New Delhi: Government has taken a number of legislative, technical and institutional measures for addressing issues related to cybersecurity. These include National Cyber Security policy (2013), enactment of Information Technology (IT) Act, 2000 and setting up of Indian Computer Emergency Response Team (CERT-In). Some specific measures taken by the Government of India to strengthen cybersecurity system in the country are as under:
- National Cyber Security Coordinator (NCSC) under National Security Council Secretariat (NSCS) coordinates with different agencies at the national level for cybersecurity matters.
- Information Technology Act, 2000 was enacted to provide legal recognition for electronic communication, electronic commerce and cyber crimes etc. IT Act has deterrent provisions to deal with cyber threats and cyber attacks.
- The Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding the latest cyber threats and countermeasures on regular basis.
(iv) National Critical Information Infrastructure Protection Centre (NCIIPC) has been established for the protection of critical information infrastructure in the country.
- Cybersecurity exercises are being conducted regularly to enable assessment of preparedness of organizations in Government and critical sectors.
(vi) Guidelines have been issued for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications/infrastructure and compliance.
- Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for the detection of malicious programs and provide free tools to remove the same.
- National Cyber Coordination Centre (NCCC) has set up to generate necessary situational awareness of existing and potential cybersecurity threats and enable timely information sharing for proactive, preventive and protective actions by individual entities.
- All the new government websites and applications are audited prior to their hosting and on regular basis after hosting.
- CERT-In conducts regular training programmes for network/system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber attacks.
- Under Cyber Crime Prevention for Women and Children (CCPWC) Scheme, Government of India has released grants to States/UTs including Andhra Pradesh for setting up of a Cyber Forensic cum Training Laboratory and organizing capacity building programme on cyber awareness and cybercrime investigation. Rs. 4.42 Crore has been released to Andhra Pradesh for the purpose.
- A Division has been established under the Ministry of Home Affairs to deal with Cyber and Information Security.
The Indian Computer Emergency Response Team (CERT-In) has entered into Memorandum of Understanding (MoU) with its overseas counterpart agencies/Computer Emergency Response Teams (CERTs) for information exchange and collaboration for cybersecurity incident response.