Critical communications: Securing India’s digital infrastructure

As India accelerates its digital transformation, the resilience and security of its critical communication networks are emerging as a national priority. These issues took centre stage during a panel discussion on Critical Communication and Secure Digital Infrastructure, where defence experts, telecom operators, technologists and policymakers examined how India can build a mission-critical communications framework capable of supporting public protection, disaster relief and secure government operations.

The discussion brought together Col (Rtd) Dr Sidharth Shukla, Dharmendra Khajuria, Col (Rtd) Shantanu Das, Sunil David, and Prashant Chugh. The panellists explored the risks of fragmented networks, the debate between dedicated and shared infrastructure, and the growing need for zero-trust and post-quantum security frameworks.

Fragmentation and the first critical minutes

Opening the discussion, Col (Rtd) Dr Sidharth Shukla highlighted interoperability as a major vulnerability in India’s existing communication landscape. He pointed out that multiple agencies operate networks built with different architectures, naming conventions and security mechanisms. “When it comes to fragmented communication systems, there are definitely blind spots in such kind of a network,” he said, warning that individual security setups often do not talk to each other.

This fragmentation becomes particularly dangerous during the first critical minutes of an incident, when coordination across agencies is essential. Shukla argued that unless interoperability is built into the architecture from the beginning, even well-intentioned security mechanisms can fail. He suggested that for public protection and disaster relief, a dedicated network built with zero-trust principles from day one could address these gaps. Such a network, he said, could combine dedicated spectrum with satellite and fibre overlays to ensure resilience.

Operator perspective: Preparedness and practical constraints

From an operator’s standpoint, Dharmendra Khajuria provided context on how public protection and disaster relief, or PPDR, networks have evolved globally. He noted that developed countries such as the US and the UK moved towards dedicated or federated mission-critical networks following major incidents that exposed coordination failures. However, he cautioned against directly replicating international models in India.

“What works there may not necessarily work here,” Khajuria said, emphasising India’s scale, cost sensitivities and diversity. He explained that Indian operators already support intra-circle roaming, enabling network access when one operator’s infrastructure fails during a disaster. While this provides a degree of resilience, Khajuria acknowledged that the current model does not fully address vulnerabilities in mission-critical scenarios.

He added that future architectures must balance preparedness with practicality, especially when leveraging existing commercial networks. “The question is whether to go for a separate network for PPDR or use the existing network with the existing spectrum and manage the traffic according to the requirements,” he said.

Dedicated network or shared infrastructure?

This debate was taken further by Col (Rtd) Shantanu Das, who examined the policy and regulatory implications of both approaches. Drawing on his experience, Das argued that India should avoid copying any single global model. “We should not copy any model from across the world,” he said, adding that India’s size and operational complexity demand a customised approach.

Das noted that defence forces already operate parallel, secure communication networks that function reliably during crises. “Nobody thinks about communication when the army is thrown into relief operations,” he observed, attributing this confidence to dedicated, segregated infrastructure. Based on this, he expressed support for allocating a separate spectrum band for PPDR, provided it aligns with the existing device ecosystem.

At the same time, Das acknowledged the realities of commercial networks, suggesting that dedicated slices within existing 4G and 5G networks could meet many PPDR requirements without building an entirely separate core. “We do not really need a dedicated core only for passing a file,” he said, arguing that priority mechanisms and reserved capacity could be sufficient if properly governed.

Priority, pre-emption and network governance

Sunil David brought a technology and governance lens to the discussion, focusing on how priority and preemption should function in crisis situations. He cautioned against viewing pre-emption purely as a technical feature. “Pre-emption should be at a policy level,” he said, while operationally, roles and identities must be clearly defined to ensure that first responders receive priority without destabilising commercial networks.

David highlighted challenges around identity management, noting that devices and users frequently change. Without a robust identity framework, enforcing priority access becomes difficult. While technologies such as network slicing can help, he warned that overriding commercial traffic must not degrade overall network performance. “That is the challenge for us,” he said, calling for government support and clear financial and policy frameworks.

He also stressed the importance of clarity at the policy level. According to David, before networks are built or adapted, the government must decide whether segregation, dedicated spectrum and priority mechanisms are required, and how they will be funded and governed.

Security, zero trust and lawful interception

As the discussion turned to security, the panellists addressed the tension between zero-trust architectures and lawful interception requirements. It was noted that critical networks are increasingly attractive targets for adversaries, making traditional perimeter-based security insufficient. Zero trust, where no entity is trusted by default, is becoming essential.

However, this raises regulatory and operational challenges. Government agencies require lawful interception capabilities, while strong encryption limits visibility. The panellists acknowledged that India’s regulatory frameworks have historically leaned towards security, particularly in sectors such as telecom and finance. Continuous monitoring, they noted, has already become commonplace in digital payment systems.

At the same time, concerns were raised about excessive data retention and compliance models driven by checklists rather than risk assessment. The consensus was that regulation must become more risk-oriented and practical, balancing strong encryption with legitimate security and investigative needs.

Post-Quantum readiness and indigenous capability

Prashant Chugh provided insight into India’s preparedness for post-quantum threats. He explained that advances in quantum computing pose a real risk to existing public-key cryptography, potentially rendering current systems vulnerable. “The real threat of quantum computing advancements is to public-private key cryptography,” he said.

Chugh outlined India’s work under the National Quantum Mission, noting that quantum communication hubs have been established and that indigenous capabilities are being developed in both post-quantum cryptography and quantum key distribution. According to him, products using these technologies are already available, and hybrid models combining both approaches can offer enhanced security.

He clarified that while symmetric encryption such as AES, can continue to be used, public-key algorithms must migrate to new standards. “We are ready to migrate,” Chugh said, adding that guidelines and sunset timelines for classical cryptography are expected, in line with global trends.

The way forward: accountability and architecture

As the session drew to a close, the discussion returned to governance and accountability. The panellists agreed that India needs a central authority responsible for defining standards, ensuring interoperability and overseeing procurement for mission-critical communications. Without such coordination, fragmented efforts risk undermining security and effectiveness.

The consensus was that secure critical communication networks must be designed with zero trust and quantum safety from the outset, rather than retrofitted later. Whether through dedicated spectrum, shared infrastructure or hybrid models, the architecture must reflect India’s unique scale and operational realities.

The panel concluded that while technology readiness is advancing rapidly, policy clarity, governance and coordinated execution will ultimately determine how quickly India can deploy a resilient, secure and future-proof critical communications framework.