of their citizens and businesses.

Dr. Deepak Kumar Sahu, President & CEO, VARINDIA