In this high tech digital environment maintaining adequate cyber security parameters is essential and an excellent move to safeguard IT infrastructure of the organization. Government of India working closly to deal with cyber security issues, many initiatives like CERT-In, NCIIPC, website and application audits, crisis management plan, regular training and PDP bill etc are in place and ready to tackle any security issues. Advance technologies and digital transformation advancing departments and systems but the other hand cybercriminals with advanced technologies and with more complex methods continuously looking at any vulnerabilities to get access into the system.
The threats associated with technology is not just for business but also for government authorities. Cyber security initiatives by government of India are in right move to create and maintain a secure cyber environment. It is continuously working to strengthen cyber defense strategy in collaboration with technology and Cyber security firms.
Following are the major cyber security initiatives by the Government of India to maintain cyber security, to mitigate the risks and to tackle any cyber threats.
1. Indian Computer Emergency response Team (CERT-In)
CERT-In, a national nodal agency for the emergency response of any type of cyber security breaches or attacks or any cyber security-related incidents. Departments and organizations must inform CERT-In immidiatly incase of any cybersecurity attacks or any issue related to cybersecurity. CERT-In also issues cybersecurity advisory and guidelines to tackle any risk and threats. In September 2019 CERT-In informed about the Necurs malware and also advisory on fake income tax calculator.
2. National Critical Information Infrastructure Protection Centre (NCIIPC)
NCIIPC was founded in 2014 with main aims to defend critical information infrastructure and to minimize risk and vulnerabilities. The NCIIPC organization created under section 70A of IT ACT 2000.
3. Guidelines for Organizations CISOs.
In the wake to recent cyber attacks, Ministry of Electronics and Information Technology (MeitY) has issues guidelines for the organization’s chief information security officers (CISOs) to make sure they are following best cyber security practices.
4. Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre)
Scan, detect and clean any botnet malware infections, Government of India under MeitY launched Cyber Swatchta Kendra initiative to maintain cybersecurity and safe cyber environment. It works for mobile and computer devices, Its has tools like- M-Kavach, AppSamwid, USB Pratirodh, and Botnets. To detect and remove malware one needs to download the bot malware removal tool from the official website offered by Quickheal.
5. Regular Audit of Government Websites
To make sure there is no malicious files or any hidden virus injected into website files or in application files, MeitY has asked to audit entire website before uploading it to the main server, thereafter conduct regular audit after an interval. Government of India’s initiative to audit department website on regular basis will mitigate the cyber security disturbances. To complete the website and application audit task done, many Cyber security firms have been impaneled with government of India.
6. Crisis Management Plan
To counter any cyber attacks and to mitigate cyber risk, the Government of India has formed Crisis Management Plan. Ministries, Center and state departments will implement crisis management plans in critical sectors.
7. Regular Training Programs
Tech is changing daily so the cybercriminals to are upgrading the attacking methods with advanced technologies. Cyber security administrators need to be updated about the latest advancement, and security trends. It is very necessary to regularly upgrade your skills and knowledge, The government of India has announced to conduct regular training programs for CISOs, Network and system administrators to deal with advanced cyber security threats.
8. Personal Data Protection Bill
In this digital age, where every website, mobile apps seek permission to store your information on their server whether they store data within India or abroad, how critical is this? How can I trust them?, whether it is for ads or data analysis whatever. The Personal Data Protection Bill draft 2019 proposes to store personal data within India only, it can not possess abroad without approval of Data Protection Agency, critical data can not go abroad.
The Personal Data Protection Bill 19, proposes heavy penalties for any violation, INR 5 crores for a minor violation and INR 15 crores for serious violation and organization executives can also face a jail term.