India’s digital economy would grow exponentially if we are able to minimize cyber threats in the country
The global cyber security market is expected to reach approximately $190 billion by 2025 from $85 billion today and will be primarily driven by increasing digitisation wave and smartphone penetration. The cyber security market is expected to grow at a CAGR of 8.2 per cent from 2015-2025. According to NASSCOM & DSCI Cyber Security Roadmap, the Indian IT industry has charted out a vision 2025 to “Grow the Indian cyber security products and services industry to $35 billion, create one million cyber security jobs and 1,000 cyber security startups by 2025.”
India is ranked fourth in the world in terms of large scale cyber attacks in 2016 and it is all the more important to have increased cyber security professionals and cyber security startups. The evolving nature of cyber attacks pose not only to national programs such as smart cities, e-governance, digital payment and digital public identity management but also to enterprises and customers. In India, government, banks and private sector are the most favoured for cyber attacks so awareness, education, training, technology and intellectual knowledge is all needed to succeed in detecting or delaying cyber threats.
Promotion of a digital economy is an integral part of government’s strategy to weed out corruption and black money. India is now on the cusp of a massive digital revolution and a shift to digital payments has huge benefits for the common man. Already there is evidence of increased digital transactions as India’s demonetisation drive has paid a lot of emphasis on less cash economy. The volume of all digital transactions has increased by about 23 times with 63,80,000 digital transactions for a value of Rs. 2,425 crore in March 2017 as compared to 2,80,000 digital transactions worth Rs. 101 crore till November 2016. In order to achieve the target of 2,500 crore digital transactions during the current financial year, the prime minister announced about 75 townships spread all over India as ‘less-cash townships’.
Even the BCG-Google Digital Payment Report 2020 forecasts total payments conducted via digital payment instruments in India to be in the range of $500 billion by 2020, which is approximately 10x of the current levels i.e $50 billion and presently majority comes through banking transactions.
As per reports received from public sector banks, regional rural banks (RRB) and 13 private sector banks, there are 110.03 crore individual, operative savings bank accounts (including Pradhan Mantri Jan Dhan Yojana accounts) with Aadhaar number seeded in 52.95 crore accounts.
During the last two and half years, Aadhaar has helped in direct delivery of benefits to crores of people through the Direct Benefit Transfer (DBT) in schemes such as LPG subsidy under Pahal, Scholarships, MNREGA, and Pensions. In the Public Distribution System, Aadhaar is also ensuring that the food grains are received only by the genuine beneficiaries and not diverted by any middle man or unscrupulous elements.
The total savings because of plugging of leakages due to Aadhaar during the last two and half years in just a few schemes where Aadhaar has been implemented amount to more than Rs 49,000 Crore.
To make the system full proof, be it the banking system or Aadhaar system, one has to opt for cutting edge technology along with Computer Emergency Response Team so that attacks can be identified, analysed and rectified as cyber security is critical for safeguarding the integrity and stability of our financial sector.
The government is planning Computer Emergency Response Team for different sectors. A Computer Emergency Response Team for our Financial Sector (CERT-Fin) is planned to be established. The CERT-Fin will also work in close coordination with all financial sector regulators and other stakeholders to provide more stability to banking and financial sector.
Different CERTs have been formed for the power sector. Power Sector Computer Emergency Response Teams in the areas of Thermal (CERT-Thermal), Hydro (CERT-Hydro), Transmission (CERT-Trans) and Distribution (CERT-D) have been set up. CERT-Thermal has circulated sectoral Crisis Management Plan (CMP) to Thermal Utilities. CERT- Hydro has submitted Sectoral CMP for Hydro to CERT-In for review. PSLF Division of CEA has prepared Sectoral CMP for Disaster Management which includes Generation, Transmission & Distribution sectors.
All utilities of the state/UTs and Independent Power Producers (IPPs) have been asked to identify a senior executive as its chief information security officer (CISO) to lead the process of strengthening organizational systems with respect to cyber security and implement an Information Security Management System (ISMS) and prepare Crisis Management Plan (CMP) as recommended by rules framed under the Information Technology (IT) Act 2008. Even for all critical infrastructure in the country, the government should for the same approach as done by the power sector.
Coordination between government and local authorities will play an important role in making smart cities secure. The civic authorities need to be extra watchful in term of processes and new technologies to make government establishments like railway stations, banks, airports, shopping malls, residential areas, and educational institutes. The solution for smart cities is to secure data and to overcome vulnerabilities in all sophisticated devices. Not only this even a clearer, simpler and clearer data protection framework is the need of the hour.
Getting trained workforce in cyber security space is not an easy task. Government needs to increase the number of institutes which provide specialised cyber security courses with practical training. Even the government and enterprise customers should provide hackers the opportunity to hack their system. Not only this the government should also provide training to citizens on cyber awareness so that they are aware about do’s and don’ts of working in the cyber world.
The global nature of cyber threats prove a point that cyber security cannot work in isolation so there is a need for coordination and collaboration for achieving an effective and holistic approach to cyber security. The government can also focus on public private partnership where private can bring best practices whereas public sector can focus on making the police framework more robust so that India’s digital economy can flourish.