INDIA’S NATIONAL CYBER SECURITY POLICY: GAPS AND THE WAY FORWARD

Ever since the events of document leaks by NSA’s whistleblower Edward Snowden, countries around the world have become conscious about their cybersecurity measures. The leaked reports worked as a wake-up call for India. India was the top most priority target by the American spy agency NSA. It was the time when India realized the great need for a Cyber Policy. In the year 2013, the Ministry of Electronics and Information Technology (MeitY) drafted India’s first National Cyber Security Policy (NCSP). The policy is framed with a coherent vision and a dynamic set of stratagems for execution. It is aimed at building secure and resilient cyberspace for its citizens, businesses, and government. It is considered to be a dynamic step in building the foundation of the new India. The newly formulated policy is a holistic approach towards securing Indian Cyberspace. But over the years, it does not seem to be effective enough to safeguard the Indian Cyberspace. The implementation of the policy is poorly executed. Since the time, the policy was made public. It had been in the limelight for criticism by various scholars and organizations. As complex it defines cyberspace, it stands out to be of a similar nature.

This monograph is aimed at understanding the NCSP and its implications. It identifies various shortcomings of the policy. It also analyses data related to cybersecurity incidents in India gathered from CERT-In Annual reports for the period of 11 years (2006-17). After the brief analysis of policy and data, the study makes some valuable inputs in the form of recommendations for the revision of NCSP and strive towards building secure cyberspace.