India Insights with Geetha Nandikotkur

Governance & Risk Management , Information Sharing , Legislation & Litigation

Cybersecurity: Time to Move from Talk to Action

India Needs a Comprehensive, Pragmatic Plan
Cybersecurity: Time to Move from Talk to Action

U.S. and India cybersecurity leaders convened in New Delhi this past week - their fifth such meeting - to discuss collaborative ways to counter cybercrime and enhance global security.

See Also: Restructuring Your Third-Party Risk Management Program

But when will India take the next step and actually strengthen its cybersecurity initiatives? For too long, progress on this priority has been lacking. And other U.S-India talks have failed to yield tangible results.

What's missing? A pragmatic plan from Indian authorities to devise a comprehensive, practical cybersecurity policy embedding the recommendations of such discussions. 

For instance, last year, the U.S.-India Business Council's senior leaders reviewed many issues, including cyber threats, information sharing and incident management. The Indian team was led by National Cybersecurity Coordinator Dr. Gulshan Rai.

While the U.S. has rolled out frameworks around information sharing, incident response and related cybersecurity issues, we've yet to see any concrete progress in India.

"I've seen many such joint dialogues happening, which is good, but without concrete results - which is indeed disheartening as we don't see any visible best practices for any sector," says Mumbai-based Advocate Prashant Mali, president and co-founder of Cyber Law Consulting.

What's missing? A pragmatic plan from Indian authorities to devise a comprehensive, practical cybersecurity policy embedding the recommendations of such discussions.

Lack of Progress

For too long now, India's government leaders have been discussing the same issues over and over again, with little to show for it.

The meeting last week dealt with many of the same issues as previous meetings: exchanging information on cyber threats; promoting bilateral cooperation on law enforcement and cybercrime issues; creating a mechanism for cooperation, including setting up appropriate subgroups; coordinating cyber capacity-building efforts, including testing and standards; and confirming support for the preservation of openness and interoperability, enhanced by the multi-stakeholder system of internet governance.

But in the most recent meeting, leaders also discussed the application of international law to state behavior in cyberspace, the affirmation of norms of responsible state behavior and the development of practical confidence-building measures.

Sources who attended the discussion declined to confirm whether an action plan to create a cyber defense framework in India is in development. The only outcome of the discussion that was revealed was a plan to hold the next round of the cyber dialogue in Washington in 2017.

Next Steps?

It is beyond doubt that the India and the U.S. have a strong commitment maintaining individuals' privacy and aspire to strengthen cybersecurity.

The leaders of both nations should establish stronger laws regarding responsible state behaviour to protect data and privacy, says Chennai-based V. Rajendran, president of Cyber Society of India, Chennai Chapter.

Mali adds: "I feel the best output could be a bilateral treaty between the U.S. and India where financial targets are fixed and a data sharing pact is executed too."

India's regulators also need to collaborate on cybersecurity and work toward passage of a threat information sharing law, following the U.S. model.

A uniform cyber code of conduct also is necessary to help the public and private sectors to function under strict security controls. And creating international consensus on cybercrime prevention is critical to develop cybersecurity standards.

About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.