Tag Archives: Cyber Security Breach Reporting In India

Offensive And Defensive Cyber Security Capabilities Of India Must Be Established

Posted on by

Cyber security in India has always remained an ignored world whether it is Congress or BJP govt. Neither Congress nor BJP has the vision to ensure a safe and robust cyber security in India and till October 2022 the position of Indian cyber security is very bad.

In 2012, Visionary Praveen Dalal suggested many far reaching and reformative cyber security measures but both Congress and BJP failed to act upon them. One of the suggestions of Visionary Praveen Dalal in 2012 was that Offensive And Defensive Cyber Security Capabilities Of India must be developed as soon as possible. However, even in October 2022 that has remained a distant dream.

Even Cyber Warfare against India and its defenses have remained an illusive dream and till October 2022 India is a sitting duck in cyber security field. India has focused upon illegal and unconstitutional e-surveillance instead of strengthening of Rule of Law, Privacy, Civil Liberties in Cyberspace and cyber security. As a result, India is facing tremendous cyber attacks and cyber crimes in the year 2022.

In the year 2014, Visionary Praveen Dalal brought to the attention of Modi Govt the challenges of cyber security but it failed to act upon them even in October 2022. Now Indians are bearing the consequences of the same and cyber crimes, cyber frauds and digital payment related crimes have increased significantly in India. This all is well attitude of Indian govt is not good for the national interests of India and that is why we have ensured a robust and effective cyber crimes reporting system in India.

So bad is the situation that even cyber security breach reporting in India has failed to take off since 2014. Except chasing away cryptocurrencies and VPN service providers from India, this norm has not done anything. MSMEs and small companies in India openly declared that they would not comply with such rules and this forced the govt to further extend the deadline. So one can simply refuse to comply with cyber security related norms and Indian govt cannot do anything in this regard.

To develop robust Offensive and Defensive Cyber Security Capabilities of India, we need a 360 degree view of the cyber security landscape of India says Visionary Praveen Dalal. But what we have is lack of political will, unwillingness of stakeholders to ensure cyber security and lack of cyber law and cyber security skills in India. We at Perry4Law Organisation (P4LO) and PTLB have been working on all these aspects and techno legal online skills development from K12 to lifelong learning stages in one of our priority areas.

For instance, Streami Virtual School is the only school of the world that is teaching cyber law and cyber security to school students. Streami Virtual School is the first virtual school of India and first techno legal virtual school of the world. This is the approach that we need for India but political parties like Congress, BJP, AAP, etc are engaging in rhetoric and drama instead of actually working upon reforming education and ensuring skills development of Indians.

Till we have a capable govt and capable and skilled workforce, ensuring offensive and defensive cyber security capabilities of India is not possible. We at P4LO and PTLB have done our part and now those stakeholders who believe in same cause must do their part.

Modi Government Failed To Address Cyber Security Challenges Despite A Warning In 2014 By Visionary Praveen Dalal

Posted on by

This article was written by Visionary Praveen Dalal in 2014 making PM Modi aware of the dire need to ensure robust and resilient cyber law, cyber security and national security of India. But till September 2022 nothing has been done by Modi govt in this regard. This article has been reposted here with permission so that students of Streami Virtual School can understand and learn about Indian cyber law and cyber security conditions.

As Mr. Narendra Modi is all set to swear to the post of Prime Minister of India he has to face unlimited challenges that have accumulated over a period of time. Thanks to our bureaucratic set up and all pervasive corruption, public reforms have always been kept at bay. There was no dearth of money and skilled people to accomplish the projected targets but still a dominant majority of projects in the last decade have failed to materialise.

Now that Mr. Modi has asked for a brief but accurate report and analysis of the situation, our bureaucrats are sweating and are in high stress. Even if they may somehow justify their non action and national reforms massacre still they would not be in a position to accomplish the mammoth tasks that have yet to be achieved. Decades of corrupt practices, incompetencies and indifference cannot be defeated in few years especially by retaining the same bureaucratic and ministerial structure.

Although there are hundreds of issues of national importance yet I would like to confine myself to a single issue that is closely and intrinsically related to our national security. The issue that I am talking about is the cyber security of India that is in a really bad shape. For decades our bureaucrats and Indian government did not consider cyber security as an essential part of national security policy of India. As a result cyber security has been grossly neglected and this has created a situation of high alert.

