 "Experts call cyber security policy too vague")
In order to better arm itself in the wake of rising threat of cyber crime, the government on Tuesday announced the National Cyber Security Policy 2013. The policy, which was approved in May this year recognises the need to put in place a comprehensive action plan to address the issue from sides.
The policy has proposed to set up different bodies to deal with various levels of threat in the country along with a national nodal agency to cordinate all matters related to cyber security in the country.
While a body called the National Critical Information Infrastructure Protection Centre (NCIIPC) will act as a 24*7 centre to ward off cyber security threats in strategic areas such as aircontrol, nuclear, space etc and will be under the NTRO, the existing agency CERT will handle all public and private infrastructure. Union Minister of Communications and IT Kapil Sibal said that India is one of the few countries to have a cyber policy in place.
The policy also aims to provise fiscal benefits to businesses to adopt best security practices, create a workforce of around 5,00,000 people trained in cyber security along with periodically reviewing legal frameworks around it. Gulshan Rai, director general of CERT-IN said that the government will also set up testing labs to regularly check the safety of equipment being used.
''Putting the security framework is a complex task and we will now begin to follow it up with detailed action plans.''
However, industry representatives and experts present there said that though the policy is a good starting point, it needs to be more detailed.
''While the government has talked about various agency who will deal with cyber threats, but it has neither described their structure, nor said anything about what will happen to existing agencies. In my view, the policy is not very granular compared to what say a country like United States has in place,'' said a senior executive with a technology firm who did not wish to be identified.
The person added that the policy also does not say anything about how the government will balance the privacy needs of the citizens while ensuring the safety of the country's infrastructure.
The policy has proposed to set up different bodies to deal with various levels of threat in the country along with a national nodal agency to cordinate all matters related to cyber security in the country.
While a body called the National Critical Information Infrastructure Protection Centre (NCIIPC) will act as a 24*7 centre to ward off cyber security threats in strategic areas such as aircontrol, nuclear, space etc and will be under the NTRO, the existing agency CERT will handle all public and private infrastructure. Union Minister of Communications and IT Kapil Sibal said that India is one of the few countries to have a cyber policy in place.
Also Read
''Security of tge country's cyber infrastructure ensures its economic security as well''.
The policy also aims to provise fiscal benefits to businesses to adopt best security practices, create a workforce of around 5,00,000 people trained in cyber security along with periodically reviewing legal frameworks around it. Gulshan Rai, director general of CERT-IN said that the government will also set up testing labs to regularly check the safety of equipment being used.
''Putting the security framework is a complex task and we will now begin to follow it up with detailed action plans.''
However, industry representatives and experts present there said that though the policy is a good starting point, it needs to be more detailed.
''While the government has talked about various agency who will deal with cyber threats, but it has neither described their structure, nor said anything about what will happen to existing agencies. In my view, the policy is not very granular compared to what say a country like United States has in place,'' said a senior executive with a technology firm who did not wish to be identified.
The person added that the policy also does not say anything about how the government will balance the privacy needs of the citizens while ensuring the safety of the country's infrastructure.