The national cyber security policy of India is long overdue. Although the cyber security policy of India has been approved by the Cabinet Committee on Security (CCS) yet its actual implementation is yet to be seen.
India has been facing sophisticated cyber attacks and an effective cyber security policy with robust cyber security law is urgently needed. Presently India lacks on both the counts.
But that may not be the situation any more. Indian government is about to announce the National Cyber Security Policy this week. The policy would ensure intervallic review of legislations to meet the challenges from technology upgradation, a think-tank for cyber security policy inputs, greater private participation and international co-operation in the area of cyber security.
The policy also intends to develop bilateral and multi-lateral ties to enhance global cooperation among security agencies, law enforcement agencies and judicial system. Under the policy a National Critical Information Infrastructure Protection Centre will work around-the-clock to protect critical infrastructure, and designate a national nodal agency to coordinate all matters related to cyber security.
The policy aims at creating a capable cyber security work force of five lakh professionals and build cyber security training infrastructure across the country through public-private participation.
The policy is also encouraging both private and public organisations to designate a member of senior management as chief information security officer responsible for cyber security efforts and initiatives. The Reserve Bank of India (RBI) has already made mandatory to appoint a chief information officer (CIO) by all banks of India.