LUCKNOW: The Covid-19 pandemic has made everyone vulnerable and confined to their individual spaces with everything from education to business going online. A secure computing environment and adequate trust in electronic transactions, software, IT services, devices, and networks have become a part of every state’s top priorities.
The essence of secure cyberspace is the protection of information infrastructure as well as the preservation of the confidentiality, integrity, and availability of information in cyberspace.
To address these issues, the state of Uttar Pradesh has taken the initiative and begun the process of developing its State Cyber Security Policy. An eight-member committee has been formed to draft the policy. The committee is headed by the Additional Chief Secretary, Ministry of IT & Electronics of Uttar Pradesh.
Other members include Prof. Manindra Agrawal and Prof. Sandeep Shukla of C3I Hub, IIT Kanpur, Triveni Singh, Superintendent of Police, Cyber Crime, Vinay Gangwar, Head SEMT, Lucknow, RH Khan State Informatics Officer, Uttar Pradesh, Amit Dubey, Cyber Expert, and Kumar Vineet, Special Secretary, Ministry of IT & Electronics.
The committee members have to send their recommendations in two months and it is expected that by the end of this year the policy will be ready.
WHY IS THE POLICY NEEDED:
The world has gone digital. From education to business everyone is relying heavily on digital infrastructure, online payment and critical infrastructure. With increasing dependency on digital usage, it becomes increasingly important to secure an online ecosystem.
Identity theft, phishing, social engineering, hactivism, cyber terrorism, compound threats targeting smart phones, advanced persistent threats, denial of service, botnets, supply chain attacks, data leakage are some examples of cyber threats to individuals, businesses, and governments.
Due to the dynamic nature of cyberspace, there is now a need for these actions to be unified under a State Cyber Security Policy, with an integrated vision and a set of sustained and coordinated strategies for implementation.
WHAT WILL STATE CYBER POLICY DO:
This policy’s mission will be to reduce vulnerability and minimise the damage that can be done in cyberspace. The policy’s primary goal will be to raise public awareness about cyber security. This policy will also consider the conduct and facilitation of regular cyber security drills, the protection of information and infrastructure in cyberspace, and the prevention and response to cyber threats.
One of the policy’s primary goals is to create a safe and secure cyber ecosystem. Its goal is also to improve the effectiveness of state law enforcement agencies in the prevention, investigation, and prosecution of cybercrime.
As several Central and state agencies are working in securing cyberspace, the cyber policy will serve as an umbrella framework for defining and guiding the actions related to the security of cyberspace.
It will also outline some pointers to enable the collaborative working of all key players in public and private to safeguard information and information systems. This policy, therefore, aims to create a cyber security framework, which leads to specific actions and programmes to enhance the security posture of cyberspace.
It also enables the individual sectors and organizations in designing appropriate cyber security policies to suit their needs.
SOME KEY HIGHLIGHTS:
- To build secure and resilient cyberspace for citizens, businesses and Government.
- To create a secure cyber ecosystem, generate adequate trust and confidence in IT systems and transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy.
- To promote the adoption of global best practices in information security and compliance and thereby enhance cyber security posture.
- To develop a dynamic legal framework and its periodic review to address the cyber security challenges arising out of technological developments in cyber space.
- Creating mechanisms for security threat early warning, vulnerability management and response to security threats.
- Protection and resilience of Critical Information Infrastructure.
- Promotion of Research and Development in cyber security.
- To create awareness about cyber security in the masses.
“Every state should take this initiative to form a statewide strategy and policy in cyber security as it is becoming extremely dangerous these days due to increasing activities by cyber criminal gangs, nation state attackers, and also insider attackers,” said Prof. Sandeep Shukla of C3I Hub, IIT Kanpur.
“India being a federal democracy, even if there is a central strategy and policy, states are in charge of law enforcement and each state should have their cyber laws and cyber strategies to deal with the threats arising in the states,” Prof. Sandeep Shukla added.
With Inputs From Shambhavi Singh