Security is the Best Policy

United States have taken a five pronged approach to cyber security – identify, protect, detect, respond and recover

With the growing publicity of high-profile cyber security incidents, India is becoming increasingly aware of security considerations. The National Cyber Security Policy drafted by CERT-In and the NASSCOM-DSCI Cyber Security Task Force established in 2015 are examples of India’s efforts to combat cyber security threats. While the government’s efforts to combat cyber crime are commendable, they can tremendously improve on their cyber security posture once the National Cyber Security Policy is fully implemented. 

Cyber security threats have been evolving rapidly and crooks are coordinating attack vectors to maximise user vulnerability. According to 2015 Global Cyber Security Status Report, a whopping 92 per cent believe cyber attacks are one of the top three threats facing organizations today. Yet, an alarming 87 per cent say there is a shortage of skilled cyber security professionals in the country, and only 41 per cent feel prepared to fend off a sophisticated attack. This necessitates the need to prepare for the threats of the future by ensuring that clear but flexible national policies support agile private sector solutions that are best able to respond to global cyber security threats. 

Nations including the United States have taken a holistic approach to safeguard the interests of their businesses and citizens through five pronged approach to cyber security – identify, protect, detect, respond and recover. To establish a secure environment for India’s Information Technology (IT) infrastructure and related assets, it is imperative to create a solid foundation to thwart any risks that will ensure both public and private entities including small enterprises are well equipped to face the cyber security challenges of a connected world. 

The exchange and sharing of the appropriate information at the right time, coordinated among relevant actors, is considered the best way to reduce and mitigate risks and respond to cyber incidents. A legal framework, if developed, for appropriate information sharing between the private sector and the government, and among the private sector, while ensuring appropriate safeguards for the confidentiality of sensitive and personal information can bring a boost to the nations cyber security framework. Due to the global nature of cyber threats, cybersecurity should not be addressed in isolation. Coordination and collaboration between governments and private sector entities from around the globe are key elements to achieving an effective and holistic approach to cybersecurity.