Government starts rolling out new cyber security framework

The new framework envisages working with ISPs to oversee the metadata of Indian users but not mine it. The government claims it would be different from US NSA's controversial PRISM.

Published Date
13 - Jun - 2013
| Last Updated
13 - Jun - 2013
 
Government starts rolling out new cyber security framework

With cyber security becoming a major concern globally, the Indian government is now implementing a new architecture to keep the IT infrastructure secure. According to a Times of India report, the new architecture envisages an inter-linked set of bodies in departments such as NTRO, defence and home ministries. CERT will be the umbrella body that will take care of the cyber security. The inter-agency structure will be headed by a cybersecurity coordinator, whose named will be revealed by end of this month.

The framework, cleared by the Union cabinet last month, also envisages working closely with Internet Service Providers (ISPs) to monitor the metadata of Indian users. However, this would be different from US' PRISM as it will not be covert.

According to a Business Standard report, the architecture is rooted in the IT, Act 2000, particularly Sections 43, 43A, 72A and 79, which make it mandatory for the companies to adhere to data security and privacy protection guidelines. It also envisages multi-layered protection with responsibility distributed among various government bodies.

"As India becomes more networked, we will become more vulnerable to cyber attack. Today, we are protected by virtue of being under-networked. As a networked country, coordinating between multiple agencies will becomes a growing challenge," says an official who works on cyber security is quoted as saying.

Moreover, the Indian government is stressing on developing indigenous security software. However, code-writing expertise that's seen in the US and Russian cyber entities is yet to be accomplished by the Indian coders.

“...unlike China, India has lagged behind in implementing IPv6 (internet protocol) which is not only more secure but also makes it easier to "hide" certain important information through encryption that is not possible under the current IPv4 in use here. China has been in the forefront of using IPv6, precisely for this reason. Beijing has been less affected by the global surveillance by the US partly because it has already set up its own cyber structures, including its own social media, and don't western services like Twitter and Facebook,” highlights the TOI report.