NEW DELHI: The government of India should sharply increase spending on cyber security to a level that matches the changing threat landscape, noted a paper jointly conducted by ASSOCHAM-PwC.
“The government should allocate adequate budget for cyber security related initiatives such as capacity building, training of the workforce, implementing awareness programmes, and promoting research and development,” according to paper titled ‘Recommendations – Cyber & network security,’ jointly conducted by ASSOCHAM and consulting firm PricewaterhouseCoopers (PwC).
It also suggested the industry to make budgets to expand efforts to attract and retain qualified cyber professionals.
“It is important to take proactive measures rather than reactive methods as building safe environments will always be the best line of defence against rising cybercrime,” suggested the paper.
It said that government should look at developing comprehensive and mature security policies to ensure that emerging technologies such as cloud and Smart Cities are protected from cyber threats and risks, and help create a dynamic digital economy.
The paper suggested that ‘safety first through security by design,’ should be the motto. “Security by design ensures reduction in overall cost to the business and increases the efficiency of the system by making it robust and secure.”
It recommended that government, regulators and enterprises must ensure security by design in their strategies and implementation.
“The government and regulators should develop comprehensive cyber security policies and frameworks from the perspective of incentives, tax breaks and technological development,” said the ASSOCHAM-PwC paper.
“The policies should be such that they encourage private sector participation in public sector research and promote the commercialisation of research and development and intellectual property,” it added.
The paper suggested that in order to promote global cyber security co-operation, India should ensure active collaboration with other countries and global cyber security agencies through international treaties, bilateral agreements and Memorandum of Understandings (MoUs) in order to understand the latest threats and take proactive security measures.
“A framework needs to be established to effectively curb cyber incidents and reduce response time by promoting seamless sharing of information between state intelligence agencies, central intelligence agency, and various departments,” said the paper.
“It is important that the government, industry and security vendors come together on a common platform to formulate and implement policies and procedures for cyber security as cyber threats are among the most urgent dangers to India’s economic and national security,” further said the ASSOCHAM-PwC paper.
It also suggested that government, and specifically regulators, should look at developing sector-specific policies and frameworks tailored to meet requirements of a particular sector in order to strengthen cyber security in that domain and ensure compliance with defined security standards.
The paper highlighted the need for law enforcement agencies and their personnel to be trained in requisite cyber skills to ensure that digital evidence is secured efficiently and properly used in criminal proceedings.
“Cyber security related training must be imparted to the police, judges and lawmakers so that they are capable of taking cyber-safe decisions,” said the paper suggesting various ways to address the growing risk posed by criminals and nation states in the digital world.
The ASSOCHAM-PwC paper further said that building an industry-ready workforce to ensure cyber security at workplaces together with conducting relevant awareness programs targeting people across all sections of society would go a long way in promoting India as a hub for cyber security.