What constitutes National Security? There are no simple and straight forward answers to this complex question. We cannot say that National Security is an “Internal Security” aspect. Further, we also cannot claim that National Security is a protection mechanism against “External Aggressions”. Even “Border and Territorial Protection” by Armed Forces is also not National Security. The reason is because National Security is not an isolated concept but a “Homogeneous Mixture” of various aspects of Security.
In my personal opinion, a simple definition of National Security can be “The Protection of Economical, Political, Social, Territorial, Sovereign and Technological Interests of a Nation from Internal and External Aggression and Threats emanating from State and Non State Actors in both Physical Territories and Cyberspace”. We have already covers territories belonging to Land, Air, Sea and Outer Space in this regard. And to some extent we have also covered Cyberspace as well. However, there is no International Treaty or Convention that Covers the National Security aspects in “Totality and in Comprehensive Manner”.
India has recently decided to formulate a comprehensive National Security Policy. However, by past experience it would not be wrong to presume that such Policy would not be formulated for at least few more years. Further, its “Actual Implementation” may be delayed for even Five years. But the most important aspect of the proposed National Security Policy is that it must be “Comprehensive and Holistic” in nature.
Thus, the National Security Policy of India needs Techno Legal Boost. Any suitable and effective National Security must cover “Technology Issues” as well. For instance, Cyber Security and Telecom Security must be essential part of any National Security Policy. The Cyber Security Trends of India 2013 (PDF) have proved that these aspects have not been taken care of by Indian Government so far. It is only now that the National Security Council (NSC) has proposed some Cyber Security Measures for India. However, these measures are not going to make much difference in the otherwise ailing Cyber Security of India.
The Critical Infrastructure Protection in India (PDF) has to be further strengthened. Recently it was decided that NTRO would protect the Critical ICT Infrastructures of India. The National Infrastructure Protection Plan for Thermal Power Sector of India has already been proposed and this is a good step. A Tri Service Cyber Command for Armed Forces of India is also in pipeline. The Cyber Attacks Crisis Management Plan of India must also be implemented as soon as possible. Further, the National Cyber Coordination Centre (NCCC) of India must be “Made Functional” as soon as possible.
A Techno Legal Cyber Security Law of India must also be formulated as soon as possible. Such Law must ensure Cyber Security Breach Disclosures on the part of various Telecom and other Companies and Individuals. Just like past promises, the commitment to formulate a legislation mandating strict Cyber Security Disclosure Norms in India has been kept in deep freezer. There is an urgent need to ensure Mandatory Cyber Security Breaches Notification in India as non disclosures would result in Serious Cyber Security Issues for India. “Soft Requests” and “Self Regulations” for Cyber Security Breach Disclosures would not be helpful in the long run.
Target Corporation is already Facing Numerous Litigations for failure to take proper Cyber Due Diligence once it was aware of the Data and Cyber Security Breach. There are clear hints that Cyber Litigations against Foreign Websites would Increase in India in the near future and Cyber Due Diligence cannot be ignored by Indian Companies anymore.
Recently the Telecom Department’s Security Chief Ram Narain said that Telecom Companies are mandated by License Conditions (PDF) to share information on “Potential Cyber Threats”. Besides, the National Telecom Security Policy of India may impose more “Stringent Obligations” than the Licence Conditions. As the Foreign Telecom Companies are facing the heat of Cyber Security and Telecom Security in India, this is a good opportunity for Indian Telecom Companies to extend their commercial base in India. India has been planning to undergo Technological Upgrade of Border Broadcast Infrastructure due to Chinese broadcasts. The Telecom Commission Cellular Loop’s Proposal would also strengthen Mobile Based Surveillance on National Security Grounds in India.
It would not be an easy task to formulate Techno Legal National Security Policy of India. Even if the same is formulated, its actual implementation would be a herculean task for Indian Government. Nevertheless, it is a good step on the part of Indian Government to work on such Policy and take adequate and necessary action in this regard.