Home Essay/Articles ARTICLE : Securing Cyber Space - DeitY
ARTICLE : Securing Cyber Space - DeitY
Thursday, 29 August 2013 02:58


Securing Cyber Space - DeitY

In order to deal with cyber security in an effective and holistic manner, the Department of Electronics and Information Technology has put in place a comprehensive national cyber security strategy. Accordingly, it is following an integrated approach with a series of legal, technical and administrative steps to ensure that necessary systems are in place to address the growing threat of cyber attacks in the country.  Salient features of the initiatives in this regard are as follows:

Cyber Regulation Advisory Committee reconstituted and notified under Section 88 of Information Technology (Amendment) Act, 2008. The First meeting of the Committee was held on 29th November 2012.

The National Cyber Security Policy aimed at integrating and coordinating national level actions on cyber security has been released on 02nd July 2013 for public use and implementation by all stakeholder agencies.

Indian Computer Emergency Response Team (CERT-In) is functioning on 24x7 basis as Nodal agency for coordinating all matters related to cyber security and emergency response.  Over 19944 incidents have been handled and suitable advisories & counter measures have been issued.

CERT-In has updated the Crisis Management Plan for Countering Cyber Attacks and Cyber Terrorism in the country and is working towards its implementation across Government and critical sectors in the country.  Further, CERT-In has developed specific capabilities to engage itself in effective cyber forensic as well as analysis of malicious codes. In order to support the organizations in the critical sector and Government in enhancing their ability to resist cyber attacks and improving their security posture, CERT-In has created a fresh panel of 44 IT security auditors that can provide wide range of security auditing services on commercial basis.

CERT-In is carrying out regular cyber security mock drills with critical information infrastructure organizations in the country to assess their preparedness with respect to cyber security.  These drills have helped tremendously in improving the cyber security posture of the information infrastructure and training of manpower to handle cyber incidents, besides increasing the cyber security awareness among the critical sector organizations.  The last drill was conducted in December 2012, with over 50 organisations participating in the drill.

Besides this, a joint Indo-US Cyber Security Drill was conducted by CERT-In and US-CERT in September 2012. Another Security drill with Asia Pacific CERT was also conducted on  September 2012.

CERT-In is regularly conducting one-day or two-days or three-days workshops in the specialized areas of cyber security. The objective of the workshops is to expose Cyber Information Security Officers of public and private organizations in the contemporary areas of technology, latest vulnerabilities and cyber incidents.

Department of Electronics and Information Technology is working with law enforcement agencies   to train their personnel in collection and analysis of digital evidence.  Similar trainings are also being conducted for judiciary in respect of digital evidence.

The investments are being made in Research and Development in core technology areas leading to development of products and services. The areas include cryptography, steganography, authentication, network monitoring, mobile security and forensic tools. The centre of excellence at CDAC, Thiruvananthapuram is actively working to develop advance cyber forensic tools.