Cyber security to Cyber strategy

Plans and implementation

India’s National Security Council Secretariat (NSCS) has announced a roadmap of action on the cyber security front, involving partnership with the private sector. (See the recommendations of the joint working group and related media reports)

In an op-ed in Indian Express I make two sets of arguments. The first set points out that the government has realised that it needs expertise from outside its cloisters to address contemporary policy challenges and must reform itself in order to be able to use it.

The second set distinguishes three aspects of information policy in the geo-strategic and national security context: cyber security, addressing physical threats that emerge from cyber space and finally cyber-strategy. Much of the emphasis in the government’s plan is on the first of the three. It ought to place adequate emphasis on the other two. Without debating and evolving a new balance on the bounds of government in cyberspace, it will be difficult to manage the threats that emerge from it. Without investing in intellectual inquiry into the fundamentals of cyber conflicts, it will be difficult to shape a cyber strategy that protects and promotes India’s national interests in the international arena. Also, India ought to be wary of both premature and delayed militarisation of cyber strategy. You can read the whole essay here.

Subimal Bhattacharjee’s op-ed in Mint presents another perspective. Mr Bhattacharjee argues that while institutionalising cyber security management in a joint working group under the NSCS is a good thing “the key point is the cohesive functioning of the permanent JWG and the implementation of these recommendations.”

Related Link: My Takshashila colleagues, Srijith Nair & Rohan Joshi responded to the draft national cyber security policy in May 2011.