Even on the legislation front, India has failed to do the needful. For instance, we need to repeal the laws like Information Technology Act, 2000 (IT Act 2000), Indian Telegraph Act, 1885, etc but for some strange reasons our bureaucrats and Indian government kept them intact. I have been suggesting this recourse for the past five years but till now nothing concrete has happened in this regard. Similarly, crucial laws are absent from Indian statute books. These include law regarding privacy, data protection, telecom security, encryption, cloud computing, etc.

Mr. Modi would be required to not only overhaul his cabinet structure but also cleanse the bureaucratic circles that have been plaguing Indian reforms. Bureaucrats and politicians with clean image, hard working reputation and reforms oriented approach must alone be part and parcel of the Prime Minister’s Office (PMO) that may emerge as a “centralised national reforms point” of India. The approach regarding the proposed PMO is much required as that may be a game changer for India.

The previous PMO of India has already sanctioned a plan to spend 1,000 crore over the next four years to strengthen the cyber security capabilities of India. All Mr. Modi has to do is to make it sure that this may not be another proposal with no actual implementation. It must also be ensured that the allocated money is not only utilised but corrupt practices must also not take place while executing the cyber security project.

Obviously India needs to establish both offensive and defensive cyber security capabilities. This is important to protect the critical infrastructures of India that are dependent upon information technology. A cyber warfare policy of India must also be formulated as Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, etc are far beyond the reach of present cyber security mechanisms. These Malware are stealth in nature and till the time they are discovered the damage is already done.

Skilled workforce is also need of the hour and for this purpose cyber security courses must be introduced at the university level. Online education must be encouraged so that online cyber security courses can be imparted in India.

In short, the cyber security challenges before the Modi Government are institutional, skills driven, time sensitive and urgent in nature. We have already delayed strengthening of our cyber security capabilities and any further delay should not be tolerated by him.

Cyber Security Challenges For The Modi Government As Suggested By Visionary Praveen Dalal In 2014

Posted on by

In May 2014, Praveen Dalal, CEO of Perry4Law Organisation (P4LO), PTLB and PTLITC, warned about poor cyber law and cyber security conditions in India. But till September 2022 nothing has been done by Modi govt in this regard, except empty promises.

Cyber security in India is in a poor condition even in September 2022.  Cyber security of banks in India is also required to be strengthened. The banks operating in India are not at all serious about maintaining cyber security of banking related transactions and this is resulting in many cyber and financial crimes in India. In the absence of appropriate skills development and modernisation of law enforcement agencies of India, police force are finding it really difficult to solve technology related crimes. Further, cyber security of sensitive databases would also require strong privacy protection and cyber security compliance.

Another problematic area is absence of an implementable telecom security policy of India. Most of the policies and regulations in this regard are clearly unconstitutional in nature as they are neither balanced nor in compliance with the constitutional requirements. Experts believe that the stand of Modi government regarding e-surveillance projects like Central Monitoring System (CMS) Project of India and Internet Spy System Network and Traffic Analysis System (NETRA) of India must be made clear. Otherwise, this would create troubles for the government as well as for the telecom security policy in the near future.

In 2014, Visionary Praveen Dalal recommended:

“The cyber security challenges for the Modi government must be given due importance. Cyber security should be an essential component of the national security policy of India. The cyber security trends in India, as provided by Perry4Law Organisation (P4LO) from time to time, have highlighted major shortcomings of Indian cyber security initiatives and the same must be addressed by Modi government as soon as possible. Although National Cyber Security Policy (NSCP) 2013 has been declared yet it needs both updation and implementation.”

“We need dedicated cyber security laws in India and effective cyber security policies. For instance, we have no cyber warfare policy of India and this is a major lacuna in the contemporary times. Similarly, critical infrastructure protection in India is also not up to the mark and it needs to be strengthened. Let us hope that the Modi government would do needful in this regard.”

However, nothing happened since 2014 as political aspirations are more important for Modi govt than national security and national cyber security.

But we at P4LO, PTLB and PTLITC have continued to spread awareness and created dedicated techno legal online portals so that techno legal skills in fields like cyber law, cyber security, cyber forensics, etc can be developed in India. Streami Virtual School is the first virtual school of India and first techno legal virtual school of the world. It is already developing skills of cyber law and cyber security of K12 segment. PTLB and PTLITC are managing cyber law and cyber security skills development initiatives of P4LO from K12 to lifelong learning stages.

Let us hope that Modi govt would wake up now to the dangers of technology usage and do the needful as soon as possible.

Cyber Warfare Against India And Its Defenses As Suggested By Visionary Praveen Dalal In 2012

Posted on by

It was the year 2011 when Visionary Praveen Dalal provided his recommendations to Congress govt regarding cyber warfare policy and development of offensive and defensive cyber warfare capabilities by India. However, both Congress and BJP have failed to act upon cyber security of India till October 2022.

Cyber Warfare is a concept that is well known at both national and international levels. In one form or other and in lesser degree or more, Cyber Warfare has been accepted as a reality in the present Cyber World. However, Cyber Warfare concept still haunts the international community and till now we have no dedicated Legal Framework for Cyber Warfare at international level.

Till Harmonised Cyber Warfare Legal Framework emerges, piecemeal efforts would try to fill the void in this regard. Not very late NATO requested Cyber Security cooperation form India. We should not wait for others to develop our own Cyber Warfare Capabilities in India. In fact, Cyber Warfare Policy of India must be urgently formulated and immediately implemented. The same must be part and parcel of India’s National Cyber Security Policy.

Cyber Security in India needs to be strengthened keeping in mind the growing cases of Cyber Attacks and Cyber Espionage attacks against India. Even Cyber Warfare against India is well known and is not new. Ensuring 100% cyber security is next to impossible. However, we can minimise Cyber Attacks. India has remained indifferent towards Cyber Security for long. This resulted in poor Cyber Security Capabilities and Expertise. It is only now that India has paid attention to this crucial field and it is still not too late.

India should definitely step up/accelerate its efforts to strengthen Cyber Security along with Traditional National Security Capabilities. Internet and Hidden Internet has opened new frontiers and unforeseen challenges before India. Internet is increasingly been used to not only propagate Terrorism propaganda but also to recruit new Terrorists.

To tackle Terrorists’ use of Internet, International Cooperation amongst Governments, Organisations, Internet companies and telcos could be helpful. For the time being, Cyber Criminals/Terrorists are one step ahead of various Governments and International Cooperation activities.

New technologies have also caused problems for India. For instance, Voice-over-Internet Protocol (VOIP) is one of the technical challenges that Law Enforcement and Intelligence Agencies across the world are finding difficult to tackle. However, of late strong Encryption usage has emerged as more troublesome that VOIP. Further, VOIP can be intercepted in certain circumstances.

Developing of Cyber Security Capabilities and Expertise is immediately required in India. There is also an urgent need to develop both Preventive and Offensive Cyber Security Capabilities of India. The sooner it is done the better it would be for the National Security of India.

Cyber Security Breach Disclosure Norms Are Still Not Implemented In India Since 2014

Posted on by

Cyber security lapses and lack of cyber security expertise in India are exposed on daily basis in India since 2014. However, even in September 2022, cyber security is in a real bad condition. We have lack of dedicated and effective laws on cyber law, cyber security, etc on the one hand and unconstitutional and privacy violating activities of Indian govt on the other.

If this critical condition is not enough, the all is well attitude of Indian govt and Indian stakeholders completes the cycle. It does not matter at all in India if stakeholders do not follow the cyber security rules under the Information Technology Act, 2000. This all is well attitude fills in the cyber security skills and expertise gap in India.

This nexus between Indian govt and other Indian stakeholders is so strong that even if an individual reports any privacy violation, data breach, cyber attack or any cyber security vulnerability, neither CERT-In nor Indian govt takes any action.

Public spirited individuals and cyber security experts are discouraged from reporting cyber security breach incidences as that serves well and protects the status quo of insecure Indian cyberspace. The Digital India project itself suffers from lack of regulatory framework and procedural safeguards.

Visionary Praveen Dalal cautioned successive Indian govts since 2010 about unconstitutional Aadhaar, privacy violating activities, poor cyber law and missing cyber security law, pathetic cyber security of India, e-surveillance and many more issues. Neither Congress nor BJP did anything in this regard till September 2022.

But Perry4Law Organisation (P4LO) and PTLB have launched many good and effective techno legal projects to strengthen Indian cyberspace. These projects ensure privacy protection, data protection, data security, cyber security, civil liberties protection in cyberspace, management of conflict of laws in cyberspace, etc.

P4LO and PTLB also launched world renowned projects for online dispute resolution (ODR), e-courts, TeleLaw, etc to ensure digital empowerment of Indians and global stakeholders. ODR Portal of India has been helping global stakeholders in managing their techno legal regulatory and compliance requirements.

Stakeholders who are actually interested in managing regulatory and compliance in fields like cyber law, cyber security, privacy protection, data protection, internet intermediary compliance, social media compliance, cyber security breach disclosures, etc can contact ODR India Portal to handle the same on their behalf.