National Cyber Security Strategy 2021 and Digital Transformation Odyssey: The Digital Realm in India

Harshaa Kawatra

Abstract

The article explores the interconnected landscape of the National Cyber Security Strategy and the Digital India initiative in India. It delves into how these two significant endeavors are shaping the nation’s digital trajectory. The National Cyber Security Strategy is depicted as a comprehensive defence against escalating cyber threats, while Digital India is portrayed as an ambitious push towards digital empowerment and societal advancement.

The article analyses the components, goals, and implications of both strategies. It highlights how the National Cyber Security Strategy’s cybersecurity policies align with the security needs arising from Digital India’s digitization initiatives. The article emphasizes the importance of collaboration, capacity building, and data privacy in this digital journey. By fostering a secure digital environment and promoting cyber resilience, the combined efforts of these initiatives pave the way for India’s digital transformation while safeguarding its interests.

Introduction 

In an increasingly interconnected world, where digital technologies have woven themselves into the fabric of our daily lives, the concepts of cybersecurity and digital transformation have emerged as critical pillars shaping the trajectory of nations. In India, two significant initiatives, the National Cyber Security Strategy and Digital India, stand as beacons of progress in the realms of technological resilience and societal advancement. Analyzing the National Cybersecurity Strategy and the Digital India initiative requires an understanding of their goals, components, and potential impacts. 

National Cybersecurity Strategy 2021

National cybersecurity strategy 2021 is a comprehensive plan that outlines a country’s approach to securing its digital infrastructure, data, and systems from cyber threats. Such a strategy typically includes the following components:

1. Goals and Objectives: The strategy usually defines clear goals and objectives, such as protecting critical infrastructure, enhancing incident response capabilities, promoting cybersecurity awareness, and fostering public-private collaboration.
2. Legal and Regulatory Framework: An effective strategy incorporates relevant laws and regulations that govern cybersecurity, ensuring that there are clear guidelines for cyber activities and consequences for cybercriminals.
3. Collaboration and Partnerships: Successful cybersecurity strategies emphasize collaboration between government agencies, private sector entities, academia, and international partners. Cyber threats are often transnational, making international cooperation crucial.

Source: National Cyber Security Strategy

The state of Indian Cybersecurity has been drawn out starting from 2016 to the period of 2020. However, there has been an increase in Number Of Cyber Attacks. According to data, American cybersecurity firm Palo Alto Networks’ 2021 report, Maharashtra was the most targeted state in India, facing 42% of all ransomware attacks. The Cyber Warfare Offensives have also been on an increase. Considering an increased digital usage Post-Covid, there have been more scams occurring.

Main Components of the National Cyber Security Strategy

1. Large Scale Digitization of Public Services: Focus was on security in the early stages of design in all digitization initiatives..
2. Supply Chain Security: Monitoring and mapping of the supply chain of the Integrated Circuits (ICT)and electronics products was taken care of..
3. Critical Information Infrastructure Protection: Integrating Supervisory Control And Data Acquisition (SCADA) security was done.
4. Digital Payments: Mapping and modelling of devices and platforms deployed, supply chain, transacting entities, payment flows, interfaces and data exchange was considered.
5. State-Level Cyber Security: Developing state-level cybersecurity policies,
   1. Allocation of dedicated funds,
   2. Critical scrutiny of digitization plans,
   3. Guidelines for security architecture, operations, and governance.
6. Security of Small And Medium Businesses: Policy intervention in cybersecurity granting incentives for a higher level of cybersecurity preparedness was looked into.

Digital India

Digital India is an ambitious initiative by the Government of India aimed at transforming the country into a digitally empowered society and knowledge economy. It encompasses various projects and programs, focusing on different aspects of digitization and technology adoption:

1. Infrastructure Development: Digital India focuses on improving digital infrastructure, including broadband connectivity, digital identity (Aadhaar), and mobile connectivity in rural areas.
2. E-Governance: The initiative aims to provide government services electronically to citizens (e-governance), making public services more accessible, efficient, and transparent.
3. Digital Literacy: To bridge the digital divide, Digital India emphasizes digital literacy programs to empower citizens with basic digital skills.
4. Digital Services: The initiative promotes the use of digital platforms for various services like healthcare, education, financial inclusion, and more, making these services more efficient and accessible.

Cybersecurity Implications

While Digital India brings several benefits, it also poses cybersecurity challenges:

1. Increased Attack Surface: As more services and infrastructure go digital, the attack surface for cybercriminals widens, demanding robust cybersecurity measures.
2. Data Privacy Concerns: With increased digital interactions, the collection and storage of personal data raise concerns about data privacy and protection.
3. Cyber Threats: As digital adoption increases, the country becomes more susceptible to cyber threats like cyberattacks, data breaches, and ransomware incidents.
4. Capacity Building: As more services are moving online, the need for a skilled cybersecurity workforce becomes critical to safeguard digital assets.

In analyzing these initiatives, it’s important to consider their alignment, potential conflicts, and their overall impact on the country’s digital resilience, economic growth, and societal well-being. Collaboration between policymakers, cybersecurity experts, technology stakeholders, and civil society is key to ensuring that the benefits of digitization are maximized while minimizing its risks.

The progress can be seen as of 31 December 2018, India had a population of 130 crore people (1.3 billion), 130 crore (1.3 billion) Aadhaar digital biometric identity cards, 150 crore (1.5 billion) mobile phones, 100.6 crore (446 million) smartphones, 130 crore (1.3 billion) internet users up from 481 million people (80% of the country’s total population) in December 2017, and 71 per cent growth in e-commerce.

The Link between the two initiatives

The connection between Digital India and the National Cybersecurity Strategy lies in their shared goal of fostering a secure and resilient digital environment in the country. As India accelerates its digital transformation through the Digital India initiative, the need for robust cybersecurity measures becomes paramount. The increased use of digital services and platforms creates an expanded attack surface for cybercriminals. The National Cybersecurity Strategy works in tandem with Digital India by providing the necessary guidelines and measures to ensure the security and privacy of digital services and transactions.

Moreover, Digital India aims to create a robust digital infrastructure, including broadband connectivity and digital payment systems. To ensure the reliability and security of this infrastructure, cybersecurity measures are essential. The National Cybersecurity Strategy helps in establishing standards and practices for securing the digital infrastructure against cyber threats and attacks. With the proliferation of digital services and platforms, the protection of personal data and privacy becomes a critical concern. The National Cybersecurity Strategy includes provisions for data protection and privacy, aligning with the principles of Digital India that emphasise the responsible use of digital technologies.

Adding to the same, both initiatives recognize the importance of enhancing cybersecurity skills and knowledge among government agencies, businesses, and citizens. Digital India’s digital literacy component complements the National Cybersecurity Strategy’s emphasis on capacity building, creating a more cyber-aware and cyber-resilient society. They even recognize the need for collaboration between government agencies, industry stakeholders, academia, and international partners. Together, they foster an ecosystem where different entities work together to address digital challenges, share threat intelligence, and develop cybersecurity solutions.

All in all we can say while Digital India focuses on digital empowerment and infrastructure, the National Cybersecurity Strategy focuses on cybersecurity policy, measures, and collaboration to safeguard the digital transformation.

References:

1. National Cyber Security Strategy: National Cyber Security Strategy

2. AICTE Cyber Security: Cyber Security | Government of India, All India Council for Technical Education

3. Cyber Crime Portal – Government of India: Cybercrime

4. Digital India: Digital India

5. Department of Information Technology & Communication – Government of India: Digital India Corporation

6. Digital India – MyGov: 6 Years of Digital India

Harshaa Kawatra is Research intern, IMPRI.

Acknowledgement: The author would like to thank Samprikta Banerjee, Narayani Bhatnagar, Mansi Garg and Nikita Bhardwaj for their kind comments and suggestions to improve the article.

Disclaimer: All views expressed in the article belong solely to the author and not necessarily to the organization. 

This article was posted by Mansi Garg, a research intern at IMPRI.

Also read at IMPRI:

A New Digital Revolution in India: Last Week in India | W35 2021

Analysis with Incorrect Data Poses Problems