Cyber attacks are cheaper, more convenient, and less risky than physical attacks. They are unconstrained by geography and distance, they are not physically dangerous for the attacker, and it is more difficult to identify and prosecute the culprits of a cyber attack. They are easy to replicate.
Cyber Security is the branch of security dealing with digital or information technology. Cyber Security is an essential component in the protection of any nation.
What is Cyber Security?
Cyber Security, also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.
Why Cyber Security is important?
Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.
There can be four major areas while dealing with cyber security issues:
- Deterrence – Focus on the use of multilateral cyber-crime legislation: Multilateral initiatives to deter the malicious use of cyberspace.
- Prevention – Design and use of more secure systems, better security management and the promotion of more security mechanisms.
- Detection – Cooperative policing mechanisms and early warning of attacks.
- Reaction – or the design of stronger information infrastructures, crisis management programs, and policing and justice efforts.
Government of India Initiatives on Cyber Security
In line with the recommendations of the Inter Departmental Information Security Task Force (ISTF), the following major initiatives have been taken by the Government:
- Computer Emergency Response Team (CERT-In) to respond to cyber attacks.
- Public Key Infrastructure (PKI) to support implementation of IT Act and promote use of Digital Signatures.
- R & D via the support to premier Academic and Public Sector Institutions.
- Mandatory complice with ISO 27001
- National Cyber Security Policy 2013
- Empanelment of Security Auditors.
- Nationwide Information Security Education and Awareness Programs.
National Cyber Security Policy, 2013
- It ropes in the private sector and envisages an investment of $1 billion from it. Their help will be sought in research and training of manpower.
- It will also lay grounds for international cooperation with countries such as the US and Israel.
- It clarifies the role of various government agencies engaged in cyber security. CERT-In will function as an umbrella organization.
- The policy proposes an agency and a contingency plan to handle cyber attacks on vital installations and critical infrastructure.
- It provides for government monitoring of internet communications.
- It calls to promote awareness, information sharing and capacity building.
- Cyber security policy 2013 sets up National Critical Information Infrastructure Protection Agency